[FORGED] Re: UK To Ban Crypto In Devices, Email And More

Joseph Gentle me at josephg.com
Sat Nov 7 20:02:46 PST 2015 

On Sun, Nov 8, 2015 at 2:28 PM, Juan <juan.g71 at gmail.com> wrote:
> On Sun, 8 Nov 2015 02:10:19 +0000
> Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
>
>> Joseph Gentle <me at josephg.com> writes:
>>
>> >Industry grade crypto has existed for years, but things like PGP
>> >being simply *inconvenient* has resulted in it having virtually no
>> >adoption. The big threat to pervasive surveillance isn't pgp, its
>> >companies like apple and whatsapp bringing that technology to the
>> >masses.
>>
>> That's a good point actually.  In my enormous to-read pile I've got
>> "Why Johnny Still Can't Encrypt", and that's from fifteen years after
>> the original paper on PGP's unusability was published.  It's scary to
>> think that companies like Apple have done more to protect us from
>> intrusive government surveillance
>
>
>         LMAO
>
>         http://readwrite.com/2014/07/23/apple-ios-backdoor-acknowledgement-support-document

Got anything more recent than July 2014? Apple has been claiming far
and wide that from iOS 8 even they cannot access the data stored on a
locked device without a password:
http://appleinsider.com/articles/14/09/17/apple-says-incapable-of-decrypting-user-data-with-ios-8-even-for-government-agencies

All three APIs listed in that readwrite article require access to
services via USB, which require a device the phone trusts and (I
think) for the device to be unlocked. I would be quite surprised if it
turned out that apple really can decrypt data for the government on
locked devices. They've been quite public about this policy, and
they've claimed they can't access said data under oath. Its also a
fantastic strategic move for them to fight off android - given
google's business model it'll be impossible for android to follow
suit.

I am about 90-95% confident that there aren't any intentional holes in
iOS through which apple can read data thats only stored on my device.
(I recently switched from android to iOS for this reason.)

>> than nearly a quarter century of
>> PGP has, because they've made it usable by the masses.
>>
>
>         and the proof for that claim is, where?

It was very impressive for its time but what impact has PGP *actually*
made? You seem like a sufficiently paranoid human who knows about PGP,
knows what it does and you're technically capable of installing it and
using it. So tell me - how many encrypted emails do you send and
receive with PGP?

I think PGP's legacy is that it started a conversation around crypto
and privacy. But as a *product* it was a complete failure. I mean, it
doesn't even protect metadata.

-J

>
>> Peter.
>

More information about the cypherpunks mailing list