[OT] Why are you using the GPG / PGP keys?

Robert J. Hansen rjh at sixdemonbag.org
Thu May 23 23:24:56 CEST 2013


On 05/23/2013 06:49 AM, Zece Anonimescu wrote:
> And that best code breakers use rubber hose cryptography.

Rubber-hose cryptanalysis tips your target off to the fact their
communications have been cracked.  If I beat your passphrase out of you,
thirty seconds after I let you go you'll have alerted your friends and
generated a new keypair.

If I were breaking crypto, I would do everything I could to keep you
from discovering I was reading your traffic.  This would preclude such
methods.

> So plausible deniability is something for a divorce trial.

Not even then.  "Plausible deniability" is a myth, an ephemera.  One
person may believe your denials; another may not.  Whether they believe
you will have much more to do with how honest you've been the rest of
the time than with the particulars of cryptography you're using.  The
jury isn't going to be technically skilled.  Rather than evaluate
technology in a dry and strictly logical sense, they're going to look at
your performance on the witness stand and, from that, decide whether to
believe your denials.

> So may I ask you why are you using the GPG keys?

I'm not, save for package authentication on Linux-based systems.

This is something I wrote for PGP-Basics a few weeks ago.  It's bleak
and depressing, but I believe it's an accurate picture of where things
currently stand:


				* * * * *


Email is dying and has been for years.  Ask a college student today what
he or she thinks of email and you'll get told it's an antiquated
technology that their parents insist on still using.  The mean age of
habitual users of email keeps rising.  When it comes to technology and
demographics, a shrinking userbase that keeps rising in mean age is
about as bad as it gets.

So, why is it shrinking?

The first generation of internet protocols -- email being one of them,
since email is considerably older than TCP/IP -- were devoted to
creating commodity infrastructure.  Everyone was connected to everyone
else, information would flow like a mighty river, the huddled masses
would be freed from the chains of corporate control of data, and so on.

It was a great dream.  The only problem was it was horrifically naive.
The exact same things led to the internet turning into an open sewer.  A
lot of people, when looking at the anarchic free-for-all of the internet
and what's come as a result of it, are of the opinion that if this is
progress they'd like to go back.  (I don't have any children, but if I
did I might be one of these techno-Luddites.  Reading the comments on
any YouTube video will likely convince you of the truth of John
Gabriel's Greater Internet F*ckwad Theory [1].)

I maintain that people are not flocking to walled gardens because
they're dumb, or ill-informed, or anything else like that.  They're
flocking to walled gardens because the garden-keepers are promising "we
will have none of that here."  Those who keep the garden can see you and
what you're doing, they can kick you out of the garden if you misbehave,
and it comes at the low, low price of ceding a great deal of social
control to them.

Some years ago someone asked me why I hated Apple so much.  I told them
it was because I couldn't get _Playboy_ on my iPhone.  It's not that I
subscribe to _Playboy_ or even want to subscribe to it, but I want to be
in control of what I read -- I don't want Apple to decide for me what
I'm allowed to read.

My friend was confused.  "So.  Between an unfiltered internet -- which
I've often heard you call an open and festering sewer -- and a highly
filtered internet that leaves a nice environment everyone can play in,
you're going to blame Apple's filters /not letting in crap you don't
even like in the first place?/"

Uh... hrm... I gotta go think about that, y'know.

The moral of the story: maybe the reason why so many people are
embracing privacy-destroying walled gardens isn't because they're
ignorant, but because they have made a rational choice based on what
they see as the downsides of privacy when applied to large groups of
people who all serve as each others' audiences.

Or, less literally but more poetically:



	You talk like a Rosicrucian, who
	will love nothing but a sylph, who does
	not believe in the existence of a sylph,
	and who yet quarrels with the whole
	universe for not containing a sylph.

			-- Thomas Love Peacock, _Nightmare Abbey_





[1] http://www.penny-arcade.com/comic/2004/03/19




More information about the Gnupg-users mailing list