From: Phil Fraering <pgf@tyrell.net>
To: fc@all.net
Message Hash: df0c0f806fb11157a286a3c59dc822a22b4dd0a46590036f93196f8dc2f226de
Message ID: <199508012153.AA26490@tyrell.net>
Reply To: <9508012013.AA14958@all.net>
UTC Datetime: 1995-08-01 21:58:06 UTC
Raw Date: Tue, 1 Aug 95 14:58:06 PDT
From: Phil Fraering <pgf@tyrell.net>
Date: Tue, 1 Aug 95 14:58:06 PDT
To: fc@all.net
Subject: What do I use?
In-Reply-To: <9508012013.AA14958@all.net>
Message-ID: <199508012153.AA26490@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 1995 16:13:09 -0400 (EDT)
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
Content-Length: 1941
Sender: owner-cypherpunks@toad.com
Precedence: bulk
> So Dr. Cohen, what do you use when you want to send a message across
> the Internet with better security than cleartext? What do your
> recommend to others?
I use different techniques when different levels of protection are
required, and I definately don't use the Internet for anything that is
really vital because of the ease of gaining intelligence indicators
based on traffic analysis.
So you don't trust the remailers? Is this because you don't trust the
remailer implementations or because you don't trust digital mixes in
the first place?
I never recommend a solution without knowing a fair amount about the
specific challenge it is supposed to address. I typically start with an
understanding of the general environment, the financial and/or human
issues, the threat profile, the protection environment, the other
dependencies and protection factors, and other factors related to the
reasons for protection. Once I have this understanding, I make value
judgements about how much I trust things relative to the requirement for
trust and other limitations presented by the situation.
Actually, it sounds like you don't use anything that can be used by
someone not a professional old-time cryptographer.
Phil
Return to August 1995
Return to “Phil Fraering <pgf@tyrell.net>”