I think I need to be filled in on the history of PGP, as I'm considering addition of encryption to my security setup. Wasn't there some issue with the US government demanding access to the source code or something like that, and prohibiting the software to be sold abroad? I think that was a long time ago, before 9/11. What was the outcome of the hassle? Did the government back down or are they and their allies currently able to monitor our PGP-encrypted communication? It's not that I'm paranoid or even worried, it's just that I don't want to make things easy for the notorious morons of my own country's state security police, should they ever become interested in me, they really don't deserve any friendly gesture.
about PGP There are recent reports that the authorities currently don't have any back door keys for PGP. some one was caught with files named child porn on his laptop at an airport and they cauldn't prove that it was child porn because they cauldn't get pass PGP. http://www.abovetopsecret.com/forum/thread334218/pg1 http://www.redorbit.com/news/techno...childporn_case/index.html?source=r_technology http://www.news.com/8301-13578_3-9834495-38.html
Thanks for replies. I'm not personally acquainted with mr Zimmermann, so I don't know how good his word is. And I suppose child porn would be a concern of the political police only if they could use it to get at somebody already targeted - if they got the means to crack PGP I doubt they'd be willing to share them with the police proper. Oh well, no big deal for the time being - I've got blue eyes and a non-Arabic name.
PGP Corporation and Phil Zimmermann. As for PGP's current parent entity, PGP Corporation, I trust them to do cryptography the right way; if their solutions suffice for you, I have no qualms about saying, "Go for it." You're going to have to place trust in an entity of some sort, and I'd say they're as good as you're going to find. The reasoning is simple: We want cryptographic solutions that are fielded by competent, seasoned developers, and analyzed by those of the same caliber. As for Phil, he's a competent guy, when it comes to the issues surrounding cryptographic implementation, how to do it properly, and how to maintain it, from design to deployment and beyond. "Beyond" being the relationship between the consumer and developer, which he understands intimately. His word is good with me. When I wrote, "On Shifting 'Windows' and 'Security' from Less Antonymous to More Synonymous," Phil provided some insightful adages, regarding the above. (If you read Microsoft TechNet Magazine, the article was adapted for the Security Watch column of October 2007's issue.)
Re: PGP Corporation and Phil Zimmermann. Thanks for your input. Since everybody vouch for PGP I'll stow away my misgivings. And, by the way, thanks for the link. Good reading, nice site, and I can add the word 'cynosure' to my English vocabulary.
