Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Privacy

Interview with Phil Zimmerman 72

Posted by Hemos from the a-man-the-MAN-hates dept.
A reader writes "PGP's creator is participating in an online interview this week. Phil is mainly interested in clearing the air about the recently discovered ADK bug, but the larger topics of encryption and worldwide organized snoop rings (Echelon) have already come up. The interview is open to questions from anyone; runs through Friday 9/8."
This discussion has been archived. No new comments can be posted.

Interview with Phil Zimmerman More

Interview with Phil Zimmerman

Comments Filter:

  • We need secure protocols, not content. (Score:5)

    by Tackhead ( 54550 ) on Wednesday September 06, 2000 @11:55AM (#800183)
    The evidence we're seeing - Carnivore being the best example - indicates that The Powers That Be are more interested in traffic analysis than in terms of decrypting your content.

    In other words, all the strong crypto in the DATA segment of the SMTP transaction isn't gonna save you if an FBI agent decides he wants to forge a "From: kiddypr0narchive@fbi.gov" in an email to you. For mail to truly be secure, it's clear that we now need to encrypt all headers in the SMTP and/or POP transactions.

    Likewise, for safe browsing, SSL on the content of the pages isn't enough; all the metadata in the HTTP GET requests have to be encrypted too.

    Traffic analysis makes sense; it's machine-readable data, machine-parsable, and very easy to inject into a database for profiling purposes. Scanning a database for all From: addresses associated with To: fields of osama_bin_laden@secretterroristcamp.iq, or IP addresses associated with Referrer-ID: fields matching the regexp *janetreno*goat*pr0n* is a lot easier than actually trying to examine a terabyte of .JPGs.

    We've seen it in the public domain with the "auto-sue" programs used against Napster users.

    We're seeing the gummint getting into the act with Carnivore. Whaddyawannabet that 5 years from now, when Jaz and ZIP drives are no longer available, the "physical evidence" ceases to be a piddly 120M disk (which can probably only hold the sniffed headers from a handful of users before it has to be swapped for another disc) and becomes a 200G hard drive (which can hold everyone's traffic for a few days)? Hell, the cost of the "removable hard drive Carnivore" isn't much more than the ZIP drive one today.

    At what point will we redesign our basic communications protocols to be snoop-resistant?

  • If big brother like organizations waste a week trying to decrypt your mother's letter about a new recipe she just tried, that is a week they don't have to decrypt the message you reply with explaining why your family has to go into hiding. We need to inject more noise into the system.

    Ummm, I thought that if they decrypt your mother's new recipe then they have your private key, and then they can decrypt everything else you send without much force. Of course, I'm somewhat ignorant -- do people change their keys every message? Does the software exist to change the key for each packet that is sent?

  • Re:DON'T POST QUESTIONS HERE (Score:1)

    by Anonymous Coward
    OK, It's me, Ph!l. My answer is:

    a34470asd89sradfh9weg89g349h834g980zgaseh89erf
    qr34h8934wr7890ferhferasd7890f4w78h4f37h4f34f3
    qf348934f890734f9h4f389h34f89h34f89hfliwe984we
    456wertz89erj3w459ß8t4we9h8ertw89zuewrt89zue4w
  • Actually, If I understand quantum encryption correctly, the Heisenberg uncertainty principle makes it impossible to listen in on a quantum encrypted stream without detection, even if you can somehow manage to apply infinite computing power to decrypting it. It's not much fun listening in if they can tell you're there.

    The equipment needed to perform QE isn't insanely expensive, either. The current problem is supposed to be extending the distance over which the stream can be sent.
  • There is a vast supply of pure, unharvested cheese on the moon.

    I like cheese.
  • Oh, but I should point out that E-Mail isn't everything. I'd agree that all personal communications should be encrypted. Sure that's a lot of what most people worry about, but I'm not sure that something like /. should be encrypted, even though /. has messages attributed to persons in it.
  • Actually, though, if one can securely distribute keys of arbitrary length, one can then apply the one-time pad result (one use pads are provably secure) to guarantee that no amount of processing can decrypt the result. One is reduced to merely guessing about the content at that point.

    The original post seemed to suggest that quantum computers were somehow going to able to break QE because of their unique properties. I'm fairly sure that can't be the case, given the above.
  • Cheese? A cluster of cheese? Phil Zimmermann's cheese?
  • The American first amendment (Freedom of the press) gets the best protection when an actual printing press is involved.

    The DeCSS issue is slightly more complex, since it's not a 'pure' free speech case, but historically, the US Supreme Court is reluctant to allow any restrictions on words on paper- pictures and streams of electrons are a different story.

  • I know its cheap enough for us to use it. But what of the large web servers? Presumably they buy hardware which can cope with the needs of serving (and given slashdotting presumably not a lot more). Wouldn't encryption add very significantly to their costs?

    Correct me if I am wrong. I don't know the relative computational cost. This is just a guess. Anyone with more info?

  • I know that, but my points were:

    1) quantum computers do not break symmetric encryption, so if quantum computation becomes commonplace, then we're no worse off than before public-key encryption became a common concept (and in fact, our symmetric systems will still be useful).

    Unfortunately, we will have to resort to physical means to securely pass our keys (with the accompanying possibility of rubber-hose or sticky-fingers decryption techniques...)

    2) There are still mathematical operations which look like they have the same kind of property that factoring large numbers or doing discrete logarithms have right now, i.e., being easy to do in one direction, and hard to do in the other, but do not look like they will be easily solveable by a quantum computer.

    So...the advent of practical quantum computing might make the CURRENT public key infrastructure useless (in which case we are no worse off than our current state where hardly ANYTHING on the net is encrypted), but there will still be the ability to transition back to an encrypted state.
  • It really doesn't matter if he used a sniffer or not as cable traffic is encrypted as soon as it's sent out over the cable modem. Try it and you'll see.

  • The only reason I can see that they do it that way is this (I assume MS can afford the CPU for the encryption overhead):

    If you're connecting to Hotmail through an anonymizing proxy, it (in most cases, see the now defunct lpwa proxy, for example) won't proxy SSL connections. So the unsuspecting "John Doe" sending an email message that irritates someone in any way may never know it was the "X-Sending-IP" or similar header, gained from that short SSL connection, that gave him away.
  • DMCA makes a circumvention device illegal. Code is at least possible to consider a virtual device. It does something. Okay, it really makes a real device (computer) do something, technically it is only instructions. But we think of it and use it as a device. We say the Linux kernel, for example, does something when a user makes a system call.

    A printed version of the code does not act as a virtual device, it can't do anything or automatically make a computer or any other device do something.

    Now it lets a person (or a computer with OCR) make a copy of the code, but the DMCA doesn't say instructions for making a circumvention device are illegal. Heck it doesn't even say a device that makes a circumvention device is illegal. (Although I wouldn't want to rely on that it court). They can hang a lot on the prohibition on "trafficing" in such devices.

    In summary, there may be reasons a printed version is exempt.

    Here is another difference, DeCSS is illegal, PGP wasn't, as far as export regs go. (the patent situation was a different issue). So copying it to paper and exporting that when that is legal under export laws is apparently a workable workaround. That might not work with DeCSS.

    I am not a lawyer, any care to comment?

  • This presumption that emails are equivalent to official memos from the plaintiffs, which they saw as a misuse of the entrepreneur. However, under no circumstances shall any employee of the article claims a lot of unnecassary exceptions, and some inefficient device emulation out of business by pulling a bait-and-switch, doesn't look like the bad guys. Therefore, we must clean up our act, both public and private, and be willing to address the real, underlying concerns of our fellow consumers' mistrust and cynicism to the DeCSS link. This would have had to use ONLY industry standard, open memory formats such as crossbows, gunpowder, and chemical explosives. While Elven magic was still prevalent, the Dwarves had no reason to do it - the reviewer opinion notwithstanding, buy Ramus book and let the people that buy his films with his copy is his business.

    Finally, you observe:

    Get all the heavy hitters with PhDs and post-doctoral work to defend them calmly, though). As soon as the person in front of you in limiting access to information and communication-- a dream for anyone to peruse. He obviously is incapable of decency, integrity, or intelligence. Where's natural selection when you download directly from them, there's a Linux software available...that gets the nod over VMware or Win4Lin. If it's enabled by default. Not only do I not trust the langauges, but the pay-per-use annoyance-ware model has not yet died. Witness the recent Slashdot story about the struggle with darkness within (which is naturally why so many people are instructed to send too much energy up- the intensity of the key point (to me) proving that is harmful to minors. If you are *really* worried about inetd's security, why not have it, download it now!
  • I believe the key that's used to encrypt the message is changed each message (randomly generated, the pub/priv key stuff is used to exchange this key). However, I suspect that if they find the OTP, they might be able to derive your private key from the key packet (they have both the plain text and the encrypted text of the key).

    Bill - aka taniwha
    --

  • I would want to ask, why didn't you GPL PGP. In all fairness, this latest incident may have never happened to begin with if the code was GPL'd from the start. (or even if it was, it would have likely been an option that could easially be left out). Given a choice in the matter, I know I never would have used a product that implements key-escrow unless I specifically wanted and needed it.

  • What about quantum computers? (Score:4)

    by ca1v1n ( 135902 ) <snookNO@SPAMguanotronic.com> on Wednesday September 06, 2000 @12:18PM (#800201)
    I'm sure everyone here has read about the quantum computers that are still in the pre-infancy stages at places like IBM and Los Alamos. Because of their peculiar nature, the quantum computers can factor numbers as easily as they can multiply them, rendering public-key encryption schemes useless. Of course, these systems are still very primitive, the latest ones at around 5 to 7 qubits. Still, it is inevitable that this technology will grow to the point where it could be capable of cracking 128-bit encryption or whatever we are using when the rapidly advancing quantum technology starts to catch up with traditional computers. Quantum computers do offer the possibility of quantum encryption, but due to the inevitable extreme expense of quantum computers at the early stages of development, it is quite likely that intelligence organizations or large corporations will have the ability to crack our codes several years before we gain the ability to protect ourselves from this threat. When this happens, what will we do to protect our privacy against powerful forces that can compromise it at will?

  • Close, but not quite (Score:4)

    by dangermouse ( 2242 ) on Wednesday September 06, 2000 @12:19PM (#800202) Homepage
    The reason for encrypting everything you can is a concept called "plausible deniability". If you only encrypt important things, someone can point to encrypted data and say "that's important, he must be up to something, I can tell because it's encrypted." If you encrypt everything, you can deny that any of it (or any given piece of data, more importantly) is at all interesting, and such denial is entirely plausible.

  • A very large pair... (Score:4)

    by DESADE ( 104626 ) <slashdot&bobwardrop,com> on Wednesday September 06, 2000 @12:21PM (#800203)
    Whatever your opinion on encryption is, Phil Zimmerman deserves some respect. He released PGP despite very legitimate threats to his own personal well being.

    I read an interview a long time ago about his reason for doing do. He said he had heard of a rebel group (forget which country) that was fighting against an oppressive govermnent was using PGP to communicate.

    He decided that if his tool could be used to help people struggling for freedom, it did not matter what would happen to him. He released the software shortly thereafter. In my opinion, he's of the earliest true idealists in the world of hi-tech.

  • I agree with you about SMTP (and other protocols in general), but your thinking on SSL is flawed. Nothing of the higher level protocols (eg http) is un-encrypted. Try sniffing an SSL connection some time. You will not see anything recognisable (except maybe the SSL protocol itself). No GET, no POST, nothing but gibberish.

    So, going with the intent of your posting, all that's needed is to use SSL for everything. Now, there is still one problem. `They' can tell what machine you are connecting to (the tcp/ip headers are not encrypted, but then I don't really see how they can be*). One way to avoid this is to have multiple secure relays, but each relay is an openning for them to get in to grab the un-encrypted protocol information.

    * Routers need to know where to send the packets, so at least the IP and possibly the TCP headers can not be encrypted.

    Bill - aka taniwha
    --

  • Have some cheese.
    Like cheese.
    I like cheese.
  • get a sense of humor you fool, second I posted this right after the trolls. try again

  • Publishing Source (Score:3)

    by jerdenn ( 86993 ) <jerdenn@dennany.org> on Wednesday September 06, 2000 @12:27PM (#800207)
    from the article: We avoided the export controls by publishing PGP source code in printed books and legally exporting the books (which were not subject to export controls) to Europe, where they were scanned in via OCR and compiled back into working software again and sold on CDROMs all over the world. A neat trick, don't you think? It worked beautifully...

    Actually, one wonders if this will become the method of choice for distribution of 'illegal' source code such as DeCSS, etc...

    -jerdenn

  • > your thinking on SSL is flawed. Nothing of the higher level protocols (eg http) is un-encrypted. Try sniffing an SSL connection some time.

    Yeah, I just recalled Hotmail as an example where the sign-in process was done securely, but everything else was done in plaintext. Rather a silly implementation.

    As for SSL in general, what was I thinking when I posted that? (I shouldn't try sniffing an SSL connection, I should just try drinking more coffee before I post a brainfart like that again.) *doh!*

  • Just remember not to go overboard. If you make it too hard, outfits like the FBI will just do a little late night B&E and plant a trojan on your system to send unencrypted copies of your traffic, degrade your encryption, steal your keys, etc.

    They may not have legal right to do it, but once your data hits Carnivore (assuming a legal e-tap is in place) its your word versus theirs on how the trojan got in your system (not like its going to have ©FBI in it).

    Just to be fancy, how many regular users would notice if someone added a Promise IDE RAID card and a second harddrive (in mirror mode) to their system.
  • This bears mentioning!

    I like cheese.
  • Very cheap is statement of opinion probably based on useing anything decent. But prak's IIci running netbsd shows its age initiating an SSH conneciton. Imagine a capable machine that serves thousands being asked to multiply its workload through encryption. I'm not saying that you shouldn't but maybe you rather wouldn't.

    Think of cell phones for example; manufacturers just don't want to put anything good in there due to power usage. Here I'd be on the side of encrypting anyway.

    do think though about what everything implies. In the context of the 3com founder saying it (something like "I invented ethernet, but I should have thought about encrypting everything"), it seemed to imply that every network card on every machine would do some encryption point to point with every other network card. That means every route has its own encryption layer over any other layers. I think that would have a huge speed impact on any internet (present or future).

    -Daniel

  • 1. Microsoft's business practices are no different in their intensity and moral content than those of any other corporation, but they are the most exposed and examined in history.

    2. The issue of "bundling" the browser is dead. Microsoft won at the appellate division, and the plaintiff did not appeal; end of story.

    3. The Justice Department's behavior toward Microsoft can only be described as a political vendetta, led by a completely political White House operative by the name of Joel Klein, with strong backing from the entire Clinton administration. The interesting question is not whether this happened, but why it happened.

    4. Bill Gates made a nearly fatal mistake in ignoring the political process, and in underestimating Washington DC's ability to hurt him. As recently as two years ago, he still did not rate the anti-trust case as among his top ten problems. This was a grievous error on his part, and one he was worked hard to correct in the past year.

    5. Both political parties are in the extortion game, a fact John McCain has repeatedly noted. They depend on "soft money" that is extorted from large corporations, labor unions, and trade associations. The media is totally culpable in this corrupt process, since they are the primary beneficiaries of the money itself, which is spent on advertising during campaigns. Any major company within the American economy that refuses to play this game is vulnerable to attack, particularly if it has powerful enemies who are more than willing to use any and every means at their disposal to destroy it.

    6. Microsoft's enemies include Oracle and Sun (Larry Ellison and Scott Mcnealy), who put repeated pressure on the politicians to eviscerate Microsoft so that their products, which were increasingly losing out to Microsoft's superior technology, would ultimately prevail. Since the first of the year, when the trial court ruled that Microsoft should be split in two, Oracle and Sun have both done extremely well at the same time that MSFT stock was about cut in half. This is exactly what Ellison and McNealy intended.

    7. Penfield Jackson is a technological ignoramus, a completely biased judge, and a virtual stooge for the Justice Department. This will soon become apparent.

    8. Microsoft never got a fair trial in Jackson's courtroom. It was a kangaroo trial from the beginning, but one that was aided - to Microsoft's detriment - by their own mismanagement. That said, even under the best of legal strategy, Microsoft had no chance, and the outcome would have been the same. It was a fix from the beginning.
  • Actually, I was thinking along those lines.

    Slashdot-hosted interviews used to be, what, weekly? And yet when was the last one? Or have I simply had them filtered out of my homepage with a new bug? ;)
  • Quantum theory also provides a solution to this. Quantum cryptography allows the transmission of information so securely that you can *guarantee* that nobody is listening in - making it irrelevant whether they are using a quantum computer or not. I am unsure whether this will allow anything analogous to public/private key cryptography, although given that there are ways to prove that you know how to do something, without revealing what that thing is (see section on digital cash in "Applied Cryptography"), perhaps there is an answer.

    --

  • Yes... but how does the other party know the key. I think that it is sent using public key encryption at the start. Eg SSH uses RSA to send a IDEA or DES key when the connection starts. (They switch since RSA is computationally much more expensive than IDEA or DES).

    So if you can break the public key at the start the whole session is open.

  • I don't see why. Under the DMCA, a printed version of DeCSS is no less illegal than an online version, so it's hardly an effective workaround.
  • Hey Phil! Please remove ADK and any way of recovering keys. If I lose my key, too bad. Hey, can I comment out the relevant section in the PGP source code and simply recompile? Damn, that would be sweet! Hmm, I wonder when the next long weekend is...
  • Putting that ADK feature in was stupid. It complicated the cryptographic system, and in the end, broke it. Why would you want it for E-mail, anyway? Worst case, you have to ask for some recent E-mails to be resent. E-mail encryption should be brutally simple and well-understood, probably, now that the patent has expired, RSA/triple DES.
  • Instead, why not just fill all "idle" bandwidth with random noise? Any well-encrypted data will blend right in, without the high CPU overhead of crunching lots of numbers to encrypt routine traffic.

  • "In other words, all the strong crypto in the DATA segment of the SMTP transaction isn't gonna save you if an FBI agent decides he wants to forge a "From: kiddypr0narchive@fbi.gov" in an email to you. For mail to truly be secure, it's clear that we now need to encrypt all headers in the SMTP and/or POP transactions.

    With SMTP, you can actually encrypt everything and don't have any headers (or only fakes) in the message.
    You only can't encrypt (or fake) the evelope return path, the envelope recipient and Received headers.

  • That's ZIMMERMANN, for crying out loud!

  • should everything on the internet be encrypted (Score:4)

    by daniell ( 78495 ) on Wednesday September 06, 2000 @11:21AM (#800222) Homepage
    On NPR I heard a pundit espouse that realistically everything on the internet should be encrypted. [this was the founder of 3com btw]. But I'm of the opinion that this is incorrect in that a lot of stuff doesn't really matter; why for example should you recieve encrypted ad banners (and I'm sure someone will think of a reason they're comfortable with). Arn't we forever going to run into a case where speed is more desireable for some applications (i.e. multicasted video)?

    This has to do with the interview topic of encryption as you may be able to see

    -Daniel

  • Ask him what the NSA's director likes to have for dinner. He should be able to answer that one.
  • (yes i have seen the link is a sort of user-interview thing but). Has there ever been a Phil Zimmerman slashdot interview? - or rather - wouldn't it be relevant to do one at the moment? Personally I'd like to see more Slashdot Interviews, because it helps to ask questions no reporter/journalist might have asked

  • How do you think PGP and GnuPG compare? (Score:1)

    by Anonymous Coward
    What advantages do you see in one compared to the other?

  • Think Twice before installing PGP 6.5.8 (Score:1)

    by Anonymous Coward
    I posted this yesterday, and it got moderated to 4 so I thought I would stay with a good thing.

    Following the thread on comp.security.pgp.discuss what can be done to restore confidence in the pgp system?

    Date: Mon, 28 Aug 2000 22:29:56 -0400
    From: Nemo
    Newsgroups: alt.privacy.anon-server
    Subject: Think Twice before installing PGP 6.5.8

    If you want to install an updated PGP to fix the ADK issue, you might want to read this message thread over in comp.security.pgp.discuss

    8o87bf$p7m$1@cristal.i-quake.com

    Apparently, NAI's solution is to hide the problem from the user. The updated PGP won't use a forged ADK, but it also will not show you that a key has a forged ADK; a forged key will appear to be valid with no ADKs at all. Consequently, the "view->ADKs" menu option is no longer useful for detecting keys with forged ADKs.

    This fix is a Public Relations fix, not a bugfix. The ADK problem is a major design flaw, not a simple bug. It cannot be reliably fixed by what NAI is doing. This update show a fundamental misunderstanding of what the real problem is and makes me question whether NAI really wants to fix this.

    -- Nemo -:- nemo@redneck.gacracker.org
    "For those with more memory than 8 Mb - tough luck.
    I've not got it, why should you." - Linus Torvalds
    (from the linux kernel source code, circa 1991)

  • I believe there are too public/private key pairs in use here, thus the breaking of one should not compromise the other.

    The message from mother to me: Uses my public/private keypair to encrypt/decrypt

    The message from me to mother: Uses mother's public/private keypair to encrypt/decrypt

    Thus, if they mange to brute force the recipe they have only gained my private key. Which will give them any message sent /to/ me. But they will not have my message to mother because that uses her key and not my own.

    Of course, if you really want to nitpick, with my private key they could now sign a message as me, encrypt it using mother's public key and send it to her. Perhaps something along the lines of "come visit me in the location specified in the last message." Then they will just need to follow her for a while.

    Or.. knowing my mother, they could just walk into the house, go over to the computer, and read the plaintext of the message I just sent to her which she has failed to destroy. (And if they were really that keen on getting it, the recipe as well.)

  • Zimmerman himself already made his view on this [pgpi.org] pretty clear, years ago.


    ---

  • Re:Why not GPL? (Score:3)

    by qnonsense ( 12235 ) on Wednesday September 06, 2000 @12:42PM (#800229)
    In all fairness, this latest incident may have never happened to begin with if the code was GPL'd from the start.

    How? The code is not GPL'd for sure, but it sure as hell is open for us to see [mit.edu]. Just because it uses the MITPGP License [mit.edu] not the GPL does not make it any less secure.

    ...it would have likely been an option that could easially be left out...

    It is an option that is easially left out. Just dissable it. Or, for that matter, don't complile it in, just as you would have the option of doing so with GPL'd code.

    I really don't see what the big deal is that this doesn't use GPL. For security purposes, one Open Source License is just as good as the next.
  • Encryption can be computationally *very* cheap. And encrypting only your sensitive traffic will rather draw attention to it.

    Multicasted video may want to go out unencrypted; not for speed reasons, but because collecting the key might incur unnecessary expense for all parties. But the same argument should not apply to normal, point-to-point communications.
    --
  • Realistically? No. Encrypting a "The system is going down in 15 minutes!" message, broadcast over a network for each user on a network, makes absolutely no sense--why would you want that message to be protected from eavesdropping?

    There are two sorts of communications which go out over the Net: public and private. Private communications (email, Web pages, etc.) ought to be transmitted securely in order to ensure privacy; public communications ought to be transmitted in the clear to ensure they remain public.

  • Careful, the fact that quantum computers can efficiently factor (or compute the discrete logarithm) is seperate from so-called quantum key distribution. i.e.

    1. If you build a computer based on quantum information, it can factor numbers efficiently and hence compromises crypto schemes like RSA.

    2. If you build a communication line which uses quantum information to distribute a key for cryptographic purposes you can guarantee security of the key distribution (i.e. if someone is spying you WILL know this).

    I'm sure everyone who has an ounce of intuition can postulate that these two are related, but to my knowledge, no one has every shown a connection between the two.

    I recently saw a paper in which the author demonstrated an extension of the quantum computing factoring algorithm to "other hard number theory questions". How odd that nature has provided us with a way to become superb numerical geniuses!

    dabacon
  • Not quite right. Quantum computers don't "explore every possible key immediately".

    What quantum computers can really do efficiently is to factor numbers efficiently. This is DIFFERENT from exploring all of the keys simultaneously. If this was how a quantum computer worked, then quantum computing would have an even greater impact on the world...it would easily imply that quantum computers can solve NP complete problems efficiently. As of today, to my knowledge, no one has shown how to solve an NP complete problem efficiently on a quantum computer.

    dabacon.

  • Ummm, I thought that if they decrypt your mother's new recipe then they have your private key, and then they can decrypt everything else you send without much force. Of course, I'm somewhat ignorant -- do people change their keys every message? Does the software exist to change the key for each packet that is sent?

    Actually, I believe the way that it works in practice is that the actual message is usually encoded using a private key system (same key to encrypt/decrypt). Then, the private key is encoded with the public/private key system. This means that the relative length of the encryption key is longer, and so is stronger. But don't take my word for it, because I'm no cryptanalyst - do your own homework :)

  • Phil did NOT release PGP. (Score:2)

    by Anonymous Coward
    Phil Z. never released PGP. This is a common misperception that he has never done much to discourage.

    Rather, he was paid to write it, and the other person (who prefers to keep a low profile - but was investigated with Phil by the Grand Jury) is the person who released it.

    This is an important distinction. Without that other person hiring Phil to write PGP, and having the balls to release it, PGP would not exist.

    It's also interesting, and alas, degrading to Phil's reputation, that Phil Z. has done quite a lot to trash the other person's reputation, while trying to grab more glory (and undeserved glory at that).

    If Phil Z. is a hero, he is a sad one at that.

    For references, read some of the original material about the release, starting with Jim Warren's article from Microtimes.

  • I didn't.

    I'm not asking Phil Zimmerman whether he knows about Slashdot interviews, as that really wouldn't make much sense now, would it? What I was wondering was whether any of the slashdot community knew what was going on. Entirely legit.
  • The reason that this is needed is that when an employee sends an email, he sends it not as himself but as a representative of his company. In fact, some companies (I believe certain ones dealing with stocks & finances) have a legal responsibility to track and audit all communications. There are very good reasons for much of this.

    Third-party decryption keys are a good thing; however, they should never have been implemented as they were, in a fashion which lead to the ability for anyone to subvert a key and read mail encrypted for it. Fortunately, it appears that this problem has been fixed.

    When sending email on company time to company contacts regarding company business, one has no right to expect privacy. Indeed, one has a duty to make one's communications visible--one's superiors have a definite right to audit one's performance and business dealings. It's no different from calling a customer after the salesman has left and conducting a satisfaction survey.

  • Well, the real problem is that most of our protocols (the classic Unix stuff like FTP & Telnet, and most everything Microsoft puts out) were designed for LAN communication or leased lines, where you make the assumption that the channel is trusted. Five years ago, public networks weren't that much of an issue, and unfortunately infrastructure is easier to roll out than it is to change.

    Some insecure public protocols (SMTP) should have have never happened -- blame it on the 800 lb sendmail gorilla that has been wandering aimlessly for 20 years.

    On the other hand, HTTPS support was put in early, and was just willingly not adopted except for business transactions. Netscape's big ugly broken key icon in vers 1-3 was their hint for users to demand a secure channel. They didn't care. It would be nice if general interest sites like Slashdot ran their service on both http and https just to give clued-in users the option.
    --
  • Bullshit source is not available for any version later than 2.6.2. Here's the source for 6.5.1i [pgpi.org].

    Check your facts man.

  • Re:should everything on the internet be encrypted (Score:3)

    by walnut ( 78312 ) on Wednesday September 06, 2000 @11:30AM (#800240)
    Please, encode your add banners.

    That way I can choose not to get your public key.

  • Re:should everything on the internet be encrypted (Score:3)

    by Bill Currie ( 487 ) on Wednesday September 06, 2000 @11:30AM (#800241) Homepage
    Heh, I just thought of a reason for encrypted banner ads: targeted advertising. You wouldn't want your neighbour using his tcp sniffer (assuming cable and a smart neighbour, I guess) and seeing banner ads for the local adult toy shop showing up in your stream :).

    Only hole in this I can see is your neighbour could just crack into the ad server and look at the records for what's been sent to you, but that's another issue, I guess.

    Bill - aka taniwha
    --

  • It's not a story yet. It's the start of an online interview. Pfft.

  • DON'T POST QUESTIONS HERE (Score:5)

    by 64.28.67.48 ( 217783 ) on Wednesday September 06, 2000 @11:31AM (#800243)
    Go to the actual site (http://forums.itworld.com/webx?14@@.ee6 caf5 [itworld.com]) to post a question. /. is not hosting the interview.

    Thrashing...please wait...

    -------------
  • The problem with encrypting everything is that we want the 'Net to be faster... encryption is necessary for certain things, of course, but I see no need personally to encrypt 90% of the stuff on the 'Net.

    Who cares if my personal web page is unencrypted? Not me... nothing is on there...

    On the other hand, if I want to keep certain things out of the hands of others, then I encrypt it, pray my skills (or my encryption program) is up to snuff, and hope no teenage hackers decide to have fun...

    However, encrypting everything in counter-productive unless you are trying to restrict the number of people who can read things. For corporations, it makes sense. For highly sensitive material, it makes sense. For proprietary information, it makes sense. For Jim Bob's Chili Recipe page, it doesn't.

    Kierthos

  • Complexity and Security (Score:3)

    by nestler ( 201193 ) on Wednesday September 06, 2000 @11:32AM (#800245)
    What do you have to say about complexity and its detrimental impact on security systems?

    PGP seems to be a case study in this in that the recent bug has no effect on the older, simpler PGP 2.6. As requests for features by everyone from paranoid hackers (bigger keys) to corporations (ADK's) come in, it is natural to want to add things to software. The problem is that as the software gets more complex, dangerous flaws get much harder to spot (even in open source software). Once a bug like this creeps in, the "feature-rich" software is significantly less useful than the old version in that it doesn't accomplish its original goal: privacy.

    How do you think one should go about trying to achieve a good balance of features/complexity and security?

  • The misunderstanding here concerns whether I asked Zimmerman's opinion or not. Actually I wanted to hear what people on /. thought. As noted, asking Zimmerman anything should take place elsewhere, but hey, I respect his opinion and am glad you mentioned it.

    -Daniel

  • Ummm...as far as I know, quantum computation is primarily useful at cracking current PUBLIC key encryption methods (factoring large numbers and/or discrete logarithms), not symmetric key encryption, which can still be set at lifetime-of-the-universe key lengths. (Anybody knowledgeable, feel free to correct me...)

    Even when they do that, there are other public key mathematical operations (elliptical curves come to mind) which people haven't come up with easy ways to crack yet, even with quantum computation. Doesn't mean it won't happen, but there will still be alternatives.
  • That's a great idea!!
  • Really? Thank you!!
  • If mail logging is really needed (which is rare), it should be at the sender end, not inside the crypto system. Never get cute in a crypto system; you'll break it.

    No new cypher is worth looking at unless it comes from someone who has already broken a very hard one. - Friedman.

  • Re:should everything on the internet be encrypted (Score:5)

    by prak ( 48563 ) on Wednesday September 06, 2000 @11:33AM (#800251) Homepage
    Come on.. you know the answer to this one. If only "interesting" traffic is encrypted there is a lot less encrypted traffic flying across the lines to confuse big brother like organizations. You encrypt everything to make it more difficult to figure out which encrypted packets are the ones you should be interested in brute forcing.

    If big brother like organizations waste a week trying to decrypt your mother's letter about a new recipe she just tried, that is a week they don't have to decrypt the message you reply with explaining why your family has to go into hiding. We need to inject more noise into the system.

    -prak
  • Don't get your panties in a bunch about me posting this question here. I'm posting it there as well, but I thought it more interesting than most of what had been posted here on /. about it.
  • My primary argument for "encrypt everything" is that it makes for better security for the important things you encrypt. If you send a large bulk of unencrypted traffic, then encrypt one important email... gee, it's real hard for the NSA to target the important stuff with $700 Billion in custom cracking equipment. OTOH, if everything is encrypted, the sheer volume of stuff to crack in order to search for "sensitive" items makes things more secure.

    This is why host-to-host encryption should be standard issue at the hosts' IP stack.

  • I don't know about you, but there isn't an FBI van outside my window. Therefore I'm only worried about people on the internet reading what i'm sending... hence I PGP. however... if I start seeing those guys from Enemy of the State in their van parked up the street from me, i assure you my main concern *won't* be whether or not they can see what I'm posting on /.

Slashdot Top Deals

"Only the hypocrite is really rotten to the core." -- Hannah Arendt.

Close