Privacy Software

[Neva Remailer]

-----BEGIN PGP SIGNED MESSAGE-----

nobody at replay.com (Anonymous) wrote:
>After seeing the intents of PGP Inc. with the release of their new
>PGP that breaks the old free versions, I have all but written them
>off as anything but the Enemy, and am waiting for a public reply on
>the list by Tim May to make it official.

Personally, I don't think it is that useful to draw up enemy lists.
It is clear PGP, Inc. cannot be relied upon to achieve our goals for
us.  I think a lot of people half expected something like this out of
them, anyway.  All that left wing politics and weird anti-business
stuff from the PGP crowd did not augur well.

>But now what? Please someone answer my questions about PGP - it
>appears that the 5.x versions are not compatible with the 2.x
>versions which came previous.  Is this so? Also, the direction they
>seem to be heading is in providing more and more non-free GAKked
>product. But aren't the 2.x and 5.x versions freeware? If so, can't
>others - a group of individuals - take that source code and build off
>of that?

The PGP source code is not the worst I've ever seen, but it's kind of
odd.  We should consider a rewrite, which gives us the added benefit
that it will be completely unencumbered.

It also gives us the opportunity to write it in a language other than
C, one which truly supports encapsulation.  C code is hard to verify
with great confidence because it is possible to obfuscate it and
introduce security holes.  This means that C requires one to trust the
authors to a greater extent than is desirable.

It would also be neat if the code were written outside the United
States and were put into the public domain.  If a company snaps it up
and bases a product on it - great!  The more people using the code the
better.

The whole issue of compatibility is an interesting one.  Would it be a
good idea to have a cryptographic system which was completely
incompatible with PGP, given the Big Brother risk?

Something I've never liked about PGP is their approach to encrypting
to multiple keys.  For one thing, the PGP crowd seems overly
conservative with bit expenditure, which is silly because bits are
cheap.  This means that creating entirely separate messages is
completely economical.

It also introduces security risk.  Let's say one of the three public
keys used to encrypt a message has been compromised.  Let's say the
other two parties live in places where they aren't supposed to be
exposed to bad ideas.  Once one key is compromised, the other
recipients are compromised in receiving a forbidden message.

On the other hand, if they were separately encrypted, the link between
the three messages is not obvious.  And, even if the messages *are*
linked, it's still not obvious that the other recipients didn't get
something else.  It provides a lot of deniability.

So, perhaps a protocol which does not support anything more than one
encryption key per message would be a good idea.

Something else that bothers me about PGP is compression.  It strikes
me as bad design to build this into an encryption program.  Zimmermann
has suggested that this increases security.  I doubt this.  Modern
algorithms like IDEA (please correct me if I am wrong) have the
property that if you get one bit, you've got them all.

And, I wonder if compression doesn't actually weaken security?  Let's
say I forward a known message with some commentary.  Since the
compression tables will be known, it seems like the increased size of
the message could provide some interesting information about the
preceding commentary.  All by itself, this probably doesn't matter,
but combined with other information it might result in a breach.  In
any event, that which is ambiguous should be eliminated.

It would also be nice if the messages were padded to predetermined
sizes, say 10K, 20K, 40K, etc.  (Once compression is eliminated this
is less of an issue.)

Anyway, if Adam Back wanted to undertake it, a nice project would be
design a good cypherpunk communications protocol.  Simple, clean, and
secure.

It seems to me that issues like wiping the stack as every function
returns, the formats of key rings, and security measures on the users
computer should not be in a communications standard.

Some other features: maybe a hashcash field which makes it possible to
quickly weed out junk.  The challenge string could be related to the
key.  Also, it would be neat if the system were designed with
steganography in mind.

How about a one time pad mode?  One time pads are more practical than
widely believed.  Many things we talk about we *do* want to keep quiet
for the rest of our natural lives.  Our present tool set and practices
do not do this reliably.  (But, I could be persuaded that one time pad
mode is actually something which should tunnel inside the cypherpunks
communication protocol.  Might as well keep everything clean and
orthogonal.)

>Piss on these assholes and their licensing fees.

There's nothing wrong with paying people for their work!  It's even
desirable if you want tools to be available.

>It was inevitable, anyway. They are a corporation after all, and the
>corporations are not on "our" sides.
>
>I can see a scenario where government is impotent and destroyed
>within 10 years. What will remain and will be harder to eradicate are
>the corporations.  I don't think we should rely on corporate software
>whenever possible, because it always comes with an ulterior motive.

I am of two minds on this question.  Free software is pretty darned
neat.  It's extremely easy to deal with and it's nifty that you can
write and release something and tens of thousands of people end up
using it.  If the code is simply placed in the public domain, then
anybody can use it for any purpose they like.  This has appeal.

On the other hand, corporations can be a good way to get things done,
too.  It is possible that the PGP approach of giving away software was
ultimately a mistake because now people don't expect to have to pay for
their code.  Elimination of a crypto market might be a bad thing.

It's clear that going the corporate route has to be handled with some
care.  Given the political implications, investors have certain risks.

Also, many people seem to switch into a different mode as soon as they
have a company.  Anything which they perceive as increasing their
profits becomes good.  PGP, Inc. has gone this way, we've seen First
Virtual do some unsavory things, and even good old C2 has made a few
people uncomfortable.

It doesn't have to be this way, of course.  Look at Comsec Partners.
We don't see any "conversation recovery", lying press releases, or any
other nonsense from them, just a beautiful product.

The key probably has to do with understanding clearly what it is you
want to do.  If you know you want to promote privacy and free speech
and are willing to volunteer a substantial amount of your time to do
so, then foregoing some blood money or maintaining your integrity is a
lot easier to do.

What I like about selling software is that you could actually make
good living by doing the right thing.  And, after all, if you've spent
six months writing something, why shouldn't the users kick in a little
money instead of freeloading?  I would like to see more crypto users
in the habit of paying for tools and in the habit starting security
companies.

Monty Cantsin
Editor in Chief
Smile Magazine
http://www.neoism.org/squares/smile_index.html
http://www.neoism.org/squares/cantsin_10.htm

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBNFwdNpaWtjSmRH/5AQEBZAf+IKyhaAdUWVAYWidPAOu/qw/qiGAYB6go
hxix3lOpj3RHDj87OlzzPIpY7aSbvvPOq6PkOCIecpjsO/e2F4vkXlWMtwONJ7gV
azGEC//voYyvC55diSHfqUg0zOY/8Ddsy460uIDX4jWJUkJzPMRSRIfvsmo/Lpf+
HFJcIcze/w8bD2k9gelBthbIgZOpCjplY68MyPNurCcVbpKlIw/RmyX6WI4hAkYk
UoRlFh4SeAmNWla4t0l3NGkpdxfVJ8tIAl6uNvV3enjjfctgm/5KRr8n7lcjLvOT
jKUJn0DDFD2pdZ66Unp3xeKpOMxLZ4Bqf704piaCSmj4Erul7x1Gmg==
=USz8
-----END PGP SIGNATURE-----