Paranoid Penguin - Interview with Marcus Meissner
MB: Your team, of course, digitally signs its communications. But 17 years after Phil Zimmerman gave us PGP, only a tiny percentage of ordinary users employ any kind of e-mail encryption. Any thoughts as to why, and what to do about it?
MM: It's too hard to use and, more so, too hard even to understand why to use cryptography. “Why does Aunt Emily need to encrypt letters to her niece Tina? Who cares about them anyway? And, how do I do it?”
MB: Maybe the real issue here is identity management. We haven't yet figured out any kind of universal identification on the Internet, which is part of the problem space that PGP, S/MIME, x.509 and LDAP are all supposed to address. But the paradox is that although such an identification infrastructure would greatly simplify all sorts of security problems—single sign-on, directory services, encryption and the like—the technology itself is very complicated.
MM: Yes, definitely. Perhaps a hardware solution might help here—something that Aunt Emily and niece Tina could physically exchange and so would physically grasp.
One could imagine doing premade USB tokens that can be torn off a strip and distributed for every family member involved, in a size that fits in regular letters. Or, using cell phones to pass encryption keys back and forth, as everyone owns cell phones now.
MB: Any time you talk about centralized identity management in the US, for which the logical starting point is the federal government, the discussion gets very strange very quickly. Americans are reluctant to trust their government not to abuse this information (which is perhaps strange given that they've got all sorts of information about us already). Are things different in Europe?
MM: They are better. People trust the government more, because they already hand out our passports and ID cards. But, with the current government trying to enter into our privacy more and more, I think even in Germany we will see more mistrust.
MB: We've amply filled this month's allotted space with a very wide-ranging discussion indeed. Thanks so much, Marcus, for a thoughtful and fun conversation!
Novell's SUSE Security Team: www.novell.com/linux/security/team.html
Mick Bauer (email@example.com) is Network Security Architect for one of the US's largest banks. He is the author of the O'Reilly book Linux Server Security, 2nd edition (formerly called Building Secure Servers With Linux), an occasional presenter at information security conferences and composer of the “Network Engineering Polka”.
|Take Control of Your PC with UEFI Secure Boot||Nov 30, 2015|
|Geek Hide-away in Guatemala - Stay for Free!||Nov 26, 2015|
|Microsoft and Linux: True Romance or Toxic Love?||Nov 25, 2015|
|Non-Linux FOSS: Install Windows? Yeah, Open Source Can Do That.||Nov 24, 2015|
|Cipher Security: How to harden TLS and SSH||Nov 23, 2015|
|Web Stores Held Hostage||Nov 19, 2015|
- Take Control of Your PC with UEFI Secure Boot
- Cipher Security: How to harden TLS and SSH
- Microsoft and Linux: True Romance or Toxic Love?
- Non-Linux FOSS: Install Windows? Yeah, Open Source Can Do That.
- Web Stores Held Hostage
- Firefox's New Feature for Tighter Security
- Geek Hide-away in Guatemala - Stay for Free!
- PuppetLabs Introduces Application Orchestration
- diff -u: What's New in Kernel Development
- IBM LinuxONE Provides New Options for Linux Deployment