[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
What do I use?
From: [email protected] (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 1995 16:13:09 -0400 (EDT)
X-Mailer: ELM [version 2.4 PL22]
Sender: [email protected]
> So Dr. Cohen, what do you use when you want to send a message across
> the Internet with better security than cleartext? What do your
> recommend to others?
I use different techniques when different levels of protection are
required, and I definately don't use the Internet for anything that is
really vital because of the ease of gaining intelligence indicators
based on traffic analysis.
So you don't trust the remailers? Is this because you don't trust the
remailer implementations or because you don't trust digital mixes in
the first place?
I never recommend a solution without knowing a fair amount about the
specific challenge it is supposed to address. I typically start with an
understanding of the general environment, the financial and/or human
issues, the threat profile, the protection environment, the other
dependencies and protection factors, and other factors related to the
reasons for protection. Once I have this understanding, I make value
judgements about how much I trust things relative to the requirement for
trust and other limitations presented by the situation.
Actually, it sounds like you don't use anything that can be used by
someone not a professional old-time cryptographer.