Crypto and Free Software – the strongest combo.

BeCR4NnIAAATg7PHey all – just a few quick thoughts on an article on the BBC – hope you like 🙂 – Anna x

In this article by the BBC 2014 is described as the “the year of encryption.”  Sounds good! The NSA are highlighted as we have now come to expect “there is a question mark over whether the NSA may have deliberately used its influence to weaken some encryption systems – or even to introduce “back doors” that provide easy access to encrypted data to anyone who knows of their existence.”

But then the article goes a bit silly.

A Mr Krikken says “If you procure software or hardware from overseas, from a country with a government which does not have your best interests at heart, you need to remember that it may not be as secure as you think” … er…. literally two paragraphs earlier it is it is clearly shown that the USA doesn’t have your best interests at heart.. and we know the UK are in the same boat… never mind overseas!

It is also suggested that encrypting only the most important information is a good idea. Good advice? Sounds like creating a big old bullseye to me… !!LOOK EVERYONE THIS IS THE REALLY IMPORTANT STUFF HERE!!

Also the end of one paragraph and the headline of the next are a little misleading…

“So you have to decide who you trust, and find out where the vendor gets all the parts of its product from.” Don’t be cheap…”

The Don’t be cheap part is actually talking about choosing longer passwords, however, it could easily misinterpreted by a casual reader as “buy the most expensive kit you can”.

None of these statements are rational: really good encryption is not “made” in one particular country, it is Free Software that knows no boarders. Really good encryption is not made by a “vendor” – it is made by a community. Really good encryption cannot be weakened by one government, because everyone else would notice. Really good encryption comes from Free Software.

Just my five pence worth 😉