Encouraging email security.
Jean-David Beyer
jdbeyer@exit109.com
Mon May 19 01:11:03 2003
Daniel Carrera wrote (in part):
>>>> I do not know how to get around this cultural gap...
>>>
>>> Its not so much a cultural gap, as computer illiteracy.
>>
>> I believe this to be an extremely important point, as it determines
>> what (if anything) is worth undertaking. I subscribe to the
>> "cultural gap" school. Stated simply, those that have no interest
>> in keeping their mail private now will not change their mind
>> anytime soon.
>
> As with most things, there is a continuum of interest. The smaller
> the effort required to use encryption the more people will use it.
>
>> The solution is not a more automated force-feeding of the same
>> complex system onto unwilling and unprepared, the solution is a
>> simpler, easier to use and understand public key encryption
>> program, targeting an entirely diferent cost/benefit point of
>> ballance.
>
> I agree, 100%.
>
> Indeed, I know of a certain group of people who would JUMP at GPG if
> it were easily accessible to them. Allow me to elaborate:
>
> I am a Christian. Some times, some of my Christian friends go to the
> third world to perform humanitarian work in places where Christians
> are persecuted. Just last month someone I know departed to a
> "secure" region of the world where, if her faith were discovered, her
> life would be in danger.
>
> Furthermore, the email comming into this particular place is
> routinely screened for Christian words.
>
> The need for secure communication is nowhere as obvious as here.
>
> Because of this, she gave everyone a "theasorous" which maps
> Christian words to other words, some of them made up, that shouldn't
> be picked up by the screening computers.
>
> When I heard her describe this I was shocked. What she is describing
> is the most archaic type of encryption possible. I talked to her
> after the talk. She actually does know about encryption, she knows
> what PGP is and she uses it with a tiny group of people. She
> explained to me that it just wasn't a viable option for the bulk of
> the population who have no knowledge of it.
>
> If GPG were more popular, we could all just have given her our
> fingerprints (or just key IDs!) and ensured a much more secure form
> of communication.
>
> I intend to converse with my pastor at some point, so that future
> missionaries will be able to use GPG when they try to do humanitarian
> work in sensitive areas of the world. But first, I want to find the
> easiest way to get them to use GPG. The problem is that for this to
> work we'd need to get ALL of the prayer partners (~40 people) using
> it.
>
> That's part of why I'm keen on finding the path of least resistance
> towards encrypted communication.
>
If I were running a police state, I would prohibit encrypted e-mail, and
anyone using it would be presumed, ipso facto, to have something to hide
and I would chop off their heads.
Now if everyone used encryption for every email; i.e., if encryption
were a standard instead of something people who were just paranoid
flakes like me, or conspiracies of criminals, they would have a tougher
time prohibiting it. E.g., if Microsoft made encryption the rule,
impossible to disable, the police state would not be able to stop it,
because Microsoft is probably more powerful than the average police state.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ Registered Machine 73926.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 7:05pm up 40 min, 2 users, load average: 1.34, 1.15, 0.77