At 8:38 PM 8/27/93 -0700, Nick Szabo wrote:
Paul Ferguson:
The biggest threat to any security, on any basis, is the threat of human nature. The chances of someone factoring your PGP encoded message is somewhere in the range of slim-to-none, but the chances of someone (you) -physically- compromising their key is much, much higher.
I'd like to strongly second this The most important cypherpunks issues are being almost completely ignored by these academics: practical implementation of remailers, most issues dealing with software- based digital cash, reliable key handling, trustworhy key distribution, construction of "webs of trust", implementation of these schemes with all of their pitfalls (legal, social, etc.), commercialization, etc.
In most of these cases, the protocols (ciphers, remailing mixes, digital cash, etc.) can theoretically be "broken" by a powerful agent, but the real question is what practical, cheap steps can we take to make things more expensive for those with little respect for our privacy or liberty.
Yeah, its an arms race, and we don't have time to wait for the ultimate weapon. Similarly, it doesn't matter how ultimate the weapon is in the hands of someone who doesn't know how to use it. I wish that the generic security advice was separate from the IBM-flavored instructions in the PGP manual. It's very tedious for a Mac user.