1994-02-16 - Re: Wide Spread use of PGP

Header Data

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
To: cypherpunks@toad.com
Message Hash: 146610e2ff4480ca022812d04a3fc49ca4dd6fd9d9cf27d19aa40d15ad6db899
Message ID: <9402160253.AA08814@anchor.ho.att.com>
Reply To: N/A
UTC Datetime: 1994-02-16 03:29:47 UTC
Raw Date: Tue, 15 Feb 94 19:29:47 PST

Raw message

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Tue, 15 Feb 94 19:29:47 PST
To: cypherpunks@toad.com
Subject: Re:  Wide Spread use of PGP
Message-ID: <9402160253.AA08814@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


I agree with those who disagree with Bob Cain about use of PGP on insecure
machines (i.e. machines you yourself don't control.)
Yes, it's less secure than using it on a machine you control yourself.
But it still gives you *some* security - for instance, if your correspondent
is in some country with limited freedom of speech, such as China or Canada,
your crossborder conversations are protected.  Sure, the NSA will tap them,
but as long as they're not tapping netcom's internal networks, and you're
dialing in rather than telnetting in from somewhere else (sending your
passphrase across the entire internet for the FBI\\\BadGuys to wiretap),
you've gained some security.  Of course you should use a personal
machine with good security on it to discuss overthrowing your current
government or trading in politically incorrect substances, like money.
But even so, it increases the use and acceptability of encryption,
and makes you more accessible for people in other not-sufficiently-free countries.

[Note - I'm just picking on netcom because they're a popular service
used by hundreds of subscribers.  I'm not aware that they're being wiretapped,
and I suspect that the legal implications of trying to do so would be
interesting.  Tapping their Internet connection would be legally easier than
tapping their phones, though.]

[Blatant Quasi-Commercial Mention:  Some 10baseT hub vendors, starting with
the AT&T SmartHub but followed by others as well, provide a no-eavesdropping
feature, which prevents packets from being sent to incorrect destinations.
Unlike bridges and routers, which limit traffic, the SmartHub replaces the
data field with 10101010...., which it can do faster and less expensively
since there isn't the complication of buffering, etc.
One use in a dialup networking environment would be to put the
herd of terminal servers and cpus on smart hubs, which limits the damage
that can be done if some user breaks a system and starts snooping the net,
since he'll only see packets for the machine he's on and not the whole 
broadcast.  Obviously, in a larger environment, routers, etherswitches, etc.
can handle more traffic, but the different technologies can be used together.]

		Bill
# Bill Stewart  AT&T Global Information Solutions, aka NCR Corp
# 6870 Koll Center Parkway, Pleasanton CA, 94566 Phone 1-510-484-6204 fax-6399
# email bill.stewart@pleasantonca.ncr.com billstewart@attmail.com
# ViaCrypt PGP Key IDs 384/C2AFCD 1024/9D6465





Thread