[Announce] GnuPG's 10th birthday

Mark H. Wood mwood at IUPUI.Edu
Fri Dec 21 19:26:40 CET 2007

On Thu, Dec 20, 2007 at 11:18:49AM -0600, Robert J. Hansen wrote:
> Hash: SHA256
> Graham wrote:
> > we are faced with the use of these very strong encryption tools by
> > those who would attack the very heart of our way of life.
> Prove it.
> You're asserting "the right to privacy and the means to enforce that
> right are so dangerous to our way of life that they must be restricted
> in their scope."
> That's an extraordinary claim, and it needs extraordinary evidence to
> back it up... extraordinary evidence I have never seen from anyone who
> has made this claim.

Hear, hear.  Consider the asymmetric nature of the conflict.  A small,
loosely-knit organization with few, simple operations in the works is
much more likely to prefer the superior security of a handful of
arbitrary single-use codes agreed to in face-to-face meetings to the
use of algorithmic encryption.  PGP and the like are most useful to a
large, busy organization because the sheer volume of traffic makes
other types of secrecy impractical and relatively insecure.  If
terrorists are using PGP it is probably because they haven't thought
about it very much.

Any systematic method can be broken sooner or later.  But, if "how is
uncle George" means "attack at dawn", how could you possibly calculate
that if you weren't in on the secret already?  What good would it do
you to learn that after the fact, if that meaning is abandoned after a
single operation?

I use PGP because it provides more than enough protection for my
personal and professional business and allows me to easily communicate
in reasonable security with large numbers of people I've never
personally met.  I require a meager amount of secrecy and a good deal
of ease-of-use.  This is just about the opposite of the requirements
of a guerilla, who risks lives and The Cause on communicating
sparingly with a very few well-known partners who already know most of
the message.

Mark H. Wood, Lead System Programmer   mwood at IUPUI.Edu
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20071221/66259e00/attachment.pgp 

More information about the Gnupg-users mailing list