Re: Introducing newbies to encryption (was: Re: anonymous credit)

[Eric Nystrom <enystrom@aurora.nscee.edu>]

On Mon, 14 Apr 1997 ichudov@algebra.com wrote:

> Multiuser Unix Security == No Security.
> 
> Your users may have illusions, but not true security.
> 
> First thing I'd suggest is to explain them that nothing that goes through 
> that central unix machine is truly secure.

It's absolutely true that nothing on a centralized Unix machine is truly 
secure.  However, is abandoning all pretenses of crypto and security in 
favor of holding out for a utopian ideal really the best solution?  Does 
using encryption for email on multiuser machines actually hurt the cause 
of the security community in the long run?

(I'm not asking rhetorical questions here -- I'm truly looking for some 
thoughts on this.)

-Eric 

--
Thus the time may have come to abandon the cool, measured language of
technical reports -- all that talk of "perturbations" and "surprises" and
"unanticipated events" -- and simply blurt out: "Holy shit!  Ten thousand
years!  That's incredible!"
			-- Kai Erikson, _A_New_Species_of_Trouble_, 1994.