In the full context of the question and the answer, Zimmermann explains that because they didn't have a smartphone client for PGP, they were forced to hold the keys on their servers. Under these conditions, a court order could force him to silently wiretap users who otherwise believe their product is secure.

I don't know enough to evaluate his decision not to use PGP on smartphones, and what the challenges there are. It's also possible he was incorrect or misleading in marketing Silent Circle's email service - the question starts with "You said in the past that Silent Circle’s products were secure because you don’t hold the encryption keys...", and that is obviously not the case (for email).

But I certainly wouldn't assume he's bought off. In the full scenario he describes, that Silent Circle was in, it was impossible for them to guarantee end-to-end encrypted email bodies in the long run. That's all he's saying.

-- Eric


On Sun, Aug 25, 2013 at 7:54 PM, StealthMonger <StealthMonger@nym.mixmin.net> wrote:
How ironic and sad it is that Phil Zimmermann, the author of PGP, has
become so imbued with the enterprise culture that he's now so blind to
the original peer-to-peer spirit of PGP that he would say things like

   There is no way to do encrypted e-mail where the content is
   protected.  [1]

This is simply false.

If sender and receiver exchange keys out-of-band and nobody else knows
the keys, the content can have cryptographically strong protection.

Why would Zimmermann allow himself to be bought off?  What kind of
pressure is being brought to bear?  Is this protracted world-class human
engineering in action?


[1] http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-problem-qa-with-silent-circle-co-founder-phil-zimmermann/


--


 -- StealthMonger <StealthMonger@nym.mixmin.net>
    Long, random latency is part of the price of Internet anonymity.

   anonget: Is this anonymous browsing, or what?
   http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain

   stealthmail: Hide whether you're doing email, or when, or with whom.
   mailto:stealthsuite@nym.mixmin.net?subject=send%20index.html


Key: mailto:stealthsuite@nym.mixmin.net?subject=send%20stealthmonger-key




--
konklone.com | @konklone