has written a great article on stego, crypto, and the wonders of the net circa 1992 in Feed. His background with this stuff is almost exactly the same as mine, though I never actually called Tim May on the phone to talk about crypto. I did, however, cut my usenet teeth in alt.security.pgp; I was steeped in the literature of the time from people like Hakim Bey, Arthur and Marilouse Kroker (who I had the privilege of working with for 4 years), the CAE, and others; and I still dream, occasionally, about the promise of stego even if its most marketable use is for digital copyright tagging.
Macintouch has posted
a bit more on the security thing I referred to yesterday in a MacInTouch Reader Report on MSIE and Persistent Connections. It seems plausible enough to me.
Interesting development today
in the world of cryptography: RSA Security Releases RSA Encryption Algorithm into Public Domain… two weeks early. I guess they’re going after the publicity of this long-anticipated moment.
I came across
an interesting article about encryption, specifically about PKI (public key infrastructure, such as PGP). It’s entitled Cheaper techniques take on PKI, and this quote is telling: “As the world has moved toward lighter-weight computing, PKI is becoming a tougher sell.”
PKI has always been a tough sell – it’s hard to imagine it being tougher. Regardless it’s an interesting update to the discussion, especially considering that one of the basic tenets of encryption states that security through obscurity is no security at all – and that’s just what it seems some of the newer systems mentioned seem to rely upon.
One thing is clear – if people want the privacy and security they say they do, then some encryption scheme will have to become commonplace. Equally clear – PGP isn’t currently seen as a viable option by general internet users, nor is a system like Freedom (from ZKS) catching on – they’ve reportedly had trouble selling it directly to end users.
Web Networks’
highly-coveted domain – web.net – was hijacked the other day by an unknown person who sent an unauthorized change of information email to Network Solutions, which they promply executed without following proper procedures. So an innovative, old-guard non-profit internet host who works extensively with other non-profits, charities, and is a member of the Association for Progressive Communications, was left high and dry for a few DAYS – as were their clients.
I bet Network Solutions makes excuses rather than apologizing. I wonder when they’re going to realize that this isn’t just a game, this is people’s livelihoods, their vision of the future, their business. A bank doesn’t start sending my statements to someone else without a lot of information and confirmation. I wonder why Netsol thinks they should offer any less security?
