Tim May writes:
> The fact that some fine people work for ZKS should cause us to give
> them a pass on such important issues.
Of course he meant the opposite (no doubt a correction will have
appeared in the many hours it takes for remailed messages to appear).
The shameful silence of cypherpunks has given ZKS a free ride on their
lack of security for far too long.
Let's be specific. Within a company like ZKS there are many factions.
Some are pushing for more privacy. Others for ease of use. Others want
more centralized control to protect against liability. Some call
for releasing the source, others are fearful that this will lead to
independent versions which will undercut ZKS' business model.
These debates don't take place in a vacuum. They are influenced by
outside forces. Companies respond to the pressures they experience.
Investors push one way, government regulators push another, potential
business customers have their own agendas.
When cypherpunks are silent, it actually undercuts the positions of
those within ZKS who would most support cypherpunk goals. It allows the
other factions to say that privacy issues are not the most important,
because even the staunchest privacy advocates, the paranoid cypherpunks,
are accepting of the current product and willing to wait.
The well intentioned kindness and patience which cypherpunks have
expressed towards ZKS is undoubtedly a major contributing factor for
why so little has been done to address the privacy lapses which Tim
May describes. Cypherpunks have themselves to blame for allowing this
to happen.
Criticizing the company is not disloyal. Turning up the heat when they
fail to follow through on their promises is not unfriendly. Cypherpunks
are actually helping their friends and allies within ZKS when they plainly
state how unacceptable is the current state of the product with regard
to privacy. Only when the company senses that cypherpunks are losing
patience, that they are in danger of seeing articles appear in Wired
or the Times saying that the company's dedication to privacy is being
questioned, will they increase the priority of fixing these problems.
