Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment Re:Party!!! (Score 1) 399

[keysigning party] Not helpful in obtaining a key with which to send email.

That's because you looked at the answer from the sender's PoV and/or in the short-term. First rule of interviews: don't answer the quest you're asked; answer the question you wish you were asked. ;-)

Flip the submitter's question: "I need a client to send me personal info, but he doesn't know my key. Hey Slashdot, how can he get my key?" If you're an organization that is for whatever reason making a habit of requesting personal information from various people, then your org's people ought to be going to keysigning parties.

Or distort the timeliness: "Ten years from now, I'll need to send personal information to someone. How do I bring about an environment where I'm likely to be able to easily get their key and believe it?"

Comment Re: This is why encryption isn't popular (Score 1) 399

You wouldn't use it for any private communications. The best use for something like this would be to use your government-issued key to sign your "real" personal key. Such a system would allow anyone to trust your key's identity by as much as they trust the government. As a lower bound.

Think about what those of us without these government-issued crypto systems are doing. We meet strangers and check their government-issued ids (drivers' license, passport) and then say "ok, I think you're really Joe Schmoe" and sign Joe's key. There's an implicit government-trust hop in each one of these, except that a third party observer can't tell whether or not it's there. If I see you signed Joe's key, I don't know if that's because you actually know Joe, or if it's because y'all set up a keysigning meeting and then signed each other based on trusting each other's government ids.

With cryptographic government issued ids, we could stop having these kinds of keysigning meetings, and raise the standard for keysigning. I would no longer sign you simply because you have a government document saying you are who you are, because you would be able to do that yourself. You would have to verify your identity to me, some other way. This would raise the overall reliability of signatures.

I totally want the government to get in on keysigning. Just don't fucking use single-signer systems. such as X.509. The government's attestations should be additive not exclusive. We ruined HTTPS; let's learn from that mistake and do "email2" right.

Comment Use the key which signed the request (Score 1) 399

An organization wants me to send them my personal data by email

Whatever key was used to sign that request, is the key to use. Since you've already verified the request, you must already have the key and have verified its identity.


Whaddya mean, "the request wasn't signed?" Hmmm.. Are you sure you know who is asking?

Comment Crypto is the answer, jurisdiction-shopping isn't (Score 2) 470

What the government is doing is repugnant, but only because most people are stupid and take the wrong lessons from it. If people had their shit together, then it would actually cause a positive effect, and we'd be talking about how US government's thuggery inadvertently did everyone a favor.

I never even heard of these encrypted email services until yesterday (except for hushmail about a decade ago but that was an even dumber beast) and the more I look into them, the more apparent it is that they sell .. well .. "snakeoil" is maybe too harsh, but I guess I'd have to say they sell the service of closing barn doors after horses escape. If I had to put it really nicely, to the point of sickening insincere sweetness, I suppose I could say they help you deploy "defense in depth" and I might be able to avoid making any gagging sounds as I did it.

Either the sender encrypts your email with your key, or they don't.

If they do it (i.e. if people do things right), then you don't need any service's special help with anything. All you want from your service are reliability, performance, and low prices -- a commodity, just like ISP's service of packet-passing.

If the sender doesn't encrypt the email with your key, then you're fucked. This is the common scenario, and the fact that people are basically fucked but still want to somehow mitigate it, is how this market emerged. Fair enough, I get it: when life hands you lemons, you make lemonaide. But you're taking it way too seriously, expecting far too much from a lossy premise. Your lemonaide is never going to be Dogfish Head 90 Minute IPA, ever, period. You should lament that, that people don't encrypt. You don't know who all read your PLAINTEXT before it got to Silent Circle or Lavabit and then they encrypted the storage of it.

(Worse, from what people are hinting about how lavabit worked, it sounds like they did the storage wrong, and that everyone always knew they would be able to decrypt things under certain circumstances, if forced.)

Users and their endpoint software must provide security. Other people's media and services running on other people's computers, can't really help you. Everything in between the endpoints is untrusted. Gag orders, CALEA-like laws, etc will make even the best-meaning services untrustworthy.

So. If it makes users feel better to move their hosting to other jurisdictions, fine. But for fuck's sake, go beyond just trying to make yourself feel better, and actually do something to make things really better: have a keysigning party. Help webmail users find and upgrade to decent (i.e. openpgp-compatible) mailreaders. And so on. Every time you see an unencrypted email come in, think about WTF went wrong and how that could have been prevented. And if you really do this, then you'll find that you can still host in America.

BTW, we've been through all this before. It's not like anything truly new is happening. All the same issues were coming up ten years ago, and ten years before that. (And probably ten years before that but I missed out on that round.) It always comes down to jurisdiction-shopping being a waste of time. You have the ultimate weapon which makes it all obsolete: 1970s PK tech. The only time you need jurisdiction-shopping is if your government outlaws the tech (France still? Not sure.).

Comment Re:What _is_ an "encrypted email provider"? (Score 1) 771

Thank you for your contribution, AC. I have known you for many years and always felt your reputation was unfairly earned and the people who accused you of crapflooding, over-specificity, and blabbering endlessly, were just projecting. I know I was, when I flamed you for it. Or maybe I am looking at history through rose-tinted lenses, and you were actually guilty back then, but I would hate to have the indiscretions of my youth thrown in my face. My, how the years have changed us, AC. So, it's this. This is what it's like to be old. I have changed, and so have you.

Over-specificity. As if. If only they could see you now!

Comment Re:Excellent Idea (Score 1) 321

That provides end to end and is vulnerable to MITM attacks

Being vulnerable to MitM attacks is ok, provided you do two things:

1) You tell the user. (Probably not with some kind of scary modal thing, but the population does need to somehow get educated about what it means.) This is something that current web browsers do wrong, when they treat untrusted certs as being worse than plaintext.

2) You have the option, for users who are willing to go to some extra trouble for key exchange, to take countermeasures against MitM. This is what makes Diffie-Helman alone be insufficient. There should always be a MitM-proofable wrapper around it, even if by default for novice users, it isn't MitM-proof. Then whenever hubby reads one too many news stories and decides he cares a little bit, he can say, "ok, I'll have my wife read her key signature to me" and then by magic he's actually done something useful and the situation really gets better, and the novice has easily and incrementally become a beginner.

Comment Re:WTF??? Was "Re:Need to Do More" (Score 1) 321

But I definitely DO want them to catch the "actual terrorists" before they can commit their acts of terrorism!

They can't, at least not reliably. As long as we keep saying it's really important to catch criminals before their crimes, we are going to be indirectly telling our government that it's ok to occasionally do all those things that you don't want them to do.

There is a person with nasty intentions and 99 people with average intentions. You can tell them apart one of two ways: 1) wait to see what they do. 2) Be inhumane and un-American to all 100 of them, and then say "at least I think I got the bad guy." And there isn't a third way.

Comment Re:Is everything currency, then? (Score 1) 425

If a State may not accept (or force anyone to accept) anything but gold and silver as payment, then gold and silver are in practice the only Constitutional form of money.

They don't need to declare it or accept as payment; they're merely recognizing the fact that it is. Neither the feds nor the states have declared euros or peso to be money and they won't accept those things as payment, but if you offer 100 euros for some heroin, or if you tell people that you'll turn their 100 peso investment into 1000 pesos, you're going to hear the prosecutor talk about "money" and the judge is not going to be rolling his eyes at the prosecutor's silliness.

You're right the constitution doesn't grant the power to know about currencies to the government; the constitution couldn't do that, even if we wanted it to. These are matters of facts, not authority or powers. They can't set the value of pi either, even if sometimes they think they can.

Comment Re:who pays for maintenance? (Score 3, Funny) 366

Getting into the position of power where they get the things they want, is what makes them rich. Rich is the consequence, not the premise.

To answer your question, they get the earthlings to pay the bills, which is why the earthlings are poor. "Send me another batch of wheat and monocle polish, or else my mass driver will send your city another big rock."

Slashdot Top Deals

Behind every great computer sits a skinny little geek.