The proposed deals allow Symantec to offer full-disk, email and mobile encryption products alongside its traditional line of security suites. ... Symantec plans to standardise on the PGP key management platform in order to deliver centralised policy and key management
I'd really love to see a user-friendly way of offering email encryption. The rising tide of privacy encroachment worries me, and the technology to (mostly) evade this exists -- but can't be effective unless a critical mass of people use it.
The current legal basis for monitoring email in the USA is not that the gov't has a legitimate interest in seeing it, but that it's old data left sitting around, so the owner doesn't have a rational expectation of privacy.
If those old messages were still left around, but the bodies were unreadable, the government wouldn't have any basis to demand that they be decrypted, since they've not asserted any authority to it (short of a warrant). To do so would be one heck of a long jump.
Please look into the security guarantees offered by PGP and Off-the-record messaging. In most cases you probably want what OTR offers, namely plausible deniability instead of proof of authorship.
As someone who is not a security expert, it's hard discern which of the UI problems are specific to that app and which are general to all possible public key solutions.
Symantec is where products go to get put out to farm; it's just a few steps removed from Computer Associates. I use and recommend PGP WDE for the Mac, and I'm not happy about this announcement.
I hate PGP. You can't upgrade. Every time you upgrade you pray you'll be able to boot and inevitably stuff breaks. Symantec buying this is the only possible way it could get even worse.
16 comments
[ 2.8 ms ] story [ 47.3 ms ] threadI'd really love to see a user-friendly way of offering email encryption. The rising tide of privacy encroachment worries me, and the technology to (mostly) evade this exists -- but can't be effective unless a critical mass of people use it.
If those old messages were still left around, but the bodies were unreadable, the government wouldn't have any basis to demand that they be decrypted, since they've not asserted any authority to it (short of a warrant). To do so would be one heck of a long jump.
Updating to the next version will automatically decrypt all your data.
The say the disk is encrypted but it turns out that it just XORs 'symantec' with every byte.
"Why Johnny Can't Encrypt" http://www.gaudior.net/alma/johnny.pdf