In the full context of the question and the answer, Zimmermann explains that because they didn't have a smartphone client for PGP, they were forced to hold the keys on their servers. Under these conditions, a court order could force him to silently wiretap users who otherwise believe their product is secure. I don't know enough to evaluate his decision not to use PGP on smartphones, and what the challenges there are. It's also possible he was incorrect or misleading in marketing Silent Circle's email service - the question starts with "You said in the past that Silent Circle’s products were secure because you don’t hold the encryption keys...", and that is obviously not the case (for email). But I certainly wouldn't assume he's bought off. In the full scenario he describes, that Silent Circle was in, it was impossible for them to guarantee end-to-end encrypted email bodies in the long run. That's all he's saying. -- Eric On Sun, Aug 25, 2013 at 7:54 PM, StealthMonger <StealthMonger@nym.mixmin.net
wrote:
How ironic and sad it is that Phil Zimmermann, the author of PGP, has become so imbued with the enterprise culture that he's now so blind to the original peer-to-peer spirit of PGP that he would say things like
There is no way to do encrypted e-mail where the content is protected. [1]
This is simply false.
If sender and receiver exchange keys out-of-band and nobody else knows the keys, the content can have cryptographically strong protection.
Why would Zimmermann allow himself to be bought off? What kind of pressure is being brought to bear? Is this protracted world-class human engineering in action?
[1] http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-proble...
--
-- StealthMonger <StealthMonger@nym.mixmin.net> Long, random latency is part of the price of Internet anonymity.
anonget: Is this anonymous browsing, or what?
stealthmail: Hide whether you're doing email, or when, or with whom. mailto:stealthsuite@nym.mixmin.net?subject=send%20index.html
Key: mailto:stealthsuite@nym.mixmin.net?subject=send%20stealthmonger-key
-- konklone.com | @konklone <https://twitter.com/konklone>