NPR : E-Mail Encryption Rare in Everyday Use

Victor Duchovni Victor.Duchovni at MorganStanley.com
Mon Feb 27 10:12:34 EST 2006 

On Sat, Feb 25, 2006 at 07:33:38PM +0100, Ian G wrote:

> Hence, IM/chat, Skype, TLS experiments at Jabber, as
> well as the OpenPGP attempts.
> 
> There are important lessons to be learnt in the rise of
> IM over email.

Likewise the rise of the telephone over paper mail, but the phone does
not obviate the need for paper mail.

> Email is held back by its standardisation, chat seems to overcome
spam quite nicely.

Where's Gaddi Evron when you need him? This is just not true, the spam
volume is rising for both blogs and IM.

> Email is hard to get encrypted, but it didn't stop Skype from doing
> encryped IMs "easily."

Likewise I have secured email communications with my wife via a single
key exchange, so what? Skype has not "easily" created an interoperable
federated system that secures all IM communications end-to-end, and
many of the issues in doing that are non-technical.

> The competition between the IM systems is what is driving
> the security forward.  As there is no competition in the
> email world, at least at the level of the basic protocol
> and standard, there is no way for the security to move
> forward.
> 

IM is "islands of automation", luckily email works globally.

> Phishing is possible over chat,
> but has also been relatively easy to address - because
> the system owners have incentives and can adjust.

This is naive, IM will become federated and decentralized and abuse
issues will be the same as for email. You can't fence the bad guys
out of the network.

-- 

 /"\ ASCII RIBBON                  NOTICE: If received in error,
 \ / CAMPAIGN     Victor Duchovni  please destroy and notify
  X AGAINST       IT Security,     sender. Sender does not waive
 / \ HTML MAIL    Morgan Stanley   confidentiality or privilege,
                                   and use is prohibited.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list