Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Interview With Jon Callas of PGP Corp 18

LogError writes "Jon Callas, one of the co-founders of the new PGP Corporation, is an innovator and an acknowledged expert in all major aspects of contemporary business security, including cryptography, operating system security, public key infrastructure, and intellectual property rights. Read the interview at Help Net Security."
This discussion has been archived. No new comments can be posted.

Interview With Jon Callas of PGP Corp

Comments Filter:
  • Intersting read (Score:4, Insightful)

    by einhverfr ( 238914 ) <chris.traversNO@SPAMgmail.com> on Friday October 04, 2002 @06:40PM (#4390973) Homepage Journal
    I might be the first poster here (not sure why) but--
    from the article:
    We haven't quite worked out the details of PGP's open source license, but here are the goals I have, pending language:

    If you have a legally obtained copy of PGP, then you read, compile, modify, hack, etc. the source for that type of PGP you have, for your own purposes and not for redistribution. What I mean by this is that if you have PGP freeware (which you are using for non-commercial use), then you may do all those things with PGP freeware. If you bought a copy of the retail product, then you may do those things with the retail product or the freeware product.


    Sounds to me like the Microsoft "Shared Source is Open Source, just improved" drivel. I think he mistakes open source with commercial source licenses, and I think I will stick with GPG.
    • Re:Intersting read (Score:2, Insightful)

      by Eythian ( 552130 )

      Wow...three whole posts, one on topic...anyway, from the article w.r.t. being able to modify the source, but not distribute:

      This isn't quite the same as what some other open source people believe constitutes "open source," but our philosophy on source is completely in line with the principles that the FSF and LPF were founded to defend -- the right to look under the hood.

      I was under the impression that the FSF liked that, but felt that the main freedom of Free software was the ability to modify, and then distribute free versions, which isn't what they are allowing.

      There was also talk of a Linux version -- if the source is avalible, all they have to do is ask the community (for the freeware version, anyway). Personally, I'll be sticking to GPG I think.

    • granted that what got quoted wasn't the actual legalese they're going to use, but to judge by what the man said, it sounds to me like distributors won't be allowed to bundle binaries of their code. possibly not even source packages, much less unmodified source. if that's the case, they'd damn well better sell one helluva good GUI version of it if they want any linux marketshare at all - as long as RedHat and Mandrake keep distributing GnuPG by default, any "official" PGP is gonna have a steep uphill battle.
      • Re:Intersting read (Score:2, Insightful)

        by MacDork ( 560499 )
        Whoa, only 14 posts on a 5 hour old /. PGP article. That's unnerving... anyway,

        it sounds to me like distributors won't be allowed to bundle binaries of their code. possibly not even source packages, much less unmodified source.

        reading the article I see...

        What is your perspective on full disclosure of vulnerabilities?

        I am a proponent of full openness. I'm a proponent of published source code, so by necessity vulnerabilities will be disclosed -- just look at the differences in the source.

        Sounds to me like diff files wouldn't be out of the question... I would hope that were the case at least. I have nothing against them making money on the product. As a matter of fact, I hope they make a boatload and encryption finally gets to be mainstream. But I think no source in the name of profit would be terribly limiting to development, because no source equals no trust in my book. I couldn't fully trust an encryption product that wasn't open to peer review...

  • "I got into an elevator at work and this man followed in after me... I
    pushed '1' and he just stood there... I said 'Hi, where you going?' He
    said, 'Phoenix.' So I pushed Phoenix. A few seconds later the doors
    opened, two tumbleweeds blew in... we were in downtown Phoenix. I looked
    at him and said 'You know, you're the kind of guy I want to hang around
    with.' We got into his car and drove out to his shack in the desert.
    Then the phone rang. He said 'You get it.' I picked it up and said
    'Hello?'... the other side said 'Is this Steven Wright?'... I said 'Yes...'
    The guy said 'Hi, I'm Mr. Jones, the student loan director from your bank...
    It seems you have missed your last 17 payments, and the university you
    attended said that they received none of the $17,000 we loaned you... we
    would just like to know what happened to the money?' I said, 'Mr. Jones,
    I'll give it to you straight. I gave all of the money to my friend Slick,
    and with it he built a nuclear weapon... and I would appreciate it if you never
    called me again."
    -- Steven Wright

    - this post brought to you by the Automated Last Post Generator...

The trouble with being punctual is that nobody's there to appreciate it. -- Franklin P. Jones

Working...