[FORGED] Re: UK To Ban Crypto In Devices, Email And More

oshwm oshwm at openmailbox.org
Sun Nov 8 00:24:11 PST 2015


Bollocks to Lazy People.

In the UK, when someone learns to drive a car they take an average of 25
lessons because its not easy to drive a car safely and skillfully.
After they pass a relatively difficult theory and practical test they
appreciate that they are now only truly beginning to get to grips with
the skills required to drive well.

To learn to use GPG/PGP sufficiently to sign and encrypt mail isn't even
a fraction of the skill level or time required as learning to drive and
there's plenty of free guides on the internet.

So, the issue is one of motivation, not difficulty.

Can GPG be easier to use, I think so, is it too difficult to use by
ordinary people - no, they're just too fucking lazy and lack motivation.

You want people to use crypto, scare the fucking living daylights out of
them about how their governments and corporations are becoming way too
powerful and just maybe they'll become motivated enough to overcome
their laziness.

Otherwise, the only option is to make GPG transparent by getting the
email providers to automatically create key pairs and automatically
handle signing and encryption by integrating their mail services with
GPG behind the scenes.
However, if we wish to promote choice then this isn't a good way to go
about it.
This method would also have implications for privacy and anonymity too
as communications between the email client and mail servers may occur
when a user is not expecting it.


On 08/11/15 06:36, Juan wrote:
> On Sun, 8 Nov 2015 15:02:46 +1100
> Joseph Gentle <me at josephg.com> wrote:
> 
> 
>>>         LMAO
>>>
>>>         http://readwrite.com/2014/07/23/apple-ios-backdoor-acknowledgement-support-document
>>
>> Got anything more recent than July 2014? 
> 
> 	I don't, though I didn't bother checking. July 2014 isn't too
> 	ancient anyway. 
> 
> 
>> Apple has been claiming far
>> and wide that from iOS 8 even they cannot access the data stored on a
>> locked device without a password:
>> http://appleinsider.com/articles/14/09/17/apple-says-incapable-of-decrypting-user-data-with-ios-8-even-for-government-agencies
> 
> 	Oh, if they so then it must be true =) 
> 
> 
>>
>> All three APIs listed in that readwrite article require access to
>> services via USB, which require a device the phone trusts and (I
>> think) for the device to be unlocked. I would be quite surprised if it
>> turned out that apple really can decrypt data for the government on
>> locked devices. They've been quite public about this policy, and
>> they've claimed they can't access said data under oath. Its also a
>> fantastic strategic move for them to fight off android - given
>> google's business model it'll be impossible for android to follow
>> suit.
>>
>> I am about 90-95% confident that there aren't any intentional holes in
>> iOS through which apple can read data thats only stored on my device.
> 
> 	Well, I'm 100% confident that a company like apple is not to be
> 	trusted.
> 
> 	
>> (I recently switched from android to iOS for this reason.)
>>
> 
> 	Good luck. Out of the fire into the frying pan =P
> 
> 
>>>> than nearly a quarter century of
>>>> PGP has, because they've made it usable by the masses.
>>>>
>>>
>>>         and the proof for that claim is, where?
>>
>> It was very impressive for its time but what impact has PGP *actually*
>> made? You seem like a sufficiently paranoid human who knows about PGP,
>> knows what it does and you're technically capable of installing it and
>> using it. So tell me - how many encrypted emails do you send and
>> receive with PGP?
> 
> 	Very few. However, as far as I know, people who need to
> 	encrypt stuff that the government isn't supposed to read, say
> 	people buying and selling 'illegal' drugs, use p/gpg not
> 	iphones. 
> 
>  
>> I think PGP's legacy is that it started a conversation around crypto
>> and privacy. But as a *product* it was a complete failure. I mean, it
>> doesn't even protect metadata.
> 
> 	Well, it's a client-side encryption tool. Nobody can 'encrypt'
> 	the fact that he sent or received mail. PGP is not a mix
> 	network...
> 
> 	And does a company like apple which collects information about
> 	hundreds of millions of people protect 'metadata' better? 
> 
> 	Anyway, to expect the likes of apple to actually oppose the
> 	government (that is to say their partners) is naive at best,
> 	in my opinion. 
> 
> 
> 
> 
> 
> 
>>
>> -J
>>
>>>
>>>> Peter.
>>>
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20151108/b552b1b7/attachment-0002.sig>


More information about the cypherpunks mailing list