-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There have been some very excellent points made in this thread in the argument for using strong encryption. I'll summarize them below, and then add my own. I think this is an important issue that deserves as complete as possible a treatment. On Fri, Oct 05, 2001 at 07:53:54PM -0400, Scott Lanning wrote: > On Fri, 5 Oct 2001, dan moylan wrote: > >i for one have never had occasion to use either, and only vaguely > >understand what would occasion its necessity. > > For an example from work, [SNIP] The web server unencrypts it for > a CGI script (or mod_perl), which then takes the credit card > and other form information and encrypts with GNUPG, and mails > it to a remote credit card handler. On Fri, Oct 05, 2001 at 09:19:32PM -0400, Bill Horne wrote: > In the immortal words of Bruce (Secrets and Lies) Schnier: "There are > two kinds of encryption. One will keep your wife from reading your > files, and the other will keep your government from reading your files." > > I don't want my government reading my files: I don't have a Purple Heart > to show them. On Fri, Oct 05, 2001 at 11:20:51PM -0400, David Kramer wrote: > On Sat, 6 Oct 2001, dan moylan wrote: > > > > > John Abreau wrote: > > >>> I'm also curious how many of us actually use PGP or GnuPG. > > I used pgp at my past job, and still do, to communicate with co-workers > stuff I didn't want management to see. Nothing illegal or immoral. It > turned out to be a very good idea, based on what happened do coworkers who > didn't do this. [SNIP] > Guess what- the witch hunts are coming back. Only now they're not looking > for communists, they're looking for anyone who is using technology in a > way that they cannot understand and haven't legislated clearly yet. I could not agree more with all of these points! So, so far we have, from some excellent and very REAL world examples: - business use: encrypt customer's (or other) sensitive data - keep your boss(es) and/or coworkers from reading your private mail which could get you ostricised/fired/worse - keep the government from using your own consitutionally protected speech to oppress you Now, I'd like to add my two personal favorites: - There are bad guys on the Internet who want your personal information to use any way they can - personal e-mail between you and your friends and associates is nobody's business but yours and theirs! I think this bears further consideration. While many here on this list are exceptions, few people realize that your e-mail does not really go directly to your intended recipient. It first travels over various routers and other networking eqipment until it gets to your ISP's SMTP server (assuming you don't run your own). Then it travels over more routers and other network gear until it reaches the destination SMTP server on the other end. This may be repeated many times if the destination site uses e-mail relays, which many if not most sites do. Finally, when your associate retrieves their e-mail, your message goes through even more network gear on its way to them. The fact is, at any given moment, any or all of this network gear or the mail servers themselves may be compromised by black hats. YOU HAVE NO WAY TO KNOW. I just hope it's not running IIS... ;-) Also, ANYONE with enough access to any of those systems, or physical access to the wires they use to communicate, legitimate or not, can read your unencrypted mail in its entirety. I'll bet a lot of people, even on this list, have never thought about that and didn't realize it. "But I never send sensitive data in e-mail," you say. Really? I bet you do, without even realizing. Many people use e-mail to conduct the day-to-day business of life. Maybe you're mailing an old friend (or worse, someone posing as an old friend trying to scam you) contact information for your family members. Or, maybe you're e-mailing your loan officer some account info to complete your mortgage application. Maybe you're forwarding passwords for your systems from your home account to your work account. I'm sure if you think about it, you can think of dozens of other forms of personal information which you've sent in e-mail to someone, that you, say, wouldn't give to a stranger on the street. Lots of things might seem "safe" or innocuous, when in reality having them compromised could have negative or even grave consequences. For example, your family's contact info could be used for all sorts of things by miscreants, like trying to scam them out of their money, or worse, to stalk and even kill them. Your account info could be used by attackers to clean out your bank accounts. Bye bye retirement fund. And obviously your passwords could be used to compromise your systems, gaining access to potentially much more sensitive data. Or, your spouse might hire a detective to intercept your e-mail (at work and/or at home) if she suspects you're having an affair... Or worse, an amoral interceptor could use the information to blackmail you (and in the end she'll probably find out anyway). Clearly, the more you have to hide OR protect, the more sensitive you are to this problem. Hopefully, no one here falls into that category... These are but a few examples of the dozens of other things an imaginitive e-assailant could use your e-mail for. On Sat, Oct 06, 2001 at 02:11:52AM +0000, dan moylan wrote: > > I don't want my government reading my files: I don't have a Purple Heart > > to show them. > > of course not, but exactly what files are we talking about? those > on my home computer, or those i send out as emails? do i encrypt > every evil thought i have stashed in a file on my personal computer? The question you need to answer is, "what is the likelihood, and how much do I want to worry about that?" Well, the answer is largely up to you. I'm fairly paranoid -- I encrypt ALL mail to people whose keys I posess. I also keep my home directory on all systems which might contain sensitive data on an encrypted partition. I feel confident that if someone broke into my house and stole my computer, they would not be able to get at my financial info or my contact database. And I think the government would have a hard time, though I'm sure they'd get it eventually if they tried long enough. The one thing I DON'T do (yet) is encrypt my e-mail partition on my mail server, but I just haven't gotten to it yet. =8^) So, do YOU need to take these measures? That's for you to decide. You need to determine for yourself what your sensitivity to these kinds of risks are, and weigh them against the inconvenience of setting all this up. The odds of someone intercepting your personal e-mail in order to kill your whole family are pretty slim. But I'd be surprised if it's never been done before... The odds of someone using your e-mail or other electronically obtained personal information to scam you are also fairly unlikely, but a good bit more likely than our mass-death example. This goes on, in real life, EVERY DAY. But there are enough vulnerable people in the world that most of us will never have to deal with this. Probably... Now you have a good idea of what your potential risks are (though there's no way possible I can even imagine what ALL of the risks are). It's up to you to decide what's important enough to be worth encrypting it. OH! One more thought to leave you with. I have personally interviewed at least one ISP employee (looking for a job at my company) who told me they frequently hooked up a sniffer to the network "when I get bored, to see what people are doing." How often do you think this goes on? Maybe you don't care... but I don't want them looking at MY data. - -- - --------------------------------------------------- Derek Martin | Unix/Linux geek ddm@pizzashack.org | GnuPG Key ID: 0x81CFE75D Retrieve my public key at http://pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7vroNdjdlQoHP510RAjbTAKC9rPOyCX5xtxwDUdxQCzGDy6MDGACfdnDz VcWHpeU4SNru6xfruKvlAxM= =vvuP -----END PGP SIGNATURE----- - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request@blu.org (Subject line is ignored).