Is Crypto Solely for Criminals? 179
deran9ed writes: "Interesting outlook from an article on IDG detailing the use of encryption, and the negative campaigns against it. "When the Feds -- be they CIA, FBI, NSA, or Treasury Department -- discuss crypto, they make it sound as if anyone using it must be a child pornographer, drug smuggler, or terrorist." I wonder if the government feels the same about corporations encrypting their business plans in order to avoid having them stolen. Here's the article." The author has a point. SSL and SSH (or whatever it's called now) are widely used. But how many people routinely encrypt their email?
Crypto for Bad boys only... My opinon (Score:1)
Khelben H. Vasq
I know I know "Bad LICH back to your Floor Boards"
Re:I don't get it (Score:1)
Internet or no internet you are just one step away from being proclaimed guilty in the states...
Re:If crypto is outlawed... (Score:1)
Wow, you must have a stressful life. What do you have to do, beat the suitors off with a stick?
Re:Meet me at the movies at 8:00 (Score:2)
Re:Crypto convenience (Score:1)
Re:Routine encryption of email (Score:2)
However, you can configure Notes to use a custom NT Gina to cache your NT password and use it to authenticate to Notes. This probably isn't as secure - particularlly because NT4 doesn't use a very strong hash to store passwords - but users hate having different passwords, so there you go.
If you encrypt or sign a message, it's automatically decrypted by other clients and verified. The sysadmin does not have direct access to the message, but likely has an archived copy of your ID with a known password, so he/she can impersonate you and get the message.
The sysadmin can also force all mail to be encrypted, or even force all RPC calls to the server to be encrypted (you can also force this for your client).
Notes encryption works very similarily to SMIME or PGP, uses strong RSA, and is generally considered to be good stuff. The problem is that all the mechanisms are proprietary, so it doesn't integrate well with other systems (such as Internet mail). This is mainly due to the fact that their infrastructure was put in the 1980s, so it predates things like SMIME by than 10 years or more.
Note that the huge deployed base of Notes in large corporations would make any government key recovery or storage plan a little problematic...
--
sorry :( (Score:1)
Ack! Looks like you are right, the Mac version is way behind and no longer linked. This post [tu-graz.ac.at] explains it, sort of. Looks like Dave ran into some problems doing the port quite awhile back, since he relies on Novell libraries, and Novell quit supporting Macs. From the date of the post one might deduce that the problems proved insurmountable, or at least more trouble than he thought it was worth.
Not being a Mac user I remained blissfully ignorant of this till now. Sorry :(
"That old saw about the early bird just goes to show that the worm should have stayed in bed."
Re:Too bad some idiot thought your stuff was funny (Score:1)
If you are trying to hide something from management, the smart thing is to use your home computer with your home e-mail account and your home encryption key. Either that, or use Hushmail, but some outfits might bust you for that too.
--
Re:As an experiment... (Score:1)
Lower storage costs and less network traffic are dependent upon how you encrypt. If you do a plain old encrypt a file and send it as an attachment, the file will be a little smaller (just zipping the file can get it smaller than that). But, if you do ascii ciphertext it will take 761 characters (not including PGP declarations) with a 2048/1024 DH-DSS bit key just to say 'hello'.
Depending on how they were encrypting, the mail admins may have been justified in reducing the load on their servers.Wrong. (Score:2)
What do you have to do to get "one click" encryption through the CA route? You have to send $50 off to some place. You have to send photocopies of your driver's license and passport. You have to go through an out-of-band verification process. You get your certificate. You have to set up your email client to use your certificate (and most of them have the most annoyingly vague documentation on how to do it).
Then you can click on "Encrypt"... but a passphrase dialog still pops up.
Going the Verisign/CA route is no easier than going the PGP route. In fact, it's probably considerably more difficult. I've been using PGP for years, but I've never bothered with getting a Verisign certificate. It's simply too much inconvenience and too much hassle.
Its not users (Score:1)
The problem to me seems more like this takes place in an industry that hasn't embraced hardware encryption for LANs let alone encryption for casual email. Once we show "dumb users" that the internet can be made a lot safer vendors will be making crypto products with hushmail like usability regradless of the government's anti-crypto chilling effect.
Re:I routinely encrypt my e-mail (Score:1)
--
PGP and mailing lists (Score:4)
Any mailing list which is open to the public gets no benefit from encryption. Any mailing list which is closed only gets minimal benefit; the security of a message drops to the square of the recipients. If your intent is merely to protect mailing list data from casual eavesdropping along the way, though, here's a scheme.
1. Joining the list is done through the typical process, but a public key is given to the server as part of the process. (Out-of-band verification, etc., is assumed and won't be covered here.)
2. Whenever someone posts to the list, they sign the message and encrypt it with the server's public key.
3. When the server gets a message, it decrypts the message. It now has plaintext + signature. After verifying the signature, it sends the message out to each listmember, encrypting it for their specific key.
4. When a client gets a message, it decrypts-and-verifies that it came from the listserver. It then verifies that it came from the original sender.
... Note that this scheme is horribly naieve and is extremely vulnerable to attack. It also doesn't solve the key management issue; but instead of every listmember needing every listmember's key and all the assorted key management that entails, the burden is shifted entirely to the server.
It's a simpler scheme than every participant encrypting for every other participant's key, and simpler schemes tend to be more robust and secure. That doesn't mean that this scheme is robust and secure.
As I said, encrypting mailing lists has a large what's-the-point factor. There are so many ways to attack a mailing list that I doubt one could be secured.
Re:Crypto convenience (Score:1)
if all my icq contacts would use it. Too bad
the learning curve for pgp is still steep for
newbies after all these years.
Re:keeping it private (Score:3)
Why the fuck would a government impersonate it's citizens????
Why the fuck a government attempt to screw it's citizens (unless, of course, it's been totally subverted) ???? And why citizens instead of ranting about that would actually do something about it, like vote them out of office????
Why those incredible assaults come from countries where individual rights are paramount???? France doesn't have as high a reputation for individual rights as anglo-saxon countries, yet there are no widespread perception of wholesale government spying on and impersonating their citizens!!!!
Must be some collective neurosis...
--
Re:Automatic (Score:1)
I once tried to make some home-made certificate with OpenSSL, but it's really complicated and not very compatible with Outlook Express... until someone makes a "point and click" certificate generator for Win32, SMIME will never take off.
Routine encryption of email (Score:2)
As much as I hate Lotus Notes, I do have to give it credit in one regard: Notes can be configured to encrypt mail by default. Within the large corporation I work for, every piece of intracompany email is encrypted.
Feds want to hog the crypto to themselves (Score:2)
"When the Feds -- be they CIA, FBI, NSA, or Treasury Department -- discuss crypto, they make it sound as if anyone using it must be a child pornographer, drug smuggler, or terrorist."
Edsfay areway ealousjay ofway ourway yptocray. Eythay antway otay oghay itway allway otay emselvesthay.
Re:Automatic (Score:2)
I run exim [exim.org] at work as our SMTP server. It supports TLS for using ssl when sending and receiving (if it converses with a mail client or other server that supports it).
I've educated the users about ticking the ssl option on their email clients, so emails are automatically encrypted at least to our mail server, and sometimes on the next hop too (I have spotted in the logs a few other servers talking via ssl to us).
This doesn't give you the same benefits of encrypting the message before you send. The mail is unencrypted when in the mail spool, there's no guarantee the hops'll all be encrypted, but it's a start at least - and if more servers do bring TLS facilities online, then you'll get encryption happening automatically without the users having to worry about it.
Re:As an experiment... (Score:1)
Canada vs. US (Score:3)
Passive Privacy System (Score:2)
PPS is a propposed way of getting everyone to exchange public keys and passivlely encrypt email without a) burdoning the average user with the details of cryptography or b) providing enough impact on the average non-PPS user to matter.
It requires a great deal of work, both on the spec side and the coding side to come up with plugins for MUAs. But, in the end I think that the world will benefit from the resulting increase in passive key exchange and encryption.
Please, feel free to send mail about PPS to me [mailto].
Thanks.
Re:Wrong. (Score:2)
Re:Problems with Encrypting Email (Score:1)
visit 3 notary publics is a bit of a stretch though. I can't imagine any normal email user
going out of thier way to do this.
Re:Problems with Encrypting Email (Score:3)
I would also add that if I want to encrypt email, all my friends have to as well (if I'm very strict about it).
Also, could we not put in a header in the mail to direct you to a server to get the public key?
Woz
Re:Crypto convenience (Score:1)
How about instant messages? I don't know anything on this, but can say aol read your aol ims?
As I recall, all the major messaging services (AIM,MSN,Yahoo) except one (ICQ) go through the server, therefore they should have no problem reading them.
Or how about the next step, could you encypt your instant messages? just wondering
A friend and I used PGPNet, a free handy-dandy addon to PGP (comes with, actually), and we achieved something along these lines with ICQ on Win95/98.
By setting up our PGPNet sessions, me on my cable, to his dial-up subnets, and him on his dialup to my cable IP, and then sending a few ICQ messages back and forth, we eventually managed to get a PGPNet connection established.
I can't guarantee that it was encrypting our messages (there aren't many ports of TCPdump to Windows), but what I DO know is that our ICQ messages were a lot more reliable. They used to take from 5-50 seconds to send, and sometimes would fail to send entirely, or get lost en route. After PGPNet said 'Connection Established', however, they sent almost instantaneously, and with 100% reliability. File transfers, chats, and everything worked admirably.
What I've been looking for, however, is a way to automatically encrypt any communications between two IPs, rather like PGPNet does, except for Linux. stunnel does something similar, but you really have to set it up beforehand, per-service, and it's rather annoying.
~Sentry21~
Re:Crypto convenience (Score:1)
hmmm (Score:1)
Here's why. (Score:4)
Simply knowing that a message is important can often be all the help an attacker needs. This is called "traffic analysis" (analyzing patterns in who talks to whom about what, whether the conversations are normal or priority traffic, etc).
By routinely encrypting all your traffic, that denies an attacker the ability to say "... hey, encrypted traffic is coming down the wire; something's up."
encryption is... (Score:1)
Re:As an experiment... (Score:2)
--
You're brave... (Score:2)
This would be like taking every word you ever said, taping it, and handing it over the the government. There it's put on permanent public display, for anyone and everyone to use against you whenver they need to.
What with everyone suing everyone nowadays, I wouldn't want to flame someone on Usenet, and then be sued for a few million dollars because I digitally signed it. Oops, made their case easier!
I think signing is great in the few places where it's necessary, but that's rare. You don't put your signature on every single word you speak; why would you want to do differently for digital communications?
I don't get it (Score:5)
--
Re:keeping it private (Score:1)
I've heard this statement over and over, and while I advocate encryption even in e-mail, my common sense tells me that this analogy is extremely flawed. I don't fear that my postman will read this card for two reasons
Putting the stuff in a letter so the government won't read it, makes no sense either, for they have the right tools. So the only reason to write a letter is, so the people living with the person won't read it. Of course, they can always rip the letter open and invent some excuse. Shouldn't happen to often though.
However, a letter is always more personal and you can simply write more than on a postcard. :)
My favorite passtime (Score:1)
Why would i encrypt my e-mail always. (Score:2)
Realisticly, there's no reason to encrypt a message asking if a co-worker goes to lunch. The business plan for the next year though is a different storry.
MPM
Re:keeping it private (Score:2)
There's two ways of looking at this one is to retort "Why should a democratically elected government be so afraid of its citizens?" If those citizens are so incompetent and dangerous that they shouldn't be allowed to have cryptography, what in hell are they doing with the power to elect the government? The fact that the government is trying to take away something that's useful to its citizens is sufficient reason to be nervous about its intentions and willingness to be responsive to electors.
The other side is that citizen paranoia is exactly why the governments are trustworthy. The citizens are always on the lookout for anything suspicious that the government is trying to do- which is their job as voters, I'll point out- and quick to criticize it. That acts as a substantial brake on the government doing anything terribly effective to take away the rights of its citizens. It's countries where people have long had a more accepting view of government as protector and not in need of supervision that government abuse is rampant.
Email Always Encrypted (Score:5)
Re:Automatic (Score:1)
"huhuhuhh, go away. we're like closed or something"
Encryption is a double-edged sword (Score:1)
Now, option 1 is probably what most of us are doing at this point but it's going to come back and bite us in the ass one of these days. Crackers are probably more than happy to expand their reach on your chewy internal network after they've penetrated your firewall and IDS by coming in via an SSH exploit or an Apache/SSL exploit. Option 2 becomes a major inconvenience to the users and you're still relying on even these authenticated encrypted users not to do anything that goes against your security policies. So what does that leave us with? We're between a rock and a hard place. We would need to move IDS onto all the servers as well.
Crypto convenience (Score:3)
Perhaps you're smarter than I am, but every _transparent_ method of key verification I can think of is foiled by someone in control of your link to the outside world. In order to keep this from compromising your security, you'd need a different verification method. This would require, for instance, Alice calling Betsy over the telephone and having her read back her encryption key's fingerprint, and comparing it with the key she got over the net. This isn't something a casual computer user is willing to do regularly in order to check his security.
Do they? (Score:1)
Have you?
But I have seen allot of statements about worries about criminals using crypto software from government organisations.
In the end the problem is that the police has had the possibility to tap phone wires etc to hunt down criminals like pedofiles and drug lords and those possibilities fades away with the arrival of better technology. In the end this means more drugs and child abusers in the world.
Of cause there is always the issue of personal integrity but I doubt anyone would suggest that those crimes aren't important to fight or don't you care about your children's future?
There are two sides of this coin.
For those of you who employ Junkbuster (Score:2)
Re:keeping it private (Score:2)
What I mean is, envelopes aren't the most protective of barriers for the ingegrity of our letters, but it suits the purpose for general mail. I don't hear of many drug lords sending kilos of heroine in an envelope (and if they do, then they should be prosecuted to the fullest extent of the law on the principle of being a dumb-ass-at-large alone). If goverments think that sending email with a not-so-heavy-encryption is a sign of wrong doing than envelopes should give off the same feeling.
If people were given the opprotunity to know that they could send messages with a low-level encryption, I seriously doubt it would do the unlawful abiding citizens any good to use it as well. There has to be some sort of privacy granted to the people that use it for that sake of it, as opposed to those who just want to cover their tracks. Instead of taking rights away from people, goverments should be trying to make sure that there are ways to protect ourselves (which, they say, this is all about anyhow, right?). If I could be guaranteed that my email sent using PGP was safe enough to fly across this vaste open network of computers and be safe from prying eyes, as well as the prying eyes of the goverment, I would be pretty darn content. I mean, that is the same feeling one gets when they drop a letter into the mail box, right?
Something else to think of is that, if one were to play the devil's advocate, and believe that all of this controversy was the goverments trying to keep the law abiding citizens safe, than it really shouldn't matter. That is, unless it's in the case of one of the other posters that used encryption to send root passwds. I think back to the story [slashdot.org] about the U.S.P.S. and what they would and wouldn't send. More specifically the fact that they opened up a package because the weight seemed ill-proportioned to the size of the package (it was a brick wrapped in gift-wrap). If the anaology of the envelope would hold true, than doesn't the same for encryption?
I'm not saying that I agree with invasion of privacy for the sake of it, but, if you're really not doing anything that's wrong, why worry about it? Maybe people have to stop watching Conspiracy Theory and actually do something to help goverments embrace encrytion for the rights of citizens.
Re:Why encrypt always? To legitimise privacy. (Score:2)
I encrypt email when I can, partly because it doesn't matter and there is nothing special in the email - call me an asshole, but I feel that as long as crypto is only used for things that people want kept secret, it's use will remain a red flaq to privacy and rights abusing agencies and the like.
I find it morally offensive that putting your email in an envelope should tag you for "special treatment", and I suspect the only way to make the use of envelopes acceptable is for them to be in everyday use as a matter of habit, much like the extra hassle we go to in sealing our smail-mail letters in envelopes. It's interesting - we're so used to the envelope proceedure IRL, that it doesn't seem like it takes any extra effort, and yet the biggest reason I haven't written anyone a personal snail-mail letter for probably a year now is that e-mail is so much quicker, largely because I don't have to mess around with envelopes and the like. Bit of a double standard for me to complain about the CTRL-C, ALT-CTRL-E, Passphrase, CTRL-V key sequence needed to encrypt my email then!
Re:Wrong. (Score:2)
You could write a frontend to GPG that would use something like an external hardware key that contained a passphrase, but isn't that just overkill?
--
Re:keeping it private (Score:3)
Ok, I can't be bothered explaining this all in detail, so I'll be brief and over-simplify. Apologies for any innacuracies that result.
In the Real World, the government is elected, but it is not the government that does the dirty work. It's the various secret agencies charged with protecting National Interests (and any dirty laundry the government would prefer the voters not know about
Now the people who work in these agencies are NOT elected, and do not lose their jobs every time a government changes. They live in a world where secrecy is paramount, everyone is hiding something, and spies regularly turn up where you least expect them. The culture and atmosphere inside such an isolated group whose duty is to be paranoid, can get _very_ fucked up. (eg, such isolation that at least one agent thought that people who wore jeans were potential subversives.)
An example closer to (my) home: A person who campaigned against the New Right Economic theories (which were held to be completely above question at the time) had his house invaded by the SIS. Only by accident did he have any reason to suspect it was not a normal burglary, and only by several court trails did he even manage to get the SIS to cease their denials and admit they did it. Another man here was placed under survelience for 12 years (ending in a house search for spurious reasons) because he has writen some articles for a peace magazine. Back then, "peace" meant people who didn't like nuclear weapons, and surely the only people who could possibly have any reason to dislike nukes would be the commies. Ergo peace campaigners were the Red Commie Threat. And they were treated as such, dispite of their civil rights to free thought, speech, and association. (Only Decent Folk should have rights. It's ok to violate a Crim's rights in order to catch them and thus make society safer). So they had their rights abused regularly by enforcement agencies as a result. Nothing to do with the government, (though the government, like much of the public, would have had very little sympathy and considerable suspicion for such "peace" advocates.) People who were NOT criminal, but people who disagreed with the ideology of the day (and the twisted ideology of the agencies). That, and the fact that there is virtually always no recourse and no justice, is what is so scary.
In other words, the reason people are paranoid is because misdirected uses and abuses of power happen and happen regularly. If you know people who campaign on issues, or who are in activist circles, or who are protestors for a cause, then finding first-hand accounts of such abuses is unlikely to be difficult - agency activities are not even remotely as exotic as they seem to most citizens. And that's a huge part of the problem - the idiotically niave "Haha, she's obviously got an inflated sense of self importance to think the secret service is interested in her", thus denying victims even recognition of their injustice, and replacing sympathy with scorn.
It's a real problem, and if you can't be bothered contacting people who have been injustly targeted by agencies, at the very least do not scoff about it.
As to your questions, even the democratically elected governments have great restrictions on the information they can get on the activities of certain agencies, and more to the point, it's in both parties interests that the difficult questions simply don't get asked. So they don't.
Re:I don't get it (Score:2)
Always? You mean in British derived legal systems since the 18th century. That hardly qualifies as "always".
Re:Actually the NSA knows... (Score:2)
From time to time I have heard about cases where law enforcement tapped some poor sap's lines, and gave the encrypted stuff they found to the NSA, who forwarded back the plaintext after a couple of years. I've never heard whether these were "strong" algorithms being crypanalyzed or exploits on other parts of the cryptosystem.
If you "the NSA can factor quickly" folks have any evidence, please let the rest of the world know! After all, it's not too late to abandon RSA. Factoring may, but doesn't necessarily, solve discrete logs, so DSA/ElGamal encryption might still be safe. If not, elliptic curves or some such might work.
Too bad some idiot thought your stuff was funny (Score:2)
I suspect that if I tried to use encryption at the office and ran pgp on my desktop, I'd be frog-marched right out the door before being flipped into the ditch. In the military, I'd be shot.
The problem with encryption is one of control. I can't encrypt anything but I can request that it be reviewed and encrypted before being sent. Likewise, if I get encrypted email, it has to be decrypted on the server and reviewed before I get it.
Its not my server. Its the corporations.
If I have something to say, I always remember that its going out in clear text on an unsecured channel, or its going to be reviewed, and that anything I put down will come back to haunt me.
Solution Re:Automatic (Score:2)
Pegasus Mail [pmail.com] does this. By default it uses the built-in encryptor, a variant of the old crypt program, to encrypt the message with the passphrase you give it, but it also has a documented interface for third parties to add decryption modules. The QDPGP plugin [wow.net] handles PGP. It's pretty damn slick.
Pegasus has been around a long time, it's free-beer, and it's by far the best email program around IMHOP. Very regularly I hear or read someone wanting their email program to do this or that, and almost always pmail does it already. The only good reason not to use it is it doesn't run on linux. If you use windows, dos, or mac, I really can't see why anyone would use anything else. And the Linux port [pmail.com] might materialise soon.
"That old saw about the early bird just goes to show that the worm should have stayed in bed."
Re:I routinely encrypt my e-mail (Score:2)
They have no idea what's in it, but more importantly, neither does the NSA!
Actually, this is a very important way to help keep your mail secure. If I send one piece of e-mail to a friend, that one message can be "cracked" with enough effort - the NSA will run it through some dedicated hardware or whatever.
Alternatively, I send you ten messages, all about the same size. We've agreed on the algorithm already, and I have your public key. So, I send you one encrypted message, and nine chunks of /dev/random. You just decrypt all ten; nine fail, and you delete them, the other is the message. The NSA, meanwhile, have ten message to brute-force instead of one - which makes their lives ten times harder.
Better still, I send ten messages, all encrypted with keys of yours - nine of which are just junk. Again, this makes life much harder for those trying to crack your messages...
Re:I routinely encrypt my e-mail (Score:2)
The problem with this is that you can't have a secure, knowledge-free cryptosystem. The short of it is that in order to securely communicate, the system has to authenticate the receiving end. This can only happen if the sender and receiver share some secret; otherwise, there is no way to prevent man-in-the-middle attacks, or even outright impersonation.
This means you cannot have a system where not even the sender knows the cert/passphrase/whatever -- because then there is fundamentally no way to distinguish between the supposed sender or receiver, and an imposter.
Re:Problems with Encrypting Email (Score:2)
Personally, I don't encrypt my email because I don't send anything sensitive. If I did though, the $14.95 wouldn't kill me (especially since my OS, browser, and all my apps are free).
Re:Wrong. (Score:2)
Yes, Einstein. I'm very glad you understand that passphrases are there to protect secrets. That's also not the point.
The point is, 95% of all users can't be bothered to
- Choose a good entropic passphrase
- Remember a good entropic passphrase
- Enter the passphrase each time they want to do crypto operations
... What you wind up with are users saying "well, I'll just have PGP cache my password indefinitely" at best, or "Man! They expect me to remember another password? Forget this software. I have too many passwords to remember already, much less a passphrase."When it comes to computer security, crypto is only about five percent of the solution. The other ninety-five percent of the problem domain is filled with human problems, like
- How do we get people to use crypto?
- How can we make crypto transparent for normal users?
- How can we surmount the problem of user apathy?
- How do we protect against social engineering attacks?
- How do we protect against human stupidity?
- How do we implement this neat security solution without stepping on Yoyodyne Inc.'s overly-broad patent?
- How do we protect against legal attacks, not just computer and cryptanalytic ones?
... As you can imagine, the problem domain is a mess. While I commend your exuberance, please remember that for ninety-five percent of the world, remembering a crypto passphrase is one more headache they don't want to deal with--so they simply won't use crypto, and thus avoid that headache.Encrypt? (Score:2)
I don't, but that's because I feel I have absolutely nothing to hide. Porn, unsettling comments about George Bush, comments about professors on the school's mail server, etc: if I can't take responsiblity for what I view and say, why do it in the first place?
I agree that encryption should be around for those want it, and without it the average Joe will automatically lose to the "man". But do I think that encryption is primarily used by people causing trouble? Well... yes. It's hard to argue logistically otherwise (unless you're going to bring up freedom fighters in some third world country, in which case I would agree you have a point). But if average Joe is using encryption, you've got to understand that someone out there is going to ask "Why? What's he sending that's so important?"
Re:If crypto is outlawed... (Score:2)
Shouldn't that be:
if the competition, or my wife, gets a hold of them, im screwed.
;)
Re:keeping it private (Score:3)
Yeah, not for at least a hundred years! Ok, 75. No? Would you believe 50? Ok, 50.
Sheesh, I know lots of people who are older than that. I hope to be older than that somebody, myself, and without having to live through my goverment spying on and/or impersonating me as they might well have done 50 years ago.
Re:I sign more than I encrypt. (Score:2)
Of course. But that's not the main point of encrypting email. The point is to prevent the vacuum-cleaner approach, which the intelligence community is quite fond of. Plaintext email is begging for something like Carnivore.
Pretty much all countries have been intercepting telegrams that cross their borders ever since telegraphy existed. The explosion of personal/commercial email must look like a bonanza to these folks. Vastly more grist for their mill.
The danger is not that government can intercept your communications - they've always been able to. The danger is that it's so much cheaper and easier to intercept, enabling massive programs of pattern matching and neural net scanning.
Actually the NSA knows... (Score:2)
Re:Crypto convenience (Score:2)
You're right, but even a transparent system vulnerable to MITM is still better than nothing. I'de rather have Big Brother watching everything I say, than have everyone (including Big Brother) in on it.
And for when privacy is really important, or if it's with a party that you talk a lot (e.g. your friends), then you can always transfer your keys some other way. The nice thing about this, is that if Big Brother is in the habit of routinely MITM attacking people, then once you have secure keys and he tries to MITM you, you'll see that things don't match up right (they key you got from some server ain't the same as the key that you already have and know is correct), and he'll be caught. That would be a hell of an eye-opener and a good news story.
---
Problems with Encrypting Email (Score:5)
- Crypto software is hard to use.
- Public-key infrastructure is still mostly a myth.
- Crypto requires learning.
... Those reasons are the big ones for why more email isn't encrypted. 95% of the population lacks the technical skill to use encrypted email, and 95% of the population doesn't recognize the need to encrypt mail anyway.Before anyone even thinks of refuting this one, think about this: anything that requires more technical know-how than Outlook Express or Eudora is automatically going to fail in the marketplace. Why? Because 95% of the market finds their own technological skills tapped out at the level of using Outlook Express for basic email, to say nothing of doing something as advanced as (gasp) installing a crypto plug-in.
As long as crypto software has any kind of significant learning curve, crypto software is not going to be widely-used. SSH is widely-used today, mostly because for casual use it's indistinguishable from telnet--the sysadmin (who has tech savvy) takes care of key management and the users just have to be told "type ssh instead of telnet".
For all the millions which have been invested in PKI, it's mostly a crapshoot. The typical user still doesn't have a bat's chance in hell of using a public-key infrastructure properly. If Joe User wants to encrypt a message for John User, Joe doesn't know where to find John's public key, wouldn't know how to import the key even if he had it, and wouldn't know to do an out-of-band fingerprint verification before using it.
Sometime, take a look at the documentation that comes with PGP. It's pretty good, all things considered. It's also about the heftiest documentation I've ever seen for a consumer software product.
Users don't want to learn. Users think (not unreasonably) that programmers should make programs work the way the users think they should, instead of demanding that users learn the way the programmers think the program should work.
For the record, my public key is available on Slashdot. I encourage anyone who sends email to me to use it. Even without a fingerprint verification, it's better than nothing.
Re:Encryption is a double-edged sword (Score:2)
Re:keeping it private (Score:2)
A more appropriate analogy are the specially shielded and sealed envelopes that banks occasionally use to send you new PIN codes. But when was the last time you used one of those?
Re:I sign more than I encrypt. (Score:2)
The difficulty with encrypting everything at this point is that I communicate frequently with people who don't really feel inclined (at least, not yet) to get PGP or GPG; that and most of my e-mails aren't terribly confidential.
However, by signing everything, it may encourage people to find out for themselves what digital "signatures" and encryption involve after they repeatedly see "BEGIN PGP SIGNATURE" at the bottom of all my correspondence, in addition to the direct benefit of having some form of verification for e-mails.
Re:Feds want to hog the crypto to themselves (Score:3)
While I'm sure that your message is extremely interesting, informative, and thought provoking, I find that I am unable to legally decrypt it under the terms of the DMCA.
Would you please consider posting a message "in the clear" so we can all read the unprotected version, or is your message only for those who have licensed your decryption product so as to read your protected, copyrighted text? If the latter, where can we obtain such a license?
Sincerely, Jerf
Single instance, multiple recipients (Score:2)
That still doesn't explain it. A PGP mail sent to multiple recipients is IDEA-encrypted with one single session key, and the session key is RSA-encrypted in the header, once for each recipient. So there's still just one identical copy of the message sent to everyone. Storing a single instance of the message will work fine.
(Substitude IDEA/RSA with something else for newer versions of PGP.)
---
Yah... (Score:2)
Re:Encrypt? (Score:2)
The reason to encrypt "unimportant" things, is to increase the security of "important" things, so that it gets lost in the noise.
It's fine that you have nothing to hide, but some day, you might. It would be a Bad Thing if that one thing that needs hiding, happens to also be the one encrypted message that you send out of thousands.
Also, you seem to have the idea that the only party that might be listening to your "responsible" messages, is law enforcement. This is not the case. Crypto can protect you from criminals too.
Plaintext message: "Meet you for lunch across town at 12:00." Criminal's translation: "Fervent's house will be empty at 12:00."
---
Re:If crypto is outlawed... (Score:2)
Right on. Encryption is also a tool that helps prevent your information from being violated. Notice that the availabilty of weapons and training (selfdefence) are proactive. They are things you can do yourself to learn to deal with potentailly unpleasant situations. You have options other than: wait for the cops to get there (though this may still be your safest one). Encryption is a similar tool for the defence of your information... And in this day and age direct information attacks such as true name fraud (basically by collecting enough information about you to functionally impersonate you) are much more lucrative than any pick pocketing.
--locust
DON'T DO IT! (Score:2)
Decrypting the above message is a violation of the DMCA act - you will be punished! Oh yeah, and this entire message was also encrypted with binary ascii. If you're reading this, you've just broken the law again!
ALL YOUR BASE ARE BELONG TO US!
In a way... (Score:2)
So, since we're all criminals, in way anybody who uses cryptography is a criminal. But so is anybody who doesn't.
-
Re:I don't get it (Score:2)
Do you live in China? In Iran? In Afghanistan? In Zaire? In Angola?
"simpler"?
jeeesus, I'm for once speechless.
You really need to get a perspective.
FatPhil
--
Re:Problems with Encrypting Email (Score:2)
Encryption is not hard. Netscape, LookOut and LookOut express all have one-click access to e-mail encrytpion. The problem of course, is that users have to fork over $50 or so to verisign or whomever is the cheapest CA to get an e-mail encryption certificate. This is not pgp, but rather s/mime. (i believe that's what it's called) I currently have an OpenCA certificate (because they're free) but this does me no good because every install of Outlook will complain because OpenCA is not a trusted CA. (BTA, CA=Certificate Authority)
If we could get affordable (read: free) certificates to work with these clients,i believe e-mail encrytion usage would grow quickly.
Only in a Court of Law (Score:3)
Police have a hard job, but worst I think is the corrosive daily contact with criminals and their horrible acts. Without special precautions, they are sure to eventually see the world as made up of victims, perpetrators and cops [potential or actual].
A user of encryption doesn't much look like a cop, although in one way he is -- enforcing privacy and wiretap laws. A user of encryption doesn't look much like a victim, although they are potential victims of wiretap or other eavesdropping. So encryptors must be criminals.
Riddle me this, riddle me that: (Score:2)
The Republic of Ireland and Britain have widely different laws regarding crytography.
So, take it that one country makes it illegal to withold your encryption keys, even providing for jail time and fines if you 'lose' your key and can't prove that the loss genuine. That same country can have a minister or local authority, among others, issue a warrent to police to seize your encryption keys. Also, ISPs are warrented to have systems set up to intercept and decrypt e-mails.
On the other hand, the other country makes it illegal for the police to force you to give them your encryption keys. Warrents are still the realm of the justice system and e-mails are not intercepted by-in-large.
Now guess which country is which: Ireland, which garners a relatively huge amount of IT investment from across the globe, and Britain, which doesn't get as much investment as its skilled workforce, developed infrastructure and cheap(er) overheads would seem to warrent.
As most of you may know, this big difference all came about with the RIP bill in Britain which introduced a lot of these draconian measures. At the same time in Ireland, legality of electronic signatures, privacy of encryption keys etc... were being insured by new legislation.
I amn't suggesting that this difference is the sole cause of the investment in Ireland, but it doesn't hurt the matter at all. Plus it also shows the demand for the legitimate use of cyrptography by big business.
Read this(old) wired story [wired.com] for more.
8)
Re:I routinely encrypt my e-mail (Score:2)
Re:Crypto convenience (Score:2)
Wireless (Score:2)
Re:I don't get it (Score:4)
That's the problem in the UK: our beloved RIP Act reverses the burden of proof - the police can demand your encryption keys, and unless you can prove you do not have the key, you get locked up. Oh, and you aren't allowed to tell anyone else about it. You think the DMCA and UCITA are bad? At least you're allowed to tell people if you're charged with violating them!
keeping it private (Score:4)
I encrypt my email so only the recepient can read it - if the security services here in the UK want to read my email, they will use the RIP bill to get the private key and passphrase from me. At least then I'll know they are interested in me
Re:Wrong. (Score:2)
As an experiment... (Score:5)
Re:Email Always Encrypted (Score:2)
I routinely encrypt my e-mail (Score:3)
They have no idea what's in it, but more importantly, neither does the NSA!
--
Re:I don't get it (Score:2)
Even if you are hiding something, Personal Info, Address, Telephone whatever its your business. I know this seems like a hard thing to fathom for the media but as soon as something is outlawed the only people that get screwed by it are LAW-ABIDING Citizens. Criminals will still get things like crypto and guns and drugs and whatever else government thinks we should not have. The thing that makes criminals criminals is that they dont follow laws so making something illegal wont matter anything to them.
Considering all the privacy issues and things happening on the Net and the world, we NEED crypto. Since I started at my current job I used to not care about personal info and such figuring that I cant be traced and found, ERR Wrong! Having access to public and non-public databases that I am listed in several times at every address I used to live at, I reconsidered my stance. The only people that should know what you wrote is 1. YOU and 2. The Intended Person and until that day comes we need to keep striving for privacy and better encryption methods.
Lord Arathres
Re:Crypto convenience (Score:2)
Adam, a new user, generates a public key for himself and uploads it to a PGP key server. Zack, who has cracked and taken control of Adam's ISP, has set things up so all keys uploaded to or downloaded from a PGP key server are instead intercepted and replaced with keys of his own, which he can of course decrypt. From now on, anyone requesting Adam's key will get one of Zack's public keys instead.
Adam then downloads Bill's key from the key server, which is replaced by another of Zack's public keys. He encrypts an email to Bill with that public key, signs it with his private key, and sends it off.
Zack, who has also intercepted that ISP's POP and SMTP functions, intercepts the email. Since it was really his key that was used to encrypt it, he readily decrypts the email, re-encrypts it with Bill's real public key, signs it with the key he has placed on the key server under Adam's name, and sends it on his way.
Bill, receiving the email, has no reason to disbelieve that the message has been tampered with. Checking its signature with the one on file at the PGP key server shows it is genuine.
Given this sort of control, Zack can not only intercept and read all communications between Adam and Bill, he can also alter or generate completely bogus messages, and neither party would suspect unless Adam called Bill on the phone and compared key fingerprints.
The "man in the middle" attack is very powerful, and given control over DNS functions and the ability to provide altered file distributions, can be used to subvert every encrypted protocol used, including https and ssh2. If the upgrade of Netscape you just downloaded has been modified and its root security keys have been changed, you can kiss your privacy goodbye.
The article is completely outdated (Score:2)
For years many organisations use crypto tools for their tasks. And I am pretty sure that Government Agencies even partially support such use. The problem here is not the use of crypto but which crypto tools are used. Unfortunately, here Agencies do play the wrong hand. Their ideas, porposals about crypto are clearly out of sync with modern needs. They would like to see us using those tools that would ease their work. Sorry but it is pretty clear that today these same tools are just easy enough to be broken, bugged or overcome by criminals, terrorists and spies. Some can even be broken by teenagers due to some stupid design flaw or something similar. Anyway, most agencies may accept their defeat, no matter the hardships they fall in, because they have a duty in priority - secure their countries from different types of menace. So the may say some bad words about PGP, SSH and similars but still don't do a finger against them.
And I do believe that most agencies don't speak about crypto users as crooks... With exception of police forces lacking basic infrastructure and knowledge about Internet. There yes, they think they can "secure the world" for you. They look at you with such wild eyes when you say that you use crypto tools to administer the network. Yes, these ones do ask "what you wanna hide" and similar things and look at you most as a gang boss. But these people are not those who decide should crypto be used or not... First there are regulations and laws. Second the control on the use of crypto tools is mostly given not to police but to intelligence agencies. So you may say "go walk" if the guys don't understand your work.
But there is also a group of organisations that for the last years started to talk too much about crypto, hacks and open standards/sources. And speak about their supporters and users asd terrorists, crooks, pyramid makers and criminals. These organisations are the software corporations. I wouldn't be admired that the author messed things a little bit. Note that he first speaks about Zimmerman vs. Network Associates and the fact that these guys wanna hide something. And only then he speaks about the Agencies. I wouldn't be admired that N.A. started a campaign against Zimmerman and started to claim that opening everything would only help criminals and crooks. And calls to help the poor Agencies that live so badly in this hard crypto world...
Re:I don't get it (Score:2)
You'd better not ever say anything bad about anybody, or especially the State.
We wouldn't want our citizens to be unhappy, so We're outlawing 'bad' thoughts and 'bad' speech.
As long as you don't let anyone else know that you're not happy, then everyone will be happy!
--
Re:Problems with Encrypting Email (Score:3)
Actually, it is more a matter of thinking that they do not have the time to mess with it. Anything that would take an evening or two of reading and practice will usually get blown off by someone as too much time.
Let's face it, who has an evening or to do something or study something that is not a primary function of your job?
Granted, studying something to get a handle on it makes your job easier in the long run. But you have to be able to get over that first hump. Since many folks have a stimulus response association between pain and study, I wonder why they avoid it when they can.
;-)
Also, the learning curve for technolgy is made up of an awful lot of little things that the average slashdot reader considers intuitive, but which many users are lacking. Anyone who has taken a look at the Computer Stupidities pages has a catalogue of things not fully understood. Once you have finished laughing at the stories, it is an interesting exercise to go through them to a) figure out what is it that the person does not understand, what their blindspot is - and b) how to educate the person in order to handle this. This is excellent training for tech support. It blows you mind after awhile, too.
PGP hard to manage with mailing lists (Score:2)
Don't get me wrong. I am all for PGP, but this is one problem that I haven't found an elegant solution for.
I currently use PGP only for sensitive email, but I would like to be able to use it for all internal email.
Re:keeping it private (Score:2)
And the other thing is that with the USPS, you're using their employees and resources to send a package, so they should be concerned about their safety. But with an electronic message, I'm only using public areas (public networks [the internet], or maybe even sneakernet), and the government (or whomever) shouldn't be concerned with what I'm transporting because it isn't going over their lines.
--
Re:Why would i encrypt my e-mail always. (Score:3)
- encrypted traffic is easy to detect and
- ppl tend to forget about temp files which can contain an unencrypted copy.
the first point doesn't bother me until the traffic is easy to decrypt. the second point is a common occurance [even though i hate to generalise]. the only simple solution i've found is an app called evidence eliminator [for which i do not work or hold any type of equity].this program is more paranoid than me [which is a healthy sign]. my fave feature is that it does clean out your windoze 9X or NT swap files.
if you work with information which is sensitive enough to require encryption then erasing [using multiple passes and re-writes to erase] your temp files is essential to guard against your HDD being compromised.
the issue of authenticating the recieptant wasn't dealt with in this article but a link to this story - http://www.infoworld.com/articles/ca/xml/01/03/12/ 010312camentor.xml [infoworld.com] called USPS delivers a digital, signature-certified mail system dealt with how the US Postal Service is dealing with identity authentication when sending email to a US Federal Govt address.
Personally, i'd be happy if the NZ IRD [Inland Revenue Department] issued me with a personal digital ID. my employer issuing a second for work email would also be great.
If crypto is outlawed... (Score:2)
However my buisnessplans, source code, very private emails to girlfriend and secret documents, etc are very valueable to me, if the competition gets a hold of them, im screwed. So when i send them out encrypted, am i an outlaw? Hell no, i just dont want every script kiddie to get his hands on my info/passwords/documents/etc..
Crypto is about more then just hiding stuff from 'The Man', its about keeping things private from all people.
Thereby, does paying with a credit card over a SSL connection make me a criminal 'cause i dont want every script kiddie to have it ?
-- Chris Chabot
"I dont suffer from insanity, i enjoy every minute of it!"
Automatic (Score:2)
I sign more than I encrypt. (Score:2)
The function of gpg I use the most is the signature, I very rarely use the encryption functions, in fact the last time I got an encrypted e-mail was 5 months ago and it was the new root password for a system I admin.
Quite frankly if the police have a desperate need to know the root password on a server I admin, then they can have it...if they want to get in that desperatly they will anyway.
Simple fact is, if the police want into your data, they will get in eventualy...I have nothing that I desperatly need to hide, just things I would rather keep to myself. I mean, if you can't trust the police, who can you trust.
That was irony for the humourly challenge.
--
An obvious solution that's at least better.. (Score:2)
If the problem with users using crypto is that most don't know how or aren't technically savvy enough, why not abstract this from the user completely to make mail traffic (more) secure to snooping? People are under the assumption that there's nothing that can be done from the time that they hit send, and I'm not sure that's completely accurate.
What about encrypting at the SMTP level? e.g. the information is transmitted plaintext to your local outgoing mail server, but then that server relays the mail traffic in an encrypted form - to other servers to which it knows how to get the proper public key from. This isn't ideal, but it would be at least a little better. Along the same lines - when CPU power is cheap, why not encrypt at the router level, too? Why do people assume that the government has some god-given right to have the ability to snoop on my private converstations?
Along the same lines, why not integrate the encryption/identity stuff into the OS - this is harder in windows, but could more easily become a part of gnome, or whatever.
Just some thoughts.. and I encrypt work and project related stuff when I travel in case my notebook gets swiped - and I'd like to retain that right. Crypto filesystems are the ideal here, though - again, as transparent as possible.
Re:Do they? (Score:3)
See, unlike (apparently) you, I don't happen to believe that the world is filled with wave after wave of pedophiles, held back only by the heroic efforts of American law enforcement. I believe that there are a few (relative to the hundreds of millions of Internet users of the world) who are some truly sick and demented bastards -- but I don't see how giving the government the authority to limit my encryption capability is going to reduce that.
I don't happen to believe that drug lords are a bigger threat to The American Way Of Life than the War On Drugs is. The wholesale discarding of the Bill of Rights (save the 3rd Amendment) in pursuit of the goal of eliminating a product that millions of Americans have decided for themselves is morally acceptable despite being illegal is what _I_ see as a threat. No one ever worries about Cotton Cartels and the evil ill-gotten gains of the textile lords. Make drugs a legal product whose business is conducted in the light of day with FDA and IRS oversight and the drug lord billionaires will go away. And it doesn't even require encryption limits!
Lastly, terrorists. This one got a huge boost after Tim McVeigh expressed his displeasure with American policy and the destruction of TWA Flight 800. The fact that 800 was destroyed in what was most likely a highly improbable but not impossible set of coincidental circumstances has had no effect on the certainty of many Americans that somehow, Moslem Extremists were involved. After all, planes with Americans on them never have anything bad happen to them unless there's a Moslem in the picture. McVeigh's actions, on the other hand, were horrible, evil, unjustifiable, and utterly unstoppable with limits on encryption. There was face-to-face communication with his partners and the purchases, truck rentals, etc. were all done in the light of day. Reductions on _our_ freedom could not have stopped him anymore than they could have stopped the men who bombed the World Trade Center.
Ah, you say, but some terrorist groups _have_ been caught when their coded messages have been intercepted and broken. We _have_ saved lives and preserved the order and safety of our American Way Of Life.
I don't care. I really don't. The fact that expansion of police power leads to expansion of arrests is a given; the question under discussion is "To what degree are we prepared to accept limits on our freedom and our privacy in exchange for the increases in a dubious public safety?" I say None. Yes, advances in technology make law enforcement's job harder. Tough titty. My life as a free man doesn't come with conditionals that can be dialed back if John Law finds himself having a tougher time. If encryption makes the time-honored wiretap (itself a disgusting violation of privacy) obsolete, then so be it.
Responding to your concluding comment that the crimes of the Trinity aren't important to fight: they are -- but they aren't nearly as important as the continuation of freedom and privacy. If my privacy means that one more child gets used in a porno flick made by a deviant, so be it. If it means that one more kilo of cocaine sneaks into the US undetected, bravo. If if means that US-Irish are able to raise money and ship it to Northern Ireland to further a bullshit revolution that kills innocents or that the bullshit revolution comes to my own soil, I can accept that. I do accept that. I would urge you to do so as well.
Paranoia level (Score:2)
Sometimes I do care, so I'll encrypt it. A bit more hassle for the recipient, but worth the trouble. We're talking competition sensitive stuff here.
Then, if you're really concerned about interception, you should probably think about steganography. This is the art of hiding the encrypted message so that it won't be obvious that there's an encrypted message being sent. For example, you could hide your encrypted bits inside a picture or an audio file. There is software available to do this automatically. The security advantage is that the message needs to be recognized as being encrypted in the first place, which is not all that trivial.
For most of my messages, all this is way too much trouble. But I guess criminals would find this attractive...
Re:keeping it private (Score:3)
I wonder, what grounds could any government, especially one which wants digital signatures to be binding [parliament.uk], possibly have to ask for your private key and passphrase?
I could understand the utility of a bill like that if it allowed the government access to a session key for a particular message. Without giving them your private key, they would be able to decrypt that message only, and they could get the information they were after. Hell, if they wanted to, they could even ask for the key to each and every encrypted document on your computer, and there's no reason why your crypto software couldn't provide it to them.
If you have to give up your private key, though, they have automatic access to every document which has ever been encrypted to you, or will be in the future (cancelling a compromised keypair is still one of the messiest areas of cryptography, and it gets worse with every person who gets your public key). Not only that, but the government could then use that key to impersonate you, forging any document they want and digitally signing it.
I don't know of any crypto software right now which would give you access to just the session key for a particular message... or whether lawmakers would consider restricting their power in this way... are there any UK privacy advocates out there with more insights on this law? How far does it go? Could we use something like this to get a bit of privacy back?