[117923] in Cypherpunks
Paranoia == Forward Security
daemon@ATHENA.MIT.EDU (Anonymous)
Wed Sep 15 15:36:10 1999
Date: Wed, 15 Sep 1999 21:01:52 +0200 (CEST)
Message-Id: <199909151901.VAA32064@mail.replay.com>
From: Anonymous <nobody@replay.com>
To: cypherpunks@toad.com
Reply-To: Anonymous <nobody@replay.com>
If there's one thing that the whole MSNSAKEY debacle taught us, its that
Paranoia == Forward Security.
Forward Security is about taking more precautions than necessary.
Forward Security is about the gazelle staying TWO steps ahead of the cheetah just in case.
Forward Security is about not giving up passphrase encrypted data to Hushmail or
@Backup, just in case.
Of course, not that I think Hushmail is likely to feed me NarkApplet.class under orders
from the RCMP.
Nor do I think it's likely @Backup is likely to feed me a password grabber in their next
upgrade (or the next, or the next...)
Not that I think someone's looking over my shoulder right now...
(BTW: @Backup keeps a copy of EVERY version of EVERY file in the targeted directories.
How many Megs of total data does the average user generate in a month, including all
those ~DF2A6B.tmp files, and the contents of C:\WINDOWS\TEMP/ORARY INTERNET FILES which
your average luser is bound to forget to exclude?)
What about in fifteen years when we'll be able to differentially crack 56bit DES with a
mere 40/50 Gigs of data, and a certain limey politician is firmly back in the closet?)
What about twenty years from now, when three burly Feds sit me in a darkened room and
give me the ultimatum, "We already have the files. Give us the keys and we'll drop X."?
I think I'm going to be keeping my encrypted keys, data and algorithms under lock and
key for the foreseeable future.
Anon
