[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Children's Letters to Benificent Stalin"



>To my knowledge, no serious barium testing has been done of either the
>remailers or PGP, among other "secure" privacy measures.  

And a good thing too for the remailers, since they're not secure yet.
This is not a problem, however.  There are two often overlooked
aspects of crypto deployment that the current remailers satisfy
nicely:

1) People have to get in the habit of using security tools.
2) The non-cryptographic software infrastructure has to support security tools.

For practical purposes, these two aspects are more important than the
actual security of the systems created, because the best system is
worthless if it goes unused.

The remailers work sufficiently well to satisfy these two criteria,
well enough to support transparent encryption and remailing in the
mail user agents, e.g. elm, rmail.  Unfortunately, progress along
these lines has been slow.  The problem is not primarily technical,
however.  The way I see it, this is yet another manifestation of one
of the really bad social values in the Unix and Internet community.

Namely, that integration and ease-of-use just aren't cool.  Value and
respect are accorded to those endeavors which require high levels of
abstractional difficulty or complex optimizations, not to the person
who rights an auto-installation routine.  There is something of a
contempt for the person who's installing software if they can't just
tweak the Makefile or some configuration headers a bit.  Very few
programs don't take some greater or lesser skill as a programmer in
order to get working.

And Unix-lovers wonder why more people don't use Unix.

This hierarchy of value mimics society at large, where design
engineers are accorded much more respect that manufacturing engineers.
A design engineer creates a nice product and gives it to someone lower
on the chain to figure out how to make.  This is changing somewhat,
but the placement of design over manufacture is still firmly in place.

Let me praise Sameer Parekh here for writing an auto-install script
for the current remailer.  His work is not finished, but it's better
than nothing.

Also let me critique the ease of use of some of the other crypto
applications we have.

As far as interface goes, PGP sucks.  I've been trying to get a good
system running on MSDOS to read my encrypted mail more easily.  When
PGP gets an error, watch out, and don't expect predictable behavior.
PGP doesn't have enough separation of function to determine what the
problem is in an automated fashion.

Installation of Secure Drive requires, to my knowledge, futzing with
disk partition tables in order to use it on an existing harddisk.
More programmer skills.  The makers of this and similar efforts should
find some code for a disk defragmenter and write a program to
automatically create a partition, safely moving the existing
information out of the way or over to the other partition.

The remailers, and regular encryption of email, for that matter, are
going to remain mostly unused until these capabilities are integrated
into the average mail user agent, and then become part of the standard
distributions for these packages.

And lastly, for those that might want to call me a hypocrite, remember
that I'm working on packaging digital money into a business, the
necessary and inevitable ease-of-use packaging for this technology.

Eric