From: nobody@rosebud.ee.uh.edu
Date: Mon, 30 Aug 93 08:43:45 PDT
To: cypherpunks@toad.com
Subject: Re: Practical security, Internet commercialization, etc.
Message-ID: <9308301541.AA02264@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At  8:38 PM 8/27/93 -0700, Nick Szabo wrote:
>Paul Ferguson:
>> The biggest threat to any security, on any basis, is the threat of
>> human nature. The chances of someone factoring your PGP encoded
>> message is somewhere in the range of slim-to-none, but the chances
>> of someone (you) -physically- compromising their key is much, much
>> higher.
>
>I'd like to strongly second this
>The most important
>cypherpunks issues are being almost completely ignored by these academics: 
>practical implementation of remailers, most issues dealing with software-
>based digital cash, reliable key handling, trustworhy key distribution,
>construction of "webs of trust", implementation of these schemes with 
>all of their pitfalls (legal, social, etc.), commercialization, etc.
>
>In most of these cases, the protocols (ciphers, remailing mixes, 
>digital cash, etc.) can theoretically be "broken" by a powerful
>agent, but the real question is what practical, cheap steps can we take 
>to make things more expensive for those with little respect for our
>privacy or liberty. 

Yeah, its an arms race, and we don't have time to wait for the ultimate
weapon. Similarly, it doesn't matter how ultimate the weapon is in the
hands of someone who doesn't know how to use it. I wish that the generic
security advice was separate from the IBM-flavored instructions in the PGP
manual. It's very tedious for a Mac user.