On 09/04/12 01:32, Joey Hess wrote: > Scott Ferguson wrote (remainder of your trolling ignored): >>> as this will habituate people to expect your mail to be signed, >> >> Nope. Wishful thinking at best. > > True story: Last weekend, I sent a friend an email to get him come > help me move a couch. For complex reasons I neglected to sign it. My > friend noticed, and worried someone might be playing a prank on him. > I don't doubt it. If you look at one of my other posts you'll see I encountered a similar scenario that alerted me to compromised email account. I'm in favour of encryption - amongst other things it reduces malware. But I don't believe it's a panacea for everything - I know I don't always check to see email is encrypted (though I should).
And it's my experience that my use of it doesn't automatically encourage others to use it. I've had a hell of a time getting some people to install it - and on several occasions noticed they used no passphrases! Another was later found to have been running a root kit. Yet another emailed me both his keys! Which makes secure communications with those people fraught with peril. Perhaps I'm overly cynical, but I suspect that when the masses adopt something because it's popular they tend to dumb it down to the point where it's no longer useful. The security of encryption between two parties is determined by the lowest common denominator. So if encryption catches on because everyone is doing it - it may become like SSL certificates... (if your browser recognises that certificate there's a good chance it came from a compromises assurer). Kind regards -- Iceweasel/Firefox/Chrome/Chromium/Iceape/IE extensions for finding answers to questions about Debian:- https://addons.mozilla.org/en-US/firefox/collections/Scott_Ferguson/debian/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f8256c5.2010...@gmail.com