Date: Fri, 21 Jun 2002 09:41:37 -0400
From: Steve Smith <sgs at aginc.net>
To: WSFA members <WSFAlist at keithlynch.net>
Subject: [WSFA] Re: Speel checkers?
Reply-To: WSFA members <WSFAlist at keithlynch.net>

"Keith F. Lynch" wrote:

> Steve Smith <sgs at aginc.net> wrote:
> > If you don't want people reading your e-mail, you need to encrypt
> > it.  Both Netscape and Microsoft mail programs have encryption
> > built in.
>
> But do you trust them?  Better to use PGP.  And how do you know you
> can trust your copy of PGP?  While I've never used it, I have a copy
> handed to me on diskette by Phil Zimmerman, which is as good a chain
> of custody as you can get.

I would suspect that any major problems would have been splashed all
over the net by now.  Other security problems certainly have been.  (At
least the parts of the net that I read!)

The problem with PGP, GnuPG, or any other "real" crypto program is that
they are very hard to use, especially by the non- computer freak folks.
The rountines in Outlook and Netscape are very easy to use.

The problem is to get people to use anything at all.  It's difficult to
explain to non- computer types why they should care; after all, nobody
should read *my* mail. ("should" isn't much protection)  Isn't that
illegal?  (no)  And anyway, it just goes from my computer to your
computer.  How can anybody see it on the way? (easily)  Besides, nobody
would be interested in *my* e-mail. (you'd be surprised)

Then there's misdirection.  The most interesting misdirected e-mail that
I've gotten lately are the complete medical description of some guy's
triple bypass operation and the proofs for a major advertising campaign
(for a company you've all heard of).

--
Steve Smith                                           sgs at aginc.net
Agincourt Computing                            http://www.aginc.net
"Truth is stranger than fiction because fiction has to make sense."