Phil Zimmermann's post-PGP project: privacy for a price

[noone_particular]

Quote:

We are talking now about levels of security not needed by the average! ...still interesting though!

How far should we take this? Can you trust the compiler and the binaries? What guarantee is there that it isn't infected or deliberately compromised by design? What about the OS? Vendor completely trustworthy or did they give the NSA a backdoor? How about the hardware? Are there Chinese backdoors in the hardware, chipset, drivers, etc? What about a long range camera on a cell tower looking in your window? There's levels of security and there's degrees of trust, but there are no guarantees. Each person has to decide where that line is for them. Every person has different criteria when deciding who or what to trust.

[chronomatic]

Quote:

Originally Posted by danleonida

Oops! That’s not my definition and neither Zimmermann’s in early 90s. What I and he meant in the 90s is a network of trusted sites (in Canada he used the CBC) supplied with a ‘golden’ copy of PGP in a very secure/trusted fashion. One would download PGP from wherever and send it to one of these sites for ‘authentication’. End user only has to trust Zimmermann and all trusted BY him!

Think about it for a minute! Let’s say you want to distribute something like PGP. All your incoming/outgoing traffic goes through intermediate, likely gov-cntrl’ed sites. How difficult do you think it is for these sites to intercept requests for download and replace original with gov-approved versions of the same?! Piece of cake!

That's easily deterred by having the developer sign his packages and source code. Once you download it you check to make sure it is signed by the correct key. Of course, you need to have a way to find out what the correct key is in the first place, but that's easy enough to do with the Web of Trust (or with a phone call to the developer, etc). There's no need to send the package back to him for verification if he is signing them in the first place.

Quote:

That doesn’t sound right to me!

What’s to stop, say, a bad pornography site from doing same? Again, remember I’m only an amateur Internet security dilettante! EE by training.

Nothing's stopping them. A self-signed cert simply means you generated and signed the cert yourself (no third-party involvement). Of course, this means it will be hard to tell whether it is a legitimate cert from the website owner of if you're being MITM'ed. Most of the time self-signed certs are TOFU (Trust on First Use). Add-ons like Convergence can help verify self-signed certs by checking the cert from various machines around the world. If they match, then there is a high probability it is a good cert (it would take a powerful entity to pull off a MITM on that scale).

[noone_particular]

Quote:

A self-signed cert simply means you generated and signed the cert yourself (no third-party involvement). Of course, this means it will be hard to tell whether it is a legitimate cert from the website owner of if you're being MITM'ed. Most of the time self-signed certs are TOFU (Trust on First Use).

If I understand it correctly and assuming that you accept the initial self signed certificate, the possibility of a certificate authority creating certificates for government agencies and such is eliminated.

[danleonida]

Quote:

Originally Posted by noone_particular

How far should we take this? Can you trust the compiler and the binaries? What guarantee is there that it isn't infected or deliberately compromised by design? What about the OS? Vendor completely trustworthy or did they give the NSA a backdoor? How about the hardware?

Compiler/bin's? Yes, if they produce identical results.
OS/vendor/hw? Yes if NOT online.

Quote:

Originally Posted by noone_particular

...backdoors in the hardware, chipset, drivers, etc?

You bet! So be careful! Stay offline. They all are -- like another poster said --- "surveillance friendly"!

Quote:

Originally Posted by noone_particular

There's levels of security and there's degrees of trust, but there are no guarantees. Each person has to decide where that line is for them. Every person has different criteria when deciding who or what to trust.

I agree! I don't however see why one should no be looking at the best that can be done! Draw a baseline in the sand then stay a confortable distance behind. We are just chatting on a forum and not brainstorming over national security strategies!!

[danleonida]

Quote:

Originally Posted by chronomatic

That's easily deterred by having the developer sign his packages and source code.

I'm at a loss here because I don't know enough about digital signitures and therefore I don't fully understand what's to stop Eve from just copying it! I'll look it up, though!

Do you happen to remember when Zimmermann stopped using the authentication network and why?

[silat]

Quote:

Originally Posted by box750

The quoted $20/month price is well above my budget but I am glad they are charging for their services because I don't believe it is possible to provide a quality and reliable service or product with no economical incentive.

box do you mean in general or just for this particular business?
If you mean in general then I completely disagree. Many quality and reliable services have been provided that were not of the profit motive.

[danleonida]

Quote:

Originally Posted by chronomatic

That's easily deterred by having the developer sign his packages and source code.

Quote:

Originally Posted by danleonida

I'm at a loss here because I don't know enough about digital signitures and therefore I don't fully understand what's to stop Eve from just copying it! I'll look it up, though!

I did the looking up and I think I got it now! Thx.

Q: Why in the world did Zimmermann use the cumbersome authentication network when he released PGP in the 90s? Hashing and private/public keys were well known then!

I still have a nagging feeling I'm missing something!

Help anyone?!

[danleonida]

Quote:

Originally Posted by danleonida

I still have a nagging feeling I'm missing something!

Help anyone?!

Well... The nagging feeling is still is still there, so I'm 'nagging' you all! :>)

The question is the same as in post above:

"Why in the world did Zimmermann use the cumbersome authentication network when he released PGP in the 90s? Hashing and private/public keys were well known then!"

[Edit.1]Possible answer in my mind, at least, is that an 'authentication network' is more secure than a digital signature!! Am I correct in that? [/Edit.1]

[box750]

Quote:

Originally Posted by silat

box do you mean in general or just for this particular business?
If you mean in general then I completely disagree. Many quality and reliable services have been provided that were not of the profit motive.

There are great free quality software out there, I use dozens of those tools myself but product continuation and development is not guaranteed without a business model. I know lots of excellent privacy projects that have become abandonware or is hardly updated. For example, I don't think it is an accident that my excellent PCTools firewall free version was discontinued 2 years ago.