[3143] in cryptography@c2.net mail archive
Re: Top Pentagon official declares no one has a right to secrecy.
daemon@ATHENA.MIT.EDU (nobody@nsm.htp.org)
Wed Aug 5 09:38:57 1998
Date: 5 Aug 1998 04:36:50 -0000
To: cryptography@c2.net
From: nobody@nsm.htp.org
>>>>> Steve Bellovin <smb@research.att.com> writes:
> I rarely use PGP for routine mail because of the difficulty -- not
> the difficulty of using PGP, but of using it on an adequately-
> secured platform...
Thank you for a well-thought-out note (securemail.html) on email
security. I realise that your emphasis on machine security was
intended to point out that protecting the mail en route doesn't
address all email security issues, particularly in larger networked
business environments.
But for many applications, protecting the transmission path is the
biggest concern. All countries perform some amount of monitoring of
network traffic flowing across their borders. Mail to and from
particular users and domains is easily and undetectably intercepted,
and may be inadvertently seen by many system administrators along the
way.
Hard disc encryption on our laptops is de rigeur, of course; but
frankly, the government in San Salvador doesn't want the fuss that
would accompany raiding our homes and seizing the machines. Just like
the FBI, they really prefer untraceable (illegal?) interception. And
when terrorists knock down your front door at 5 a.m., physical
computer security is likely a moot point, anyway.
Encryption of the communication channel and encryption of stored data
are not entirely independent issues; but for a large subset of email
security problems, it's certainly appropriate to treat them as
separate issues.
