Re: Agenda, security, and monitoring

On Mon 03/Feb/2014 17:33:23 +0100 Dave Crocker wrote:
> So:  Define the exact anti-PM service to be sought, define the actors
> needed to implement, and then get community agreement that it's an
> important goal to work towards.  Then we can discuss whether it's
> integration or usability or...
+1, we take for granted that PM is dangerous, but I haven't seen a
convincing explanation of that threat.  I read Matt Blaze's "Phew, NSA
Is Just Collecting Metadata. (You Should Still Worry)" and I was
worried already.  Yet, I'm unable to say why everybody else should be
worried too:  They can work out my private habits and my circles, so what?

Is there risk of contamination, like with AIDS?  Hm... We can argue
that psychological profiles can ease political campaigns, so those who
are entitled to vote have the moral duty to protect their independence
of thought, for the sake of democracy.  That's not a convincing
explanation for most people, though.

Using PGP augments metadata by bringing in a signature and the whole
circle of those who signed it.  Keysigning parties build a kind of
social network, which is transparent to interceptors.

Trust in CAs is not obvious, and easily it ends up adding "spend more"
to the already great "the best technology we have is annoying  and
will require you and your correspondents to learn more, and fuss
more, than you would probably like".

And encrypted messages cannot be checked against viruses.

Ale