PGP problems
Bill Wood
pmmail@rpglink.com
Thu, 03 Aug 2000 08:01:18 -0700 (PDT)
OT, this is one of my posts to my email (PMMail) interest
group. The general subject was PGP.
+++++
Wow, does this list go active every now and then. Just finished
w/ over 50 msgs - some of them repeated several times (???) -
with 80 (!) to go. My turn.
1. A certain amount of paranoia isn't. There is a non-zero
probability that someone/something is a danger to your well
being by invading your privacy.
2. The history of the world is that 99.99 percent of the truly
horrible things done to people were not done by individuals,
corporations, or evil computer games. They were done by
governments, usually their own.
3. The further history of the world is that on amazing,
low-likelihood occasions, history was altered significantly by
encryption failures. ZB, Enigma and the crack of the Japanese
navel code both during WW2.
4. I'm a black world guy. Wret US military classified/sensitive
information - (background info)
4.1 There are things that can be discussed only in a vault
(SCIF) swept for bugs weekly.
4.2 There are things that can be discussed in a closed office
located in a secure facility.
4.3 There are things that can be discussed in open meetings
in a secure facility.
4.4 There is nothing that can be discussed on a bus, train,
etc.
4.5 Things are discussed, legally or not, in rental cars and
during walks in the park.
4.6 Telefone conversations up to TS can be held world wide
over STU equipment (secure telefone unit - 128 bit encrypting,
I think). These fones are located in secure facilities and
their physical keys are kept in a safe.
4.7 Nothing sensitive can be sent over the internet,
encrypted or not (that I know of - unless things have changed).
4.8 There are unencrypted TS email systems, but they exist
behind guarded, unpenetrated walls.
5. I agree that most computer/software technology is very, very
poorly documented, and this has led me to wonder if software
engineers are incapable of clear, articulate thought. The
biggest problems seem to be the failure to provide a solid
context (the forest) before diving into the details (the
trees), and to assume that the user knows a lot more than he
really does or needs to.
6. Finished software should operate seemlessly by the user's
following a minimum of clear, unambiguous, simple instructions.
The complexities should be hidden. And if you're not doing
this, your SW isn't finished (for about the past 10 yrs, I've
had between 2 and 8 SW engineers working on my projects, and my
msg is always the same - I expect finished work).
7. When I am speaking/communicating in private, I think I
should have the expectation of privacy. I don't like the bother
of constantly wondering if it's ok to say this or that. If
email encryption per 6. above were available and practical to
use, then I would use it exclusively.
" ... this theory isn't even bad."
W. Pauli