Improving confidentiality on the internet

The IETF announced that they are taking the lead on to “develop the technical specifications to improve the privacy and security of the Internet”. They are probably best placed to raise the profile in the IT community. Looking at the agenda of their recent meeting where 1200 odd techies converged for their 88th global meeting, their main focus has been on infrastructure and protocols.

pgp

I’d suggest that we do already have some very secure protocols and the necessary algorithms for one communication channel, specifically email. But there is very limited applications available to leverage these protocols and algorithms that are available to the majority of users, installation and configuration of the open source applications are not for the feint hearted. Instructions here for those that want to take advantage of the available PGP email security.

It’s an absolute necessity that these applications are open source, without peer review of the applications code, there is no way you can be assured that a backdoor or other vulnerability has not been embedded by the creators or a government agency, which would make worthless any counter measure you thought you had in place. Even worse giving you a false sense of security.

Leave a Reply

Your email address will not be published. Required fields are marked *