Reply From: "Joseph Pung" <Pungjat_private> I'm confused about the reaction of people over key escrow. I mean I fully understand what the govt wants to do. What I don't understand is why people think the Internet is a fundamentally different form of communication medium than the telephone or mail. How many of us use cell phones or cordless phones? Isn't the interception of these forms of communications a "hobby" with its own magazine? I submit that more citizens (not the govt) intercept telephone conversations than e-mail. I also submit that more people use telephones than e-mail. So why isn't there the same hysteria over our lack of telephone privacy? In addition, I think most people look at the US Postal system as "secure". But isn't our mail in the possession of the govt (the same one that wants to read all of your e-mail). And, doesn't our most confidential of all data travel via mail (bills - medical, dental, mortage personal, correspondence, credit card info, life insurance applications etc.). What am I missing? [Moderator: The ease of which each medium can be monitored must be considered. As for civilians vs government monitoring, you must also think of how each can react. An illegal wiretap could lead to a bust/presecution that was out of their legal bounds, while Joe down the street can only use it for good gossip material. This debate is a long and difficult one because of the many facets that must be considered. But this is definitely food for thought.] >> CRYPTO KILLS -- REALLY, IT DOES > IMHO by enabling this backdoor you now have the potential of >increased cases of electronic hijacking of Data and blackmail. > >Am I being paranoid here? I don't think you're being paranoid at all. I see virtually NO benefits in handing over keys, and being led to believe you are using 'secure' encryption. One of my main feelings is that however it is done, by the Government or not, if 'official' people have access to these keys, firstly it is likely that eventually someone will abuse the priviledge, perhaps in the name of justice, perhaps not, but far more importantly, in my mind it is a certainty that sooner or later, unauthorised people will get hold of them as well. I think it is quite arrogant of the government to assume it can create a system which is 'hackproof'. I envisage a time when you see compiled exploits distributed, making a mockery of the system. 'PrivacyNuke for Win95' if you like. Everyone uses the internet now, and many people realise it is quite insecure. A large number of people do not wish to send their credit card details over the web to a on-line store when they realise it can be intercepted. However, as soon as that little blue key comes up in Netscape, showing transmissions are encrypted, more people decide that it is safe, despite the fact that, especially here in England, the encryption can feasibly be broken. With a public key system, people will be told that their transmissions are encrypted and unbreakable, and so they will place more trust in them, and transmit things they wouldn't have otherwise. And they won't all be plans for being a terrorist either. There will be credit cards, detailed personal details and so on flying around, if people believe it is safe to do so. And then someone will find some way of decrypting them, and they will be used for some evil purposes most probably. And the argument that strong crypto helps criminals seems strange to me as well. For an incredibly long time, there have been various sorts of criminals around, and the huge majority of them probably don't have PGP at home :-) These days, a lot of criminials no doubt use insecure mediums such as the telephone and so on to communicate, but we don't see the phone being banned, as that would be ludicrous, although I'd wager many many more crimes are planned and executed via telephone, than PGP encrypted mail. As other people have said, why would the criminals suddenly balk at committing the further crime of using 'illegal' encryption if they wanted to? It's hardly a crime in the league of murder or whatever is it? Just a few of my thoughts, kingade -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com] -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:56:04 PDT