[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Laziness?



(I've changed the subject line to something much shorter than the 2
lines+ of the previous subject line. And hopefully more germane to my
point.)

Nathan Loofbourrow writes:

> Ah - so provide an unencrypted list for the software-challenged and
> the merely lazy.
> 
> The incentive for using the encrypted list, then? Simple --
> 	1. Increasing ones personal encrypted-to-unencrypted ratio
> and
> 	2. The old chestnut -- delay the unencrypted list 24 hours.
...
> I believe it's traditional to reply "Indeed."

Indeed---NOT! I don't consider myself especially "lazy" when it comes
to this list, nor do I consider myself "software-challenged."

I connect to the Net from my home Mac IIci or PowerBook 170 over a
14.4 modem line to Netcom, an Internet service provider many of you
are familiar with. Once on Netcome, I have access to a wide range of
standard UNIX tools. However, I do NOT run PGP on these machines!

Rather, I run MacPGP (or PGP on my DOS machines, in emergencies, or
even "MailSafe" in rare circumstances) on my *home* machine, after first
downloading the mail with "Eudora 2.0," a nice off-line mail reader.
It still takes several steps, as most of you can imagine. 

I don't plan to start using PGP on insecure machines, even with a
shortened "UNIX-grade" key. Especially not for a mailing list, where
encryption is pointless (except to increase encrypted traffic a bit).

Downloading and then decrypting 100 or more messages a day is not a
viable option, and such a move would cause me to unsubscribe from the
list rather quickly. (To clarify this: I read the list with "elm,"
when I am on Netcom doing other things as well, like reading NetNews,
and am thus able to delete about half of all messages before
eventually--every few days, typically--dowloading the whole batch.
Encrypted traffic would make this screening and immediate response
much more difficult.)

If Nathan is running PGP on a multi-user system, such as campus
machines at Ohio State, he is likely deluding himself about actual
security. Others at the site may already have his private key and
passphrase captured. If he is running PGP on his own private machine,
with good Net connectivity, congratulations. Most of us--I think it's
safe to say--don't have these options. Many are reading from
university accounts, from commercial services like CompuServe, and
even from multiple services (depending on location). Not running PGP
on each and every message doesn't mean we're lazy--it means we've got
better things to do with our time.

As for Nathan Loofbourrow's charge that this must mean I am lazy
and/or software-challenged, I suggest he try writing more posts for
this list and/or writing code. 

Sorry to sound harsh, but calling us lazy and software-challenged is
not addressing the real issues.


--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
[email protected]       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."