Andre Amorim wrote:
What are your thoughts about that ?
http://www.cs.rice.edu/~mtd3/comp527/comp527presentation.pdf
Well, here are some thoughts:
The presentations starts with:
"Why isn’t PGP widely used?"
The first point ("Designed around the E-mail") is absolutely correct.
E-mail is not t
On Thu, 07 Jan 2010 09:36:26 +, makrober wrote:
> G/PGP isn't widely used because it does not address adequately the
> real-life operational circumstances of the potential user, and
I still believe that OpenPGP along with PGP 2.1 is the most used data
protection scheme for plain data and emai
Thanks for your comments Werner;
Werner Koch wrote:
On Thu, 07 Jan 2010 09:36:26 +, makrober wrote:
G/PGP isn't widely used because it does not address adequately the
real-life operational circumstances of the potential user, and
I still believe that OpenPGP along with PGP 2.1 is the mos
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
> But the rest of the "Why isn't [it] used" is plain wrong.
>
> G/PGP isn't widely used because it does not address adequately the
> real-life operational circumstances of the potential user, and
> Web of Trust is the main culprit. It brings an
Greg Sabino Mullane wrote:
But the rest of the "Why isn't [it] used" is plain wrong.
G/PGP isn't widely used because it does not address adequately the
real-life operational circumstances of the potential user, and
Web of Trust is the main culprit. It brings an enormous burden...
You're disre
On 01/07/2010 04:36 AM, makrober wrote:
> *Most individuals will rarely, if ever, be motivated to communicate
> in secrecy with someone they don't already have a trusted
> relationship with*.
I beg to differ. anyone who has ever conducted online business has a
strong incentive for communications
On 01/07/2010 09:45 AM, Daniel Kahn Gillmor wrote:
> Why is this all relevant? There are good reasons why you might be
> interested in knowing that someone specific signed something public , of
> course (e.g. software signatures, advice on mailing lists or other fora,
> etc). But for non-public c
On 01/07/2010 11:50 AM, Alex Mauer wrote:
> Many people have correspondence with people they never have and never
> will meet in person, and knowing that it’s always the same person is
> still helpful.
agreed, key continuity checking is itself a useful tool, and maybe more
OpenPGP implementations
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Januery 7th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
I think the WoT and in general the cryptography is not widely used
because few people really care about their privacity.
Is about the same issue as fre
On 1/7/10 12:08 PM, Mario Castelán Castro wrote:
> very few really care about their privacity.
The fact that "free credit reporting services" are making a ton of
money, as are services like LifeLock and whatnot, plus the huge media
impact of identity theft, etc., all points to people knowing their
On Thu, 07 Jan 2010 10:50:35 -0600, Alex Mauer wrote:
> They’re only unknown the first time you contact them. It is useful to
> know that the second time you contact f...@example.com it’s the same
> party you contacted the first time. Or that the phishing email you
MUA authors should really add
On Thu, Jan 07, 2010 at 12:23:55PM -0500, Robert J. Hansen wrote:
> On 1/7/10 12:08 PM, Mario Castelán Castro wrote:
> > very few really care about their privacity.
>
> The fact that "free credit reporting services" are making a ton of
> money, as are services like LifeLock and whatnot, plus the h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mario Castelán Castro escribió:
...
> I think the WoT and in general the cryptography is not widely used
> because few people really care about their privacity.
I agree... one of my friends seem to think cryptography is useful for
mafia and pedoph
On Thu, Jan 7, 2010 at 9:08 PM, Mario Castelán Castro
wrote:
> I think the WoT and in general the cryptography is not widely used
> because few people really care about their privacity.
IMHO, there's another problem, an entry barrier to the WoT. The
practice of key exchange is widespread in very
Dmitri Minaev writes:
> On Thu, Jan 7, 2010 at 9:08 PM, Mario Castelán Castro
> wrote:
>
>> I think the WoT and in general the cryptography is not widely used
>> because few people really care about their privacity.
>
> IMHO, there's another problem, an entry barrier to the WoT. The
> practice o
On Fri, Jan 8, 2010 at 8:21 PM, Mario Castelán Castro
wrote:
>>IMHO, there's another problem, an entry barrier to the WoT. The
>>practice of key exchange is widespread in very close circles of
>>geeks, Linux developers and, to a certain degree, scientists. For
>>someone who does not belong to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Januery 8th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
>However, most people lack the skills necessary to do anything about
>their privacy, and lack the inclination (time, energy, or even
>sel
On Fri, Jan 08, 2010 at 10:21:51AM -0600, Mario Castel�n Castro wrote:
>
> Did you count the citys in the list, they are just 11 of thoustands
> and thoustands around the world; it helps of course, but very little.
You obviously didn't try to use the search box to find more cities.
--
Bob Holtz
On 07.01.2010, Mario Castelán Castro wrote:
> I think the WoT and in general the cryptography is not widely used
> because few people really care about their privacity.
I think the overall stats for people using cryptography is that low
because it is or seems too complicated for them. A lot of pe
On Fri, Jan 08, 2010 at 07:46:28PM +0100, Heinz Diehl wrote:
>
> Personally I think a lot of people care about privacy, but are just not
> able and/or frightened to install something complex on their machines.
Then you get the contingent that sats "I have nothing to hide".
--
Bob Holtzman
GPG k
On 09.01.2010, RobertHoltzman wrote:
> > Personally I think a lot of people care about privacy, but are just not
> > able and/or frightened to install something complex on their machines.
> Then you get the contingent that sats "I have nothing to hide".
What I've encountered is that lots of peop
On Sat, Jan 09, 2010 at 02:49:13PM +0100, Heinz Diehl wrote:
> On 09.01.2010, RobertHoltzman wrote:
>
> > > Personally I think a lot of people care about privacy, but are just not
> > > able and/or frightened to install something complex on their machines.
>
> > Then you get the contingent that s
On 09 January 10, Heinz Diehl wrote:
> On 09.01.2010, RobertHoltzman wrote:
> > > Personally I think a lot of people care about privacy, but are just not
> > > able and/or frightened to install something complex on their machines.
> >
> > Then you get the contingent that sats "I have nothing to hi
On Sun, Jan 10, 2010 at 09:27:14AM -0600, John B wrote:
> On 09 January 10, Heinz Diehl wrote:
>
> > What I've encountered is that lots of people answering that way do not
> > actually mean what these words say, but use them as a way to avoid saying
> > the truth: "I'm not able to install such sof
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
>I get the impression that it's mostly a matter of their fear of not
>being able to comprehend it. After all, it is a "computer th
On 01/10/2010 03:24 PM, Mario Castelán Castro wrote:
> Is not neseesary to comprehend cryptography to use it. In fact, the
> pknowledge of the use of one thing and the knowledge to use it are
> independient. I.e: don't know how to ride a bicicle, but I know how
> they work
Crypto is not like this
On Sun, Jan 10, 2010 at 02:24:22PM -0600, Mario Castel�n Castro wrote:
>
> Is not neseesary to comprehend cryptography to use it. In fact, the
> pknowledge of the use of one thing and the knowledge to use it are
> independient. I.e: don't know how to ride a bicicle, but I know how
> they work
Tr
On Jan 10, 2010, at 10:24 PM, RobertHoltzman wrote:
On Sun, Jan 10, 2010 at 02:24:22PM -0600, Mario Castel�n Castro
wrote:
Is not neseesary to comprehend cryptography to use it. In fact, the
pknowledge of the use of one thing and the knowledge to use it are
independient. I.e: don't know how
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
>Crypto is not like this. Sure, you don't need to understand Feistel
>networks or large number theory in order to use crypto, but look at
&
On Jan 10, 2010, at 11:01 PM, Mario Castelán Castro wrote:
The only crypto they use is the crypto that is invisible to them
(usually https, which is pretty invisible).
HTTPS is not invisible, is transparent with most browers. Invisible
is as example, the logs that your ISP, mine or google (li
On 01/10/2010 11:01 PM, Mario Castelán Castro wrote:
>> Crypto is not like this. Sure, you don't need to understand Feistel
>> networks or large number theory in order to use crypto, but look at
>> what you *do* need to understand: [...]
>
> Is good if you know that, you will use the crypto bette
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Robert J. Hansen escribió:
...
> Crypto is not like this. Sure, you don't need to understand Feistel
> networks or large number theory in order to use crypto, but look at what
> you *do* need to understand:
>
> * Identity verification
I think I u
On 1/10/2010 11:37 PM, Robert J. Hansen wrote:
>>
>> What is your point Robert?
>
> I didn't write this; you're misquoting someone else's words and
> attributing them to me.
>
I think he meant the other Robert in the discussion.
--
Jim
___
Gnupg-us
On 01/10/2010 10:57 PM, Faramir wrote:
>> * How hashes are misused and shouldn't be used
> Ehh... I've never thought about it. How they should not be used?
I've seen computerized votes authenticated by MD5 hash... sent over
email... in the same message as the official vote record. As in, "the
a
On 1/11/2010 1:26 AM, Robert J. Hansen wrote:
> I've seen computerized votes authenticated by MD5 hash... sent over
> email... in the same message as the official vote record. As in, "the
> attachment has MD5 hash XXX, if your version hashes out to XXX then the
> vote record is authenticated." I
David Shaw writes, in part:
-+-
| It's not that they gave it a bit of thought and decided
| against it for whatever reason - they never gave it even a
| moment of thought. The only crypto they use is the crypto
| that is invisible to them (usually https, which is pr
Am Montag, den 11.01.2010, 01:26 -0500 schrieb Robert J. Hansen:
> On 01/10/2010 10:57 PM, Faramir wrote:
> ...I just about had a heart attack. The
> voting authorities thought this was just fine...
>
> _
You are obviously not loved by the voting authorities :-)
Greetings from the Black Forest!
While the ontopicness of my comment is a bit questionable
I don't think I've gotten an encrypted email in the last 12 months,
but I still use gpg every day.
All Debian and (I imagine, or at least hope) Debian derivatives such
as Ubuntu incorporate digital signing of software.
I think signing
On Sun, Jan 10, 2010 at 11:37:12PM -0500, Robert J. Hansen wrote:
> A few years ago a fellow grad student of mine, Peter Likarish, developed
> a really cool anti-phishing technology.
[but test subjects didn't react to the warning]
> Peter's hypothesis was that Flash ads are to blame. Users have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark H. Wood wrote:
|
| Still, it's another technology-intractable problem. If people cared,
| they would train themselves to look for trouble indicators, like
| scanning the dashboard from time to time for problems with speed,
| fuel, temperature, e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 12th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
Actually I was quoting Robert Holtzman, not Robert J. Hansen, sorry
for not including the full name.
I have no time now to read those texts because m
41 matches
Mail list logo
