Bollocks to Lazy People. In the UK, when someone learns to drive a car they take an average of 25 lessons because its not easy to drive a car safely and skillfully. After they pass a relatively difficult theory and practical test they appreciate that they are now only truly beginning to get to grips with the skills required to drive well. To learn to use GPG/PGP sufficiently to sign and encrypt mail isn't even a fraction of the skill level or time required as learning to drive and there's plenty of free guides on the internet. So, the issue is one of motivation, not difficulty. Can GPG be easier to use, I think so, is it too difficult to use by ordinary people - no, they're just too fucking lazy and lack motivation. You want people to use crypto, scare the fucking living daylights out of them about how their governments and corporations are becoming way too powerful and just maybe they'll become motivated enough to overcome their laziness. Otherwise, the only option is to make GPG transparent by getting the email providers to automatically create key pairs and automatically handle signing and encryption by integrating their mail services with GPG behind the scenes. However, if we wish to promote choice then this isn't a good way to go about it. This method would also have implications for privacy and anonymity too as communications between the email client and mail servers may occur when a user is not expecting it. On 08/11/15 06:36, Juan wrote:
On Sun, 8 Nov 2015 15:02:46 +1100 Joseph Gentle <me@josephg.com> wrote:
LMAO
http://readwrite.com/2014/07/23/apple-ios-backdoor-acknowledgement-support-d...
Got anything more recent than July 2014?
I don't, though I didn't bother checking. July 2014 isn't too ancient anyway.
Apple has been claiming far and wide that from iOS 8 even they cannot access the data stored on a locked device without a password: http://appleinsider.com/articles/14/09/17/apple-says-incapable-of-decrypting...
Oh, if they so then it must be true =)
All three APIs listed in that readwrite article require access to services via USB, which require a device the phone trusts and (I think) for the device to be unlocked. I would be quite surprised if it turned out that apple really can decrypt data for the government on locked devices. They've been quite public about this policy, and they've claimed they can't access said data under oath. Its also a fantastic strategic move for them to fight off android - given google's business model it'll be impossible for android to follow suit.
I am about 90-95% confident that there aren't any intentional holes in iOS through which apple can read data thats only stored on my device.
Well, I'm 100% confident that a company like apple is not to be trusted.
(I recently switched from android to iOS for this reason.)
Good luck. Out of the fire into the frying pan =P
than nearly a quarter century of PGP has, because they've made it usable by the masses.
and the proof for that claim is, where?
It was very impressive for its time but what impact has PGP *actually* made? You seem like a sufficiently paranoid human who knows about PGP, knows what it does and you're technically capable of installing it and using it. So tell me - how many encrypted emails do you send and receive with PGP?
Very few. However, as far as I know, people who need to encrypt stuff that the government isn't supposed to read, say people buying and selling 'illegal' drugs, use p/gpg not iphones.
I think PGP's legacy is that it started a conversation around crypto and privacy. But as a *product* it was a complete failure. I mean, it doesn't even protect metadata.
Well, it's a client-side encryption tool. Nobody can 'encrypt' the fact that he sent or received mail. PGP is not a mix network...
And does a company like apple which collects information about hundreds of millions of people protect 'metadata' better?
Anyway, to expect the likes of apple to actually oppose the government (that is to say their partners) is naive at best, in my opinion.
-J
Peter.