[liberationtech] Guardian reporter delayed e-mailing NSA source because crypto is a pain
Paul Bernal (LAW)
Paul.Bernal at uea.ac.uk
Wed Jun 12 01:53:09 PDT 2013
This all rings very true for me: I'm a legal academic, and barely a geek, and in reality I barely ever use crypto. I was at the Privacy Law Scholars Conference in Berkeley last week when the PRISM story broke, and we had a special session at the end of the conference to talk about what we knew - and someone asked about 'user-friendly crypto' and there was a kind of laugh/cheer around the room. Everyone knows we want it, no-one believes it's there.
Paul
On 12 Jun 2013, at 09:27, "Andy Isaacson" <adi at hexapodia.org> wrote:
> On Tue, Jun 11, 2013 at 07:11:49PM -0700, Gregory Maxwell wrote:
>> On Tue, Jun 11, 2013 at 6:56 PM, Kate Krauss <katie at critpath.org> wrote:
>>> It's really easy to use these tools if you already know how to do it.
>>
>> I've been using PGP since 1994, if not earlier. In more recent times
>
> 1998, here.
>
>> it's become a regular part of my workflow in discussing security
>> critical bugs. I am a programmer and a computing expert.
>
> I use gnupg daily.
>
>> I do not consider the tools easy to use at all ...
>
> I routinely, and frequently, still get bitten by design bugs,
> implementation bugs, and UI bugs which continue to make the PGP
> ecosystem effectively unusable. I cannot recommend PGP for routine use
> to anyone outside of the security community, and I don't think I know
> anyone who has used it consistently for more than 2 years without
> encountering a serious data/comms loss due to PGP bugs or gotchas.
>
> -andy
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
More information about the liberationtech
mailing list