Re: [OT] Posting styles (now PGP)

To: debian-user@lists.debian.org
Subject: Re: [OT] Posting styles (now PGP)
From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
Date: Sun, 08 Apr 2012 23:46:11 +1000
Message-id: <[🔎] 4F8196A3.90304@gmail.com>
In-reply-to: <[🔎] 20120408123625.GD28264@tal>
References: <iMesV-60t-1@gated-at.bofh.it> <iNmop-6c0-1@gated-at.bofh.it> <iNn18-7nN-23@gated-at.bofh.it> <iNpvY-3i6-15@gated-at.bofh.it> <iNz2h-2mX-1@gated-at.bofh.it> <iNzYl-3XC-3@gated-at.bofh.it> <iNJO1-3wi-3@gated-at.bofh.it> <[🔎] 20120407204909.GA5025@radhesyama> <[🔎] 20120408022613.GF19625@tal> <[🔎] 4F810C1A.1060006@gmail.com> <[🔎] 20120408123625.GD28264@tal>

On 08/04/12 22:36, Chris Bannister wrote:
> On Sun, Apr 08, 2012 at 01:55:06PM +1000, Scott Ferguson wrote:
>> On 08/04/12 12:26, Chris Bannister wrote:
>>> I suppose you mean encrypting, you can still read signed mail. The point
>>> to note is that *if suddenly* two people start encrypting their mail,
>>> that alone will set off alarm bells 
>>
>> Yes - though it presupposes "someone" is monitoring that email. Which
> 
> Obviously. It *could* be done automatically. Who knows why, but that is
> not worth speculating on really. Computer savvy jealous boy/girl friend,
> etc.

You're trying too hard. That path leads to paranoia.

That using encryption might make people suspicious is no reason not to
use encryption. Quite the reverse. If people you don't wish to share
your information with want to know your business - use encryption.

You propose that because communications "might" be under surveillance
[*1] you should *not* secure communications with encryption. Huh?
I refuse to sing "Is this glove that I'm feeling" in the hope that
shifty eyed people don't look at me - but you pick your own music ;-p

[*1]as if the information is volatile and surveillance can't be
retrospective

To further propose that encryption shouldn't be used because it employs
finite resources boggles the mind. Surveillance is bad, privacy is good,
but don't use up the resources of privacy invaders because it's use up
precious resources. Oh right, because then they'll look at the people
you're sending it too, and read the headers, and work out what was in
the encrypted emails (and what you had for dinner). Surely "they" would
just fly a nano drone through the wall vent and film your communications
- or break into your house and bug it, or use Echelon, or, or.

If you don't want every bored teenager who works for an email provider,
or cracker hired by your business competitors, reading your email. Use
encryption. Of course email magically bounces from the sender to the
recipient without routing through dozens of machines so... oh wait.

So people 'may' wonder what you're communicating about - *that's why you
use encryption*. Maybe it's prompt them to look closer at what they can
see.  Same logic applies to drawing the curtains and shredding paperwork
before binning it. The same logic applies to people who sensibly encrypt
their computers. Fully encrypting a portable device is a sign of
responsibility not suspicious activity.
Worrying too much about what "people" might thing is possible a sign of
something else. :-)

NOTE: deniable encryption and stenography is a sign of suspicious
activity - though maybe nothing more serious than furry fans, and of
course, if "they" can prove deniable encryption - you're not doing it right.

> 
>> would make a compelling reason *to* encrypt email.
> 
> I said  "... that *if suddenly* two people start encrypting ... "

Which I read and quoted.
<snipped>

> Some people say that if you get a laptop with a finger identification
> setup on it you are safer, I say, the opposite, I want to keep all my
> fingers.

Too much Hollywood (or lead paint, the symptoms are similar).

In the real world Sillyputty, bluetack, or certain chewy lollies are
used to lift a print good enough to bypass both Dell and Lockwood
fingerprint locks. Much simpler again to dust that dirty swipe with
toner and cover with double red gels first though - can save a lot of
time trying to find a good fingerprint (or just pulling out the hard
drive).

Fingerprint locks are not as good as decent passphrases. They're just
there to make it hard for junkies to access your data when they steal
your device - for people too lazy to learn how to produce a decent
passphrase that doesn't need writing down.
Unless coupled with encryption (which most of the laptop with them are)
it's useless (remove hard drive, read).

And lastly on that subject - are you the guy who *hasn't* seen the XKCD
$5 spanner joke? :-)

<snipped>

Kind regards

-- 
Iceweasel/Firefox/Chrome/Chromium/Iceape/IE extensions for finding
answers to questions about Debian:-
https://addons.mozilla.org/en-US/firefox/collections/Scott_Ferguson/debian/

Reply to:

Follow-Ups:
- Re: [OT] Posting styles (now PGP)
  - From: Chris Bannister <cbannister@slingshot.co.nz>

References:
- Re: [OT] Posting styles
  - From: Indulekha <indulekha@theunworthy.com>
- Re: [OT] Posting styles
  - From: Chris Bannister <cbannister@slingshot.co.nz>
- Re: [OT] Posting styles (now PGP)
  - From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
- Re: [OT] Posting styles (now PGP)
  - From: Chris Bannister <cbannister@slingshot.co.nz>

Prev by Date: Re: bash: halt: command not found
Next by Date: Re: [OT] Something about google search
Previous by thread: Re: [OT] Posting styles (now PGP)
Next by thread: Re: [OT] Posting styles (now PGP)
Index(es):
- Date
- Thread