1997-10-05 - Re: Pretty Good Piracy

Header Data

From: nobody@REPLAY.COM (Anonymous)
To: cypherpunks@toad.com
Message Hash: 8b0aee7abf7cc5ab91f31d0f98ea26bfe5369db47db6815b89d9fcd5c5e87528
Message ID: <199710052237.AAA03819@basement.replay.com>
Reply To: N/A
UTC Datetime: 1997-10-05 22:55:08 UTC
Raw Date: Mon, 6 Oct 1997 06:55:08 +0800

Raw message

From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 6 Oct 1997 06:55:08 +0800
To: cypherpunks@toad.com
Subject: Re: Pretty Good Piracy
Message-ID: <199710052237.AAA03819@basement.replay.com>
MIME-Version: 1.0
Content-Type: text/plain



Ryan Anderson wrote:
> Okay - the only difference between this and a normal version of PGP is that
> it always encrypts to a certain key-id, in addition to all others.
> 
> That's the only weakness you'll see in it.

It's the only weakness that's needed to compromise all the keys.

> So stop bitching about a feature that business is going to require before
> rolling out PGP to the whole enterprise.

I don't have any problem with the feature, only with the use of the 
PGP reputation capital to directly promote it. If they wanted to call 
it 'Pretty Corporate Privacy' then the name would reflect its purpose.

Security, in regard to privacy, is an all-or-nothing issue. As such, 
I do not find it acceptable to apply the same standards of promotion
and dissemination as with less important types of software.
The fact of the matter is, the product has nothing to do with the
privacy of the individual using it, only the privacy of the
corporation. This is an important distincion which should not be
subject to confusion with a product by the same name which is noted
for providing a secure level of privacy for the individual.

I would wager that promoting a false sense of security, or an incorrect
view of the levels of security and trust involved in company software
will do more damage than the occassional loss of keys will.

Again, the product does not provide 'Pretty Good Privacy,' it does
provide 'Pretty Corporate Privacy.'

PrivacyMonger






Thread