[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PRZ encrypted voice software release imminent

>I can't violate my NDA, but PGPFone will be a *major* revolution for
>communication security. I would not be surprised to see several hundred
>thousands of users. PGP will plale in comparison.

I sincerely doubt this. if someone could find a way of doing 
voice encryption through simple idiotproof hardware adapters
(I am thinking of cups that you could attach to any standard phone)
the voice encryption will not be widely used, I think.
there are very many PGP users right now, say at least in the
tens of thousands if not hundreds of thousands. the 
requirements for live voice encryption are pretty significant:
a fast computer and fast modem. this alone is only a subset
of those people using PGP right now. also, I doubt there are
going to be few people who use PGP phone but not PGP software.

the real holy grail for voice communication encryption is
when this stuff starts to get integrated into the real 
phone system, or people start making hardware that is
cheap and self contained and idiot proof. "but it's difficult
to make anything foolproof, because fools are so ingenious" <g>

the actual phone networks, because of political pressure, 
certainly are probably going to be the last entities on 
earth to use hardware that makes encryption built in.
(well, assuming they don't get all that cash from the 
government to built in key escrow). 

what I think would be cool, and I'm sure everyone here would
agree, is a "back door" way to encryption. one example:
it used to be that slip providers were charging a lot of
money. then the authors of TIA (Internet Adaptor) discovered
they could simulate SLIP over a unix shell account without
a significant performance penalty (i.e. it was possible).
voila!! slip for everyone, *regardless* of what the provider
wants or tries to manage. then, someone did this for
*free* in public domain SLiRP software.

this is an extremely useful model: "big fish provider" gives
a capability that people want, namely processing time and
disk space. they think they can regulate the uses of their
system, but if there is enough degrees of freedom, they 
cannot, and people can actually simulate the services they
want on the system regardless of what the system operators
wish to control or not control.

with the phone system, the analogy is that the communication
networks are providing bandwidth, and while they would like
to control things like voice vs. data vs. encryption, they
*cannot* if their capabilities are suitably diverse (and
it is virtually impossible for them *not* to be).

when someone invents cheap hardware that you can just plug
on top of any existing phone, i.e. "the phone adaptor", TPA?,
*that's* when the world is going to go crazy with crypto.
all this stuff that requires lots of hardware can be used,
but the thing that will cause *everyone* to use it is when
someone invents a TPA. I'm very, very surprised that no 
one has tried to do this yet.

\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <[email protected]>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html