Re: Pakistan to ban encryption software



sid wrote:
On 01/09/11 10:21, Norman Wells wrote:
Szymon von Ulezalka wrote:
No, it will be about as private as an ordinary non-encrypted
email, which most people use perfectly happily. If you _want_ to
use encryption rather

which provides absolutely no privacy.

Don't be absurd. I can't read your emails, nor can you, without a
lot of effort, read anyone else's.


It's not a lot of effort, if you are into that kind of thing, or have
access to the server either physically or remotely.

DNS poisoning is another route. You may say it is a lot of effort, but
thousands of people are attempting it, thousands of times, daily, all
day. Sooner or later they score.

Try looking in your firewall logs, everybody is bombarded with
attempts at access, sometimes many times a second if the bot doing
the probe finds your IP more interesting than usual. Linux email
servers are a prime target, there are a few types of virus and
rootkits floating about in cyberspace for linux, and they are always
aimed at servers.
Multiply that number by thousands for windows and home PCs, which also
intercept email directly from the host, and can be injected into a PC
from something as simple as a webpage, and you still think email is
secure?

It's at least as secure as sending mail, or making a phone call. Nothing is 100% secure. Very little non-commercial stuff needs to be.

But if you think that all your emails are being read by hundreds of people across the globe who are all laughing at you, I think you're mistaken. And a bit paranoid. It takes me long enough to read my own correspondence, let alone anyone else's.

than _need_ to use it, why is it not a fair question to ask why,
and to have a suspicion that the true answer will be 'for nefarious
purposes'.

are you locking your house, when you go out?

I'm sure normal email suffices. Why do you think anyone would be
interested in the slightest in intercepting your correspondence?
Are you very important?

do you have any idea how easy it is to get someone's else private
info, if send via unencrypted channel? PIN nunbers, paypal login &
password, facebook etc etc

No-one's saying commercial dealings should not be encrypted.

and personal connections are often used for commercial communications,
emailing work from home is an example. just as commercial networks are
are often used for personal communications, emailing the secretary you
happen to be having an affair with, for example.

No-one's saying VPN shouldn't be available for commercial purposes.

What do you think is the reason most people use VPN for personal, non-commercial purposes?

Don't be silly. Ordinary email is not at all easily intercepted by
all and sundry, so it's already in an envelope. And there's no
proposal to change that at all.

have you ever tried to sniff some package on some network? it is
easy to do so...

But to get to specific information that you might want to know is
rather more difficult.

So you just sniff everything and grep the results and let it find what
you want, trivial to do. I suggest again you try it yourself, grep is
a very powerful tool that makes that kind of task very simple.

Who'd be interested in your emails, and why?

.