
Why I Wrote PGP (1999) - numlocked
http://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html
======
noonespecial
_Perhaps you think your email is legitimate enough that encryption is
unwarranted. If you really are a law-abiding citizen with nothing to hide,
then why don 't you always send your paper mail on postcards? Why not submit
to drug testing on demand? Why require a warrant for police searches of your
house? Are you trying to hide something? If you hide your mail inside
envelopes, does that mean you must be a subversive or a drug dealer, or maybe
a paranoid nut? Do law-abiding citizens have any need to encrypt their email?

What if everyone believed that law-abiding citizens should use postcards for
their mail? If a nonconformist tried to assert his privacy by using an
envelope for his mail, it would draw suspicion. Perhaps the authorities would
open his mail to see what he's hiding. Fortunately, we don't live in that kind
of world, because everyone protects most of their mail with envelopes. So no
one draws suspicion by asserting their privacy with an envelope. There's
safety in numbers. Analogously, it would be nice if everyone routinely used
encryption for all their email, innocent or not, so that no one drew suspicion
by asserting their email privacy with encryption. Think of it as a form of
solidarity._

I'm seriously thinking of having this printed up on business cards (1st
paragraph on the front, 2nd on the back) so I can just whip them out and hand
them to people. By the time they've gotten done saying, "Well, if you have
nothing to hide..." it'll be in their hands.

~~~
anotheraccount7
I think the postcards example hurts his argument.

People send postcards all the time precisely because for the most part they
don't care about privacy in their mail. In my personal life I can't think of a
single example where I sent mail that I wanted to keep private (outside of
maybe mail that had my SS#). I think most people are rather indifferent.

"If you hide your mail inside envelopes, does that mean you must be a
subversive or a drug dealer, or maybe a paranoid nut" The main function of the
envelope is to tied a bunch of papers together so they don't get separated in
the mail.

~~~
noonespecial
So it would be OK if your bank statements came rubberbanded together (or in
transparent plastic "patriot envelopes") with your balances showing (for your
convenience)? How about credit card statements showing what you owe? The
results of that HIV test maybe?

~~~
anotheraccount7
That doesn't bother me at all. Other than your medical information, I'm pretty
sure the government already knows all that information. And I'm not really
sure how them knowing my HIV status leave me at a disadvantage.

~~~
ams6110
It might if they ever decide that HIV positive folks are too expensive to keep
treating.

~~~
superuser2
This is the case with every insurer (unless one operated blind and didn't know
what it was cutting checks for?) but government at least answers to anti-
discrimination standards. If this became normal practice among insurers, then
you'd be entirely screwed.

------
jwr
…and yet so many of us (yes, even the tech geeks) do not use it.

There's always a reason: it's too bothersome, we find the password prompts
annoying, our friends don't use it, "it's not worth it for the unimportant
stuff", "they'll get me anyway if they really want to". We complain about the
NSA snooping, but we can't be bothered to properly encrypt our E-mail, even
though the tools are right there, in front of us. For free.

If you're on a Mac, use [https://gpgtools.org](https://gpgtools.org) — there
is really no excuse, it's so simple and straightforward to use. I'm sure there
are even easier solutions on Windows and Linux.

~~~
bad_user
For Linux there's Seahorse, the Gnome app for managing PGP and SSH Keys. It
comes installed by default on Ubuntu. Generating a key and synchronizing it
with a key server couldn't be more painless.

For email clients, you can use Thunderbird or Evolution, both of which can
handle PGP. There's also a new Chrome/Firefox extension that brings PGP to
Webmail interfaces, such as GMail:
[http://www.mailvelope.com/](http://www.mailvelope.com/) ... because of a
Firefox limitation, it's kind of slow on Firefox right now, but should get
fixed in 27 and it also lacks advanced features (e.g. PGP Mime, or syncing
with key servers), but those features are coming.

Linux in general have the best security related tools. Ubuntu's graphical
installer for example gives you the option to encrypt either your $HOME
directory or your entire hard-drive (with dmcrypt). When formatting an USB
Drive, you also have the option to encrypt it. And if you synchronize your
files on DropBox or Google Drive, you can quickly create an encrypted folder
by means of Encfs / gnome-encfs. And personally, I went full on with
encryption. My hard-drive, my USB drives, my Dropbox, my Google Drive storage,
all encrypted. I also link to my PGP public key in my email signature, which
is cool, as my personal website serves links only through HTTPS.

~~~
Innocuous
Yeah it looks good in theory, until you start really using gpg and promote it
amongst friends and contacts...

I actually don't really understand the differences between PGP/INLINE and
PGP/MIME but it has given me headaches, because some clients don't support
both.

Evolution's devs refused to support anything other than PGP/MIME for a long
time (seems to be fixed now):

[http://mozdev.org/pipermail/enigmail/2010-July/012617.html](http://mozdev.org/pipermail/enigmail/2010-July/012617.html)

K9 cannot read PGP/MIME
[https://code.google.com/p/k9mail/issues/detail?id=5864](https://code.google.com/p/k9mail/issues/detail?id=5864)

------
nathanallen
One of the best stories from the PGP saga is that Zimmerman worked with MIT
Press to have _the entire PGP source code_ published, in machine readable
print. This allowed him to make the argument that his scary-dangerous-
cryptosystem was in fact protected under the First Amendment as free speech.

~~~
furyg3
It gets better, they not only printed it out but also scanned it!

[http://www.pgpi.org/pgpi/project/scanning/](http://www.pgpi.org/pgpi/project/scanning/)

Cryptography software was subject to export-control at the time... so they
printed it out, and scanned it in Europe to create a 'clean' version of the
software for use abroad (PGPi ). They continued to do this for new releases of
PGP until the export controls were released.

Must have made for a nasty devops relationship...

------
joering2
To all the people and law enforcement officials that live by the "if you don't
have anything to hide, you shouldn't worry about your privacy", I say that's
your very own and primitive explanation. I hide/encrypt/lock my stuff because
I DO NOT TRUST you in handling my private info and therefore my life. Most
government org cannot keep their own stuff private, not to mention my personal
info. Same applies to a lock on my house: I do not lock my door because I sit
at home and build an atomic bomb and do not wont officials to know about it; I
lock my door because you (LE) do a pathetic job at keeping my house safe from
burglars.

As I keep repeating, next 911 will not come in form of six people stealing our
planes, on our airports hitting our buildings; it will come from Chinese/other
government hackers stealing our own data, neatly stored and organized in our
NSA's locker-rooms. And that's why its a horror idea for anyone to have all
information on entire nation, within one database (I know its bit more
complicated than that).

As the nation and most others based its order on organized information, you
can imagine entire country on a full economical lockdown, once all your credit
card, all your social security info and all your data leaks out to third
parties/pirates.

[http://en.wikipedia.org/wiki/Nothing_to_hide_argument](http://en.wikipedia.org/wiki/Nothing_to_hide_argument)

------
downer94
So, no one ever dares to ask this, but I'm going to because I never see
mention of it crop up in these sorts of discussions.

Where do you draw the line between an individual's assertion of privacy over
confidential information, and contrast it with the premise of intellectual
property and the use of encryption to achieve goals traditionally perceived as
less noble, such as DRM?

Where does the distinction emerge, that my social security number and HIV
status deserve protection, but an episode of Game of Thrones does not?

I'm not asking this question because I don't understand the distinction. I'm
asking this question because it's not often discussed.

If information wants to be free, then what is our objective measure, to define
the reason why we might choose to confine some, all or none of our
information, especially when employing encryption?

~~~
6d0debc071
If HBO want to encrypt stuff on a system they own, or transmit it encrypted,
that's their business. However, a computer system should always serve the
owner. And the only way you can do effective DRM; leaving it viewable to me
but only under your conditions; is through subverting my computer from my
control - otherwise I'll just be able to read the key.

DRM constitutes an attack on the loyal functioning of someone else's machine,
in a way that the owner of that machine is not meant to counteract. Which is
distinct from just having an encrypted file, which represents no such
compromise to the loyalty expected of the computer it happens to be on at any
particular time, (indeed encryption sort of assumes that it'll end up on an
unfriendly machine in some form or another, else there'd be no point.)

~~~
downer94
I agree. In that scenario, I feel absolutely no need for restraint in
attacking someone else's encrypted information. Namely, when that someone else
is an uninvited eavesdropper.

I refuse to tolerate the idea of placing a high-powered machine in my living
room, if that machine won't tell me what it's doing or who it's talking to. In
that moment I feel completely justified in my attempts to break encryption,
read the information collected about me, and reverse engineer or destroy the
device.

This is an aspect that OP's article doesn't cover: Consumer products bundled
with mandated encryption that operates against the interest of the end user,
with designs to eavesdrop on the user simply to capture their ambient behavior
as a rule, and disinform the user of the information collected about them,
whether it be accelerometer information, GPS information, or channel changing
habits.

This is the inverse of Phil Zimmerman's goal. Pervasive, continuous
observation and telemetry, especially that which occurs without the consent or
awareness of the observed.

------
jmtame
Wow, that's one scenario I didn't even consider: the government making it
illegal to use encryption. Blows my mind that you could some day be considered
a criminal for using PGP.

~~~
jrvarela56
Could there be an encryption mechanism that outputs valid sentences? If anyone
tries to ban encryption they'd have to argue your text is encrypted because it
doesn't make much sense to them.

~~~
rcxdude
Such steganography is sort of possible, though it's hard to make it not look
like the output of a markov babbler.

~~~
pestaa
I and my friends regularly sound exactly like the output of a markov babbler.

"Hey, look, this is not encryption, we're just dumb!"

------
hipaulshi
So.. Anyone wants to do a PGP key signing party in San Francisco? I asked on
HN before but no one seems to be interested back then. I hope some meetup
organizer can pick this up.

~~~
willvarfar
I'm curious, how would you verify an attendee's identity?

~~~
hipaulshi
government id/picture id checking against pgp keyserver, to make sure you are
who say you are. So you have to be physically present at the party with your
key and id. that's how the trust network is built.

~~~
ywyrd
Yes, because pieces of paper given out by men with guns are the font of all
truth.

ADD: Fuck this statist cesspool.

~~~
mirkules
Would you be more comfortable giving your fingerprint or DNA sample to prove
your identity?

Side note: maybe there could be a way to irreversibly hash one's fingerprint
or DNA sample into an electronic signature

~~~
jerf
Falsehoods programmers believe about DNA:

    
    
        1. A person has only one genetic code in their body.
        2. A person's genetic code never changes.
    

etc. In the spirit of "falsehoods programmers believe about names" and "...
about addresses".

~~~
im3w1l
Those are solvable problems though. Or are you saying 23andme doesn't work?

~~~
jerf
No, they aren't. I did not say "A person's _tested_ genetic code never
changes", I said exactly what I meant, which is that genetic codes can be
changed. Retroviruses do it. Further, on a grand scale, chimeras [1] exist,
with human chimeras often entirely unaware of it (while my priors would
suggest I am not one, I can't even come close to _proving_ that to you with
the rather meagre medical tests I've had done on me), and on a smaller scale,
small mutations in cells can easily propagate out into the body over time,
even before we ignore the matter of cancer.

Most of the time, this doesn't matter, but if we're talking about taking
_hashes_ for security, suddenly it does.

------
anoncow
>Advances in technology will not permit the maintenance of the status quo, as
far as privacy is concerned. The status quo is unstable. If we do nothing, new
technologies will give the government new automatic surveillance capabilities
that Stalin could never have dreamed of. The only way to hold the line on
privacy in the information age is strong cryptography

------
MWil
I just started experimenting with PGP this week and I was amazed at how easy
it was. This page was all I needed to get started
[http://serverfault.com/questions/489140/what-is-a-good-
solut...](http://serverfault.com/questions/489140/what-is-a-good-solution-to-
encrypt-some-files-in-unix)

~~~
jng
Isn't that gpg?

~~~
pan69
As far as I'm aware, GPG is an implementation of OpenPGP.

~~~
pearjuice
But what if GPG is in fact PG in PGP GP Open G? PGP P¿

------
pasbesoin
My heartfelt thanks, Phil, if you happen to be/visit here. Not just for the
software, but for the accompanying philosophy and enlightenment, and
dedication to same. The impact upon me, personally, has been significant. It
is something I in turn attempt to share with those who matter to me,
personally and professionally.

Regards

------
sidcool
It's scary how this all snooping thing started way back when the internet was
nascent.

~~~
mhurron
It started before that. This has been a function of the NSA from it's
beginning.

[http://en.wikipedia.org/wiki/Project_SHAMROCK](http://en.wikipedia.org/wiki/Project_SHAMROCK)

------
hipaulshi
Wow.. the whole article seems so relevant to today

~~~
eplanit
It was never irrelevant. The problem has simply scaled up over time.

------
krmboya
This particular version doesn't seem to be from 1991 as the current title
suggests since it speaks of 1994 in the past tense.

~~~
mathattack
Yes. It claims to be updated in 1999.

------
diasp
PGP isn't trivial but thanks to [https://encrypt.to/](https://encrypt.to/) now
everybody can send encrypted PGP messages.

