Good evening everyone. Tonite we're going to talk about privacy, in theory and in practice. In the first part of tonite's discussion, we'll be talking about what privacy is, and what are the moral, social, and political principles relevant to privacy. We'll also discuss some of the legal ramifications of privacy principles, by way of a critical examination of current legal practice. The second part, which will be more informal, will be a presentation of techniques and technologies that you can use to help protect your privacy. We'll be looking particularly at a popular software package called PGP, short for "Pretty Good Privacy". It enables you to engage in secure, authenticated communications with others, and also lets you secure files on your PC. Ok, let's start with the theoretical stuff by... jumping right into practical politics, and working backwards. :) Let's start with something very concrete: Canada's "interception" laws. In Canada, it is a crime punishable by five year's imprisonment, to "wilfully intercept a private communication" by any means. "Private communication" means any communication made under circumstances in which the originator expects it not to be intercepted by anyone except the recipient. In practice, this means: (amongst possible others) telephone conversations, mail, private conversations in non-public places, and probably email. Now, before we delve into this subject in detail, I am interested in some preliminary "gut think" :) responses to this -- does this law seem valid to you? invalid? why do you think so? Valid... hard to enforce i have a gut reaction against any law which is triggered by the inner mental state of the victim who does it apply to? all including govt? Peter: why do you think it is valid? I think that the government should protect the interests of people strat: what do you mean exactly? what if I were communicating sensitive business information, and an interceptor profited or caused me to lose? - as individuals Picking privacy as an end in itself could cause problems. Brad, does this include such things as cellular phone transmissions? or -- strat makes an interesting point -- let's say that intercepted communication can or might cause anguish -- well, lying to your friends causes anguish too, should lying be illegal? of course not. Peter: I'm not sure -- those can be scanned with easily available equipment, so it might be argued that the sender has no "reasonable" grounds to expect privacy and the question is where you draw the line. that kind of standard is non-objective. True. However, is it not a private line, of sorts? All interesting points -- privacy is definitely not a trivial issue. Let's move on, and I'll raise a few more points... One of the most immediate and obvious issues related to privacy is property rights. it also poses problems that store and forward communications for other people, such as web hosting companies. it places a legal obligation on them to know whether or not any of their customers would be 'anguished' if a particular piece of For example, if Bob sends Alice a letter, it is Bob's property being delivered into rightful ownership of Sally. But what exactly is the property? dissiminated, leaked, etc. er, problems for companies that, rather Everyone would probably agree that if I physically opened the letter, read it, and resealed it, then I have violated Bob and Alice's rights. But what if I just x-ray it? The letter itself is completely unharmed. Bob and Alice need be none the wiser. Whose rights have been violated? What rights? Which rights, though? Property rights? Subetai: in physically opening it? don't you think property rights have been violated in that case? Are privacy rights a part of property rights, I suppose the question is If it is my property, do I have the right to deem it private? Peter: indeed -- excellent question and should others respect that? Imagine that Bob and Alice are sitting by themselves in a large park, talking. Yeah, property rights have been violated there. I'd like to say though, that I don't think there's a right to privacy as such. I don't see how it could be yr. property unless you could deem it private and control who received the information Unbeknownst to them, Mallet is surreptitiously listening in on them with a parabolic microphone. Is Mallet violating their rights? yael: well, I think I will make a fairly good case for this... If it is a place that they know in which there are going to be others listening in, then I would say no We've all seen enough movies in that regard to know better Peter: what about cell phones then? Peter: Yes, I agree, but I am speaking about being far from any other people. Ah Hard to draw the line there, Brad Whose property is the park they are in? Think back -- it would probably fit the standard of Canada's interception law -- note, I'm not accepting that as any kind of proof or axiom, but I will make my case... Mallet certainly isn't assaulting them. They are in a public place, so he isn't trespassing. He is not beaming anything *into* their space. yael... for cell phones, it is at least a private line between the two communicators Unless you begin to dispute who owns the airwaves yael: it is a public place, which has not otherwise been declared subject to monitoring Peter: but it's common knowledge that they're really easy to tap into...so is it the responsibility of the ppl. talking? It has only become common knowledge in the fairly recent past (to the masses) Which of course begs the question of should there be a time-limit I'll come back to this example... What principle would you use to establish whether rights are being violated? In THE WEALTH OF NATIONS, Adam Smith eschews any form of taxation that would require inquiry into a man's affairs or papers. Subetai: I'm getting to that now... ok He specifically intoned on the sacredness of a man's papers. The Founding Fathers of the United States, contemporaries of Smith, felt equally passionate about the sanctity of a man's papers. At the core of the issue of privacy is a simple but profound principle. Privacy is a special kind of right, akin to intellectual property rights. It is the freedom to an underrated often overlooked corollary to the freedoms of expression and association: the freedom to *not* express and to *not* associate. Let's look at this in some detail, because it has ramifications beyond the issues we've discussed so far. People associate with and make expressions to others, because they have concluded that it is in the interests of their life to do so. But these are just instances of one acting in pursuit of values in accordance with rational principles. One can equally pursue a value by concluding that it is important to *not* express or reveal something, or to *not* associate with someone. For example: I express my views on philosophy and politics in public, because I have determined it is in my interests to do so, for various good reasons. But I don't publish my bank account number, the details of my romantic life, or the communications people send my privately. I have determined, in every case, that it is *not* in my interest to do so. Choosing with whom one will associate and cause to benefit from one's own initiated action, is a profoundly selfish necessity. It is, most dramatically, the core of romantic love, which is the highest example of, in Rand's term, "value by exception." But it goes on down in lessor, but also important forms. Let's go back to Bob and Alice in the park. When Bob decides to speak privately to Alice on that park bench, he is making an assertion of his sovereignty. He *chooses* to speak to Alice and specifically to no one else, and should be able to assume that his choice is not abrogated. Imagine that Bob is expressing his love to Alice. Or maybe he is proposing a new business arrangement. whatever -- If Mallet were to approach them, the two would break the private discussion, and likely rebuff Mallet's request to listen in. So by intercepting the communication, Mallet is essentially taking something of value that has not been granted him, and that he has no reasonable cause to belive would be granted to him, if he asked. And what do we call someone who takes something of value without permission or under false pretenses? And in using technology to listen in from afar, he is already conceding to this point, correct? Why, a criminal of course. Comments and questions are most welcome, at this point. yes peter Peter: exactly -- he has not asked the two for permission to be a third party to their conversation Then you would say that no matter what information he gains from his activities, he is acting illegally so strat, I would say that the issue is not "mental anguish" or something rather non-objective like that, but is more akin to fraud Peter: yes, I would I need to understand this in terms of rights. What about in a situation where somebody would recieve the information anyway? yael: such as? Like kids sneaking around looking to see what their parents bought them for Christmas. Under Canada's privacy law, it would also be a crime (although not as severely punished) for Mallet to disclose or use any of that intercepted material, or even to diclose it existed. They'd find out eventually anyway. Subetai: By intercepting their communications, he is violating their rights to expression and association. yeal: but they have not been given permission as of yet to find out is the key In the US, too, it's illegal to tape anything w/o getting consent on tape of the ppl. you're taping Brad: Would that not follow from the law that it is illegal to obtain such information? peter: the name is yael -anyways? My apologies He is, in essence, forcing an association on them (with him), and forcing expression on them (to him, or those to whom he will disclose), that they never agreed to. Isn't it legal, in some US states, to record conversations if only one party is aware of the recording? Yes, but it seems like limiting other people's actions excessively, because they decided to sit and talk in the park. Peter: yes -- there are several sections outlining under what conditions it is lawful to obtain such information -- mostly related to judicial proceeding and such simmons; i looked into it a few yrs. ago and it wasn't, in the state of pennsylvania, then Brad: I do not understand. Would you mean obtaining information in order to use in a trial? simmons: In Canada, either party can authorize, implictly or explicitly interception -- in other words... oh yeah, except the govt. can tap yr. line but they need a warrant it is *not* a crime (under this law), for me to lead you to believe I sent you a private message, when I knew someone else would receive or intercept it Imagine the contradictions otherwise -- for example, if I sent a message to Bill Gates, and his secretary read it, I could charge her with "interception", because I addressed it to Gates! no, it's with his consent But what if you do not know that? it's illegal to open a letter adressed to someone else *without their consent* I have problems with the idea of extending the "freedom of non-association" to include guarantees on privacy in public parks. Subetai: The law does not require people to avoid contact with people talking on park benches -- it forbids interception *where the parties have reasonable grounds to assume privacy* -- it requires an overt act of wilful interception yael: What if I were to send a message to a person, and expected it to remain private, but the conesnt that they gave caused several people to read it? Peter: re obtaining -- yes -- for instance, if a court authorizes a wire tap, the person who does it is then immune Peter: don't see how that should be illegal. even if they agreed beforehand to keep it private, aren't you giving them that property (piece of paper or what not)? Brad: Then it is the court that is authorizing an illegal act? Though it definitely is illegal for some things - like medical records, for instance yael: How can it be illegal for one thing and not another? Where do you draw the line? I think "wilful" needs to be more rigorously defined, then. Peter: It is *my* responsibility to determine whether you agree and can have a private communication. Peter: There are provisions for lawful interceptions, like wiretaps.. we'll get to those. Peter: Because when I release medical records I do so knowing that they will not be revealed. It's officially stated and weights heavier than saying "promise not to tell?" to a friend yael: This is true, after it has been read. But what about beforehand (such as the case of the secretary) What are the limits of privacy? This issue has been getting a lot of press as of late, particularly with regard to encryption technology. Let's start with wiretaps. First, do you think law enforcement officers (LEOs) have the right to intercept communications, assuming appropriate judicial oversight? Why or why not Peter: well I think if a person said that nobody would read the letter and then let their secretary open it, it would be different than if it happened accidentally If two people go sit on a park bench, not realizing that someone else is sitting nearby, and have a private conversation which the other person overhears, that is no crime. Even if he doesn't announce his presence but listens to their co Same thing should apply if it's some nature-lover with a hearing amplifier nearby. So "wilful" should include something to rule out those things. What if it was someone who intentionally placed the amplifier to listen to the conversation? Is that different? Subetai: That is why there are two separate laws: one for interception, and one for disclosure Okay, but I was talking about interception so far. You could probably use lack of criminal intent to defend against an interception charge, but not a disclosure charge' Yes. And I'd say there shouldn't even be a charge in such cases. It wasn't your fault that you were in what they thought was a private zone. But that still doesn't give you any rights to the contents of the communication -- it is back to the individual having the right to control their expression and as That is disclosure, and there I agree with you. Subetai: Yes, I agree, to interception. And if you didn't disclose, I'd also agree no crime had been committed. ok ok, back to LEOs -- should LEOs have the right to intercept? i.e., are wiretaps legitimate? would they exist in a fully free society? To prevent the commission of a crime, yes. So if you overhear someone talking abt. a good recipe or something, you can listen but you can't try it out? or does that count as public knowledge? or if they're discussing a book or something. yael: interception is interception, via any means, physical, etc. Subetai: How would you define the process for predicting the participants of a crime? Well, "preventing a crime" is VERY dangerous and vague notion... I'm saying there should be valid grounds for suspicion, Peter. It's like keeping tabs on a suspected criminal in other ways. Shadowing him, taking pictures of people he meets with, etc. I read some conspiracy theory article abt. how there are devices that can start recording phone conversations as soom as the words "conspiracy," "assassination" or "bomb" are used. In Canada, the law states what information must be sworn in a deposition to obtain an intercept order -- it must involve investigation of an alleged crime, and the requestor must explain how other methods have been tried and why intercepti Subetai: If this is the case, then you could say that an LEO has the ability to track a person who has committed a crime in his past for any future events of such happening again I'm saying that if you have objective reasons to suspect that a person may be guilty of a crime, or about to commit a crime, then LEOs should have the right to wiretap phones or follow him or investigate him in similar ways. I personally think that legal devices like wiretaps and search warrants are valid, providing a sufficient standard of evidence is met, and provided there are safeguards to protect the innocent. If you're talking about the "objective justification" that's a separate argument. I don't want to discuss all the details, but does anyone disagree with this, on principle? going once... twice... I don't see how their could be safeguards :) to protect the innocent b/c you don't know who is innocent agreed so basically you'd have to go by what ppl. say yael: what I mean, is things like these horrible "commando" style raids, that have killed little old ladies and such when bozo invasion squad gets the wrong address, etc. If you're innocent (having committed no crime) they can't convict you of anything. And there should be rules in place against disclosure of anything they find out about you. which could infringe on their freedom of expression or that protects people who are suspects, but innocent, from undue harm Brad but they could kill innocent ppl. even if it was the right address yael: it is itself a crime to resist lawful arrest -- but i don't want to get into this Yeah you're right, it's complicated A police car chase can kill innocent people too. They should take reasonable safety measures, but there can't be any guarantees. Here is my crucial question: Let's assume for the sake of argument that LEOs at least have the legal right to tap -- but does this imply they must force third parties to assist them, such as phone companies? It's case sensitive, too. ignore that Most importantly, If LEOs have a right to tap, does this imply that secure communications must, therefore, be denied private citizens? No. Subetai: I agree. Can anyone say why? (or disagree?) Well you'd have to tap the person calling, too. There's no way of doing it w/o denying secure communications to some people. Customers that rely upon a company for the privacy that they offer would be underwritten by the government which would be looking into their files I don't think the company ever guaranteed it'd be private. But what if it does? does what? Someone correct me if I'm wrong, but does not current U.S. law *mandate* support by telecom companies for LEO wiretaps? (It may be so in Canada too, perhaps indirectly because a govt commission controls telecom tariffs.) If I call a person via the telephone, is that not deemed as a private communication? Many businesses commit transactions with partners and so forth over telephone lines You might deem it as such but the company never guaranteed it. yael: In Canada, if a telephone employee got caught listening to conversations, without valid reason (say, to check a line for some trouble), they would have committed "interception" and would be liable to conviction/. Peter: telephone conversations *are* indeed, considered "private" in law Brad: right, but I am aware when I talk on the phone that my line or the other person's line could be tapped so is mail Well, even if the phone company doesn't actively cooperate, they are cooperating in the sense of having their property rights temporarily overruled by the judges orders when the tap is installed. The question, though, yael, is is it legal for the government to be able to do so? Ignoring for the moment illegal activities of individuals Subetai: I guess that is the issue I'm raising -- why should the telco be forced to cooperate? Peter: if the persons talking are aware of the possibility I don't see why it would be illegal. B/c they're making the choice to use the phone. if it was illegal it'd be illegal against the phone company. Would one set up a supreme court of sorts to watch over the government's activities in such matters to deem if it were appropriate or not? Subetai: I have accepted that it would be ok for an LEO to *try*, via whatever means available to them, to intercept Joe Bad Guy's communications... but does that mean a third party *must* cooperate? yael: I know that it is possible for people to listen to me talking in my bathroom... however I still deem it to be private and therefore would assume it illegal to listen in Well, how about if a criminal's on the loose and is being chased by the police and wanders onto your land? Can the police demand that you let them check your backyard to see if he's hiding there? Are the telcos in a substantially differe You see, this leads us into a slippery slope -- the notion that highly secure communications must then be *illegal*. hmmm Can something be illegal and necessary? For if the state has an absolute *right* to intercept, and to compel assistance in such, then it almost (or all but) implies that it must be illegal to prevent the govt from doing so. which begs the question of what privacy do individuals have from the government What about the 5th amendment? Peter: re oversight -- Canada has two mechanisms: the court order to intercept, and a requirement that the Attorneys Generals published detailed, comprehensive reports on all their interceptions. Would it not be easier then to simply put monitors on each person? You can't be forced to testify against yourself. Taking the 5th is not an admission of guilt. I could refuse to reveal my PGP password on those grounds. Brad: Thank you. I am personally very uncomfortable with the notion that third parties be allowed to be coerced. What do you think of my example of the criminal on your property, Brad? If 3rd parties are able to be coerced, is it not the same as allowing someone with an amplifier to listen to you whisper in another's ear? Although, one might make an argument that a telco, being told by a LEO that X is suspected of being involved in criminal behavior using their facilities, might then perhaps be considered as parties, if they do nothing to prevent it. Is thi Perhaps we need to differentiate between non-interference and cooperation. A warrant would dictate that you may not interfere with the police when they're on police business, such as wiretapping your company's lines, or searching your ba Subetai: That is a good question. Do you judge the tool, or do you judge the users of the tool? Let's widen the context dramatically... Let me add first, the notion of "key escrow" encryption -- this was a proposal, still being touted by some, to basically outlaw very strong encryption, except for special govt. sanctioned encryption that gave the government their own key This was to be put in "escrow", to be released under order, like for wiretaps I disagree strongly with key escrow. Now, if you look at the debates surrounding these issues, you see that the participants talk a lot about "criminals" But who exactly do they mean? What they usually mean by "criminal" is: drug dealers, and organized crime and organized crime is well known to primarily be involved in... narcotics, illegal gaming, prostitution, and similar things They're saying that innocent people should be required to voluntarily forfeit any expectation of privacy towards the government. There can't be any justification for that. ALL which are NOT properly crimes towards the = from the So in effect, it is *bogus*, *manufactured* criminals who are used as the primary justification for these draconian measures. Subetai: Would you change that to, "must be required to involuntarily..."? This is an example of why I am so adamant that these types of "crimes" have insidious side effects, and must be rescinded. Right, must be required. Even aside from the nature of the crime, it's wrong, period. Subetai: I agree with your distinction of "non-interference" and "cooperation". Ok, well that basically wraps up the material I had for part one. Okay, then. Asking for my password would require my cooperation, and the government can't demand that. Because your password is your property In summary, I personally think that one must take a "benevolent" approach to this issue -- start with the premise that individuals are primary, and that people have the right to defend their interests. msg Wright before I figured out he was an asshole of course In essence, the right to encryption, is the digital equivalent of the right to bear arms. oops or the right to have a lock on your front door And not have to give a key to the police when you install the lock. Evil is *not* powerful. When you look at all the allegedly dangerous elements, like terrorists, used to defend invasion of privacy, you can always trace the West's complicity and sanction as having empowered them in the first plac.e I say: fix the problem, don't make victims of innocent civilized people. <> Jasra -> JasAFK And even if the problem persists, it's no justification for key escrow or outlawing cryptography. Any final comments for the "formal" part of tonight's discussion? Let's move on to talk about the art and science of *cryptography*, privacy's 2nd best friend (civility is #1). Well, this is the same as the UN having to bomb Iraq repeatedly... just fix the problem in the first place Okay, on to the second part. Agreed Cryptography is a fascinating and subtle field, that is part art, part science, part technology. Cryptography is the science that studies private storage and communication of information. Most people are familiar with codes and ciphers. As kids, you probably played with schemes for securing communications to your friends or siblings, against decoding by parents or foes. There are two basic concerns when communicating over a public or interceptible medium: *privacy* and *authentication*. *Privacy* means being able to exchange a message, without anyone else being able to receive it; *authentication* means being sure that the person who claimed to send you a message was actually the sender. Privacy protects you from snooping. Authentication protects you from tampering. Sometimes you want protection from one or the other of these threats, other times both. Sometimes, you might want to send someone a message, without it being known you are doing so. Perhaps the threat in this case is the mere fact of sending a private message. I'll quickly explain the techniques cryptography supplies. To communicate privately, we use *encryption* -- encryption is the technique of transforming a message, the *clear text*, into an unreadable *cipher text*, using some form of algorithm or key. Decryption is the reverse of encryption -- rendering an unreadable cipher text back into its plain text source. (algorithm AND key) ok There are two basic kinds of encryption: symmetric and asymmetric (or "public key.") Symmetric encryption uses the same algorithm for both encryption and decryption. er, I meant "same key" Public key encryption use one key for encrpytion, and a completely different key for decryption. Public key ciphers are quite useful. You publish one of your keys, and keep the other one private and secret. To send you a message, a person encrypts it with your public key. But only you can decrypt it with your private key -- even the sender can't decrypt it once it is encrypted. Public key encryption can also be used for authentication, via something called a digital signature. Without getting too technical, let me briefly explain. Let's say I want to send something to Usenet or to someone, but I want to insure that it is not tampered with, and I want others to be able to positively verify it was me who sent it. What I can do, is encrypt my message with my own private key before sending it. Then, others can decrypt the message with my public key. If they can read the message, then it must have been sent by me. In practice, this technique works a bit differently. What is done is that a special "message digest" is made of a message. This is a short "fingerprint" of the message -- a fairly short, fixed-length special code that is almost impossible to forge. Then, that digest is encrypted as I explained, with the sender's public key. The reciever then takes the message, computes the message digest for himself, and compares it to the digest decrypted using the sender's public key. If they match, then the receiver knows that the message is from the sender, and hasn't been tampered. This also makes the message *irrepudiatable* -- meaning, if I signed it with my private key, it *had* to be sent by me. Encrypted and signed messages declare themselves *very* loudly, to anyone viewing them. For example, an encrypted email message is completely indecipherable, and is obviously encrypted. This might invite a snooper to try to break the message. So what if you want to communicate securely and privately, without seeming to? *Steganography* is the cryptographic technique used to hide a secret message in an innocuous container. (One can, of course, also encrypt the hidden message, for added security.) Some containers that can be used are digital picture and audio files -- the information is hidden as a virtually indetecible amount of digital "noise" in the image. Another important use for cryptography is secure storage of information. This was especially germane to me, since I recently had my laptop computer stolen. Fortunately, I had already employed strong cryptographic storage for all my personal information -- nothing of interest or value can be obtained by anyone from it. If I hadn't, an enormous amount of personal information would have fallen into unknown hands. And the kind of security offered by Windows password protection is a joke. One software package that is very popular for public key messaging, and file security, is PGP (short for Pretty Good Privacy) Another popular one for file security and steganography, for Windows (not NT), and soon for Linux, is ScramDisk <> Wright_ -> Wright I'd like to add a comment here, if I may. The neat thing about Public Key crypto is that you can send someone an encrypted message without sending them the password to decipher it. The weakest point in most crypto schemes is exchanging p Subetai: bingo Because the presumption is, if you had a secure way to exchange passwords, why didn't you transmit the message the same way. There is a great division of labor, between public and symmetric key. Under the hood, most public key protocols, like PGP, actually encrypt the message using one of the symmetric algorithms. The use a key that is generated randomly, and used just for that message. Then, only the key is encrypted using the Public key technique. This has two important advantages: (er, three actually) 1) public key algorithms are typically much slower than other symmetric algorithms, thus, by dividing the labor like this, the messages can usually be encrypted/decrypted much faster 2) public key algorithms are good, but may have certain weaknesses, say, if a large amount of cipher text is available to analyze, or if something is known about the content of the plain text but there are several very good symmetric algorithms that don't have these weaknesses therefore, by dividing the labor this way, you gain much better security 3) if you encrypt the message with a distinct key, each new message sent uses a different key, so it makes your public key less vulnerable to being broken 4) by only encrypting the key, not the whole message, it makes it easier to create a protocol that enables you to ship the single message to multiple recipients -- you just include a copy of the key encrypted for each recipient, and they a <> BradA notes that he said 3 but listed 4 -- there are probably more good reasons :) The main reason is speed. Low overhead. One might argue, "why bother encrypting most messages?" Phil Zimmerman, the heroic creator of PGP, makes a good argument, called the "post card" analogy. If you encrypt a few pages of text with a long (and therefore more secure) public key, it takes an appreciable amount of time. Symmetric ciphers can deliver better security in a fraction of the time. Why doesn't everyone send their communications on post cards, instead of putting them into (hopefully) secure envelopes? Subetai: mult-user distribution is a related corrollary reason -- PGP's ability to send to multiple people, is very practical -- even being able to include yourself is useful, otherwise, you can't decrypt the message you send :) Get one symmetric key, can read many post cards? Envelopes you have to treat each as a separate case Phil argues that there is a *culture* of email privacy -- that people expect privacy as the norm. So he argues that it would be desirable if people much more employed encryption in their emails, not because everything is of earth shattering privacy, but simply to put into place the culture that emails are private. Peter: I didn't quite get that. n/m :) Incidentally, you all may be aware that modern browsers like Internet Explorer and Netscape, have "security" built in, to talk to things like banks and for online commerce. But you may not be aware that there is what some consider to be a serious basic flaw in the protocol. It is true that I can communicate securely with my bank -- or, more precisely, that my bank can communicate securely with me. What is missing, is proper two-sided *authentication*. It is theoretically possibly using today's browsers, for someone to impersonate an existing secure site. You can attach to it securely, and then blithely start delivering all kinds of sensitive information... The bank knows who you are, but someone else could pretend to be your bank. not realizing you are really talking to the Bad Guys. Subetai: Exactly. It is insidious, and I suspect sooner or later someone will try to take advantage of it. Which is why I use Internet banking only to download my transactions. Most likely by doing a "man in the middle" attack -- this is one of the most insidious types of attack. Incidentally, one must always be cautious about *any* kind of cryptographic technique, because there can be threats and attacks one might not have considered. One of the most basic threats is weak encryption. PGP is good because the algorithm has been public knowledge for years, and all kinds of cryptographers and mathematicians have tinkered with it for ages, trying to break it. Let's say I wouldn't send someone a document of some kind, say a sensitive business document, over the internet. But I know that Word has "security" (some kind of password), so I save it with this password, phone the recipient, give him the password and email the document. Can someone tell me what the highest threat here is? brb the phone line during telling what the password is I can download a program that cracks Word's encryption from a dozen different sites. The worst threat, is that Word "security" is hopeless -- there are shareware and commercial programs that can break most of these application-level "security" schemes. So, I wouldn't send the info in the clear, thus I wouldn't be exposing myself (so to speak :) ) But the false sense of security I have about Word passwords, entices me to put highly sensitive material out in hostile territory. Peter: bzzt. no. it was a red herring question :) True yep, noticed :) There are lots of strong crypto programs out there, but PGP is the best. It would be extremely difficult for someone to try to reproduce, say, your bank's online site. But what would be quite easy for them to do, is sit in the middle between you and your bank, and forward things back and forth each way, monitoring the stuff in the middle. It does symmetric as well as assymetric crypto for files and email, it's about as secure as you can get, and it's user friendly. Let's say Subetai and I decide to send secure stuff to each other. But evil Mallet is already monitoring and can tamper with our email. I mail my public key to Subetai, and he his to me. Or put it on a web page for anyone to get, or upload it to a keyserver where people can search for it with my name or email address. But evil Mallet substitutes his keys in the middle. So I send a message actually encrypted using Mallet's key, not Subetai's, Mallet can decode and read it. He has Subetai's key, because he intercepted it. So he then recodes the message with Subetai's key, and sends it on. Subetain doesn't detect the deception. Subetai: exactly There are several devices PGP provides for managing keys, and defending against tampering and man-in-the-middle attacks. Is anyone who doesn't already have it, interested in installing and trying PGP, for secure/authenticated email and files? I have it downloaded and installed, havent tried it yet. I've got to go. Thanks for the discussion, Brad. :) Scott: what version and platform? I have it, but have only used it for test messages to myself to see how it worked it was the international version on win 98 Did you guys publish your keys on a keyserver? Scott: version 5.x? No, I didn't.. I didn't know enough about the servers at the time of the creation Unfortunately, version 5.x and 2.x are not compatible -- they use different algorithms Peter: it is good that you didn't -- I have a couple of "20/20 hindsight" tips Cool.. helps to be paranoid at times, then :) 1. Your key is *really* **REALLY** important. You should establish your own idea of how you will insure you back it up (like on a floppy), etc., so you NEVER can lose it. ahhh it is 5.5 losing a key is way worse than losing even your wallet true.. everything in the wallet can be replaced key is a one shot deal gotta go Scott: actually, I think that international version can do both RSA and DH/DSS 2. You may want to have more than one key, maybe a RSA for 2.6 users, and a DH/DSS key for newer users, and because it is considered more secure. But unfortunately, the existing key servers don't really show the key type. So when you are asked to name your key, instead of just, say, "Brad Aisa", you might want to name it something like "Brad Aisa (RSA)", "Brad Aisa (DH/DSS)" etc. What is the difference between RSA and DH/DSS? I wasn't able to clearly find out That way, someone looking you up on a key server can immediately identify the key type. I now am listed twice on keyservers, just as "Brad Aisa". *nod* However, once users actually download the keys, the difference becomes manifest. I must be an hour late.... I have become a stalwart advocate of putting all one's personal files on an encrypted volume. Anyone else do that, or interested in it? It is good for several reasons: 1. if your computer is stolen or seized, your information remains confidential and inaccessible 2. backing up your information is a breeze -- just copy the volume file to a zip disk, cd-r, or whatever How do you mean volume? I'm not too clear on that Peter: Something called PGPdisk lets you create a virtual disk drive in a file... Ah, okay This I didn't know of Example: the file contains a virtual file system Do you know how DriveSpace works? No, I don't ok well, you create this file, which is strongly encrypted and protected by a strong password or (better) passphrase then, inside this file, you format a DOS "disk" then, that "disk" is mounted to a drive letter on your pc an unused letter Okay when you log on, you supply the passphrase, and the volume is unlocked and mounted Right There is also a great shareware program called ScramDisk that does the same thing Is PGPDisk share/freeware? Peter: I don't think so... I got mine in the commercial PGP I bought from Network associates Okay I bought the commercial version to get the RSA encryption -- I wanted to be cryptographically promiscuous. :) I was late but how do you send someone a key? So looking outside of the system, you simply have one large file and i got this PGP disk thingy with it Peter: yes Gotcha Scott: you can send them by email, but that can be a bit dangerous -- were you here for the "man in the middle" attack stuff? no, sorry, I am in Japan and got the times messed up Scott: I prefer the method of providing a reference to a relatively trustworthing server. Scott: The public key is of course, public, so it is not a question of secrecy. But what *can* happen (assuming the worst case), is that someone is monitoring and can intercept your email. they can take your key, and substitute theirs instead hmmmm, I am on a military base, everything I say or type can be censured, will a key fit on a 3.5 inch? snail mail it Scott: oh yes, a PGP 5 key is less than 2K There is a way to verify keys. thank you Each key also has what is called a fingerprint. The protocol here, is transmit the key using channel 1 (whatever channel). Then, confirm the fingerprint via channel 2, preferably voice. *nod* ahhh There is also a protocol for key signing. This enables levels of trust to be built up. How large is the fingerprint? I think I have seen one or two Once you have satisfied yourself of the validity of a key you receive, then you should sign it. This prevents any form of tampering. And also lets you pass on the key, and enables the recipient to then accept the key as valid, without having to themselves validate the fingerprint with the owner. right... they trust the key as much as they trust you hmmm what about if someone just wanted to copy your key en route? any way to tell it has clones? Peter: about 12 to 16 hex bytes -- here is one of mine: D012 4479 98F1 2FF6 1096 A721 801C 7010 6F05 3CE9 Okay Scott: the key is public anyway -- you don't care who copies it or has it The public key is what other people that want to send you stuff encrypt their messages with public keys can only encode the message ...with which only you can decrypt with your private key ahhh I seee right What you *do* want to make sure, is that a key you receive, which is *alleged* to be of some person, is from that person. And you want to make sure that others verify likewise for your key. One has to be very careful, I've discovered. It is that old maxim, "a little knowledge is a dangerous thing." Also, Scott, you have to be triply careful. ? Scott: first, I would suggest that you *always* include yourself when encrypting messages -- this makes every message you send also decodable by you... this will protect you if there is ever any question of why you were sending encrypted messages Second, it is very important you guard yourself against any possibility of impersonation And on a military base, the first is more than likely this is an attack whereby a message appears to be sent by you yea, I could see that happening seems this is something one should be good at befor they attempt it Scott: for example, imagine if someone surreptitiously got your private key. Well, I'll just name it: say there was a spy on your base. ok Now, that spy is (one hopes, or perhaps doesn't hope) not stupid enough to brazenly send out stolen info, encrypted under their name. But what if they used *your* private key, and maybe figured out how to otherwise forge your email (that is usually not that difficult). hmmm I don't want to scare you either :) I think I could be taken under suspision even for sending anything encripted through military servers, even a brownie recepie PGP keys are pretty secure. You have to supply your passphrase to unlock them. So if you are cautious about physical issues -- like, don't unlock your key, then walk away from your computer -- you should be ok. do you have access to a web browser on your computer? Could always use remailers Scott: If I were in charge of IT at a military installation, I would definitely install cryptographic filters on the email streams, flagging known cryptographic types. yep, I think I will not try it But if I were in charge of security, I would be more worried about steganographic techniques -- hiding information, not openly encrypting it. heh.. someone connecting to a remailer to avoid detection of encrypted traffic? now that isn't suspicious :) *grin* I mean, someone is probably not going to be stupid enough to send stolen secrets through email. -encrypted Brad: indeed well its quite interesting still, thank you brad If I were in charge of security, I would put a key escrow protocol of some kind in place. so how many hours ago did the privacy discussion start? Although you have to be careful with those too, because they are prime targets Scott: 2.5 hours, now. Scott: There are usually transcripts put up on the #geekspeak site Wright: is that true for tonite? thanks again sure, leaving? hmm.. well, the bot is always recording, so I'm sure we have it