Just question to plenum: do we know, why eg. Enigmail is not standard part of Thunderbird? It is extremely confortable and easy way how to encrypt emails. Same counts for Pidgin and OTR plugin... e.g. Adium do have crypto as standard part. Isn't it possible that more we are paranoid about merging plugins to upstream clients code more barriers we are putting between ordinary user and crypto? Btw. I have heard nice thing from one of random people at some musical gig: "Today young are bunch of idiots they do not care about any system without *that crypto*" It made me laugh. This proposition of law not so much. Is there some legal way how to say "NO THANK YOU"? We know already that CCTV is not way to make streets safer place same as prohibition of drugs will not cause end of its abusing. IMHO there is no reason to prohibit something in case you want to get a rid of it. It just does not work. Regards, - Over On 08.11.15 9:24, oshwm wrote:
Bollocks to Lazy People.
In the UK, when someone learns to drive a car they take an average of 25 lessons because its not easy to drive a car safely and skillfully. After they pass a relatively difficult theory and practical test they appreciate that they are now only truly beginning to get to grips with the skills required to drive well.
To learn to use GPG/PGP sufficiently to sign and encrypt mail isn't even a fraction of the skill level or time required as learning to drive and there's plenty of free guides on the internet.
So, the issue is one of motivation, not difficulty.
Can GPG be easier to use, I think so, is it too difficult to use by ordinary people - no, they're just too fucking lazy and lack motivation.
You want people to use crypto, scare the fucking living daylights out of them about how their governments and corporations are becoming way too powerful and just maybe they'll become motivated enough to overcome their laziness.
Otherwise, the only option is to make GPG transparent by getting the email providers to automatically create key pairs and automatically handle signing and encryption by integrating their mail services with GPG behind the scenes. However, if we wish to promote choice then this isn't a good way to go about it. This method would also have implications for privacy and anonymity too as communications between the email client and mail servers may occur when a user is not expecting it.
On 08/11/15 06:36, Juan wrote:
On Sun, 8 Nov 2015 15:02:46 +1100 Joseph Gentle <me@josephg.com> wrote:
LMAO
http://readwrite.com/2014/07/23/apple-ios-backdoor-acknowledgement-support-d...
Got anything more recent than July 2014? I don't, though I didn't bother checking. July 2014 isn't too ancient anyway.
Apple has been claiming far and wide that from iOS 8 even they cannot access the data stored on a locked device without a password: http://appleinsider.com/articles/14/09/17/apple-says-incapable-of-decrypting... Oh, if they so then it must be true =)
All three APIs listed in that readwrite article require access to services via USB, which require a device the phone trusts and (I think) for the device to be unlocked. I would be quite surprised if it turned out that apple really can decrypt data for the government on locked devices. They've been quite public about this policy, and they've claimed they can't access said data under oath. Its also a fantastic strategic move for them to fight off android - given google's business model it'll be impossible for android to follow suit.
I am about 90-95% confident that there aren't any intentional holes in iOS through which apple can read data thats only stored on my device. Well, I'm 100% confident that a company like apple is not to be trusted.
(I recently switched from android to iOS for this reason.)
Good luck. Out of the fire into the frying pan =P
than nearly a quarter century of PGP has, because they've made it usable by the masses.
and the proof for that claim is, where? It was very impressive for its time but what impact has PGP *actually* made? You seem like a sufficiently paranoid human who knows about PGP, knows what it does and you're technically capable of installing it and using it. So tell me - how many encrypted emails do you send and receive with PGP? Very few. However, as far as I know, people who need to encrypt stuff that the government isn't supposed to read, say people buying and selling 'illegal' drugs, use p/gpg not iphones.
I think PGP's legacy is that it started a conversation around crypto and privacy. But as a *product* it was a complete failure. I mean, it doesn't even protect metadata. Well, it's a client-side encryption tool. Nobody can 'encrypt' the fact that he sent or received mail. PGP is not a mix network...
And does a company like apple which collects information about hundreds of millions of people protect 'metadata' better?
Anyway, to expect the likes of apple to actually oppose the government (that is to say their partners) is naive at best, in my opinion.
-J
Peter.
-- “Borders I have never seen one. But I have heard they exist in the minds of some people.” ― Thor Heyerdahl Telegram...................@over23 facebook...................facebook.com/overdrive23 projects...................https://brmlab.cz/user/overdrive twitter....................https://twitter.com/#!/over2393 last.fm....................http://www.last.fm/user/overdrive23 GnuPG key FingerPrint......08EA E4DC EF85 0F02 9267 5B48 2E58 6902 C5F8 794C Public key ................http://overdrive.dronezone.eu/overdrive.txt