Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Encryption is hard. When NSA leaker Edward Snowden wanted to communicate with journalist Glenn Greenwald via encrypted email, Greenwald couldn’t figure out the venerable crypto program PGP even after Snowden made a 12-minute tutorial video.
Nadim Kobeissi wants to bulldoze that steep learning curve. At the HOPE hacker conference in New York later this month he’ll release a beta version of an all-purpose file encryption program called miniLock, a free and open-source browser plugin designed to let even Luddites encrypt and decrypt files with practically uncrackable cryptographic protection in seconds.
“The tagline is that this is file encryption that does more with less,” says Kobeissi, a 23-year old coder, activist and security consultant. “It’s super simple, approachable, and it’s almost impossible to be confused using it.”
The big issue with public/private key encryption is the sender needs to take action and obtain the recipients public key but I'm not sure how else you could go about it.
For those unfamiliar how this works the recipient first needs to obtain two keys, one is public and one is private. The public key can be published anywhere, it only encrypts the content. So if I wanted you to send me an encrypted file I can just send you my public key, I can post here on this forum if I wanted. you would use that to encrypt the file and once encrypted even you can't decrypt it.
You send that file to me and I can use the private key to decrypt it. Only the private key held by the recipient can decrypt the content.
The big issue with public/private key encryption is the sender needs to take action and obtain the recipients public key but I'm not sure how else you could go about it.
For those unfamiliar how this works the recipient first needs to obtain two keys, one is public and one is private. The public key can be published anywhere, it only encrypts the content. So if I wanted you to send me an encrypted file I can just send you my public key, I can post here on this forum if I wanted. you would use that to encrypt the file and once encrypted even you can't decrypt it.
You send that file to me and I can use the private key to decrypt it. Only the private key held by the recipient can decrypt the content.
Well as I said earlier we'll have to wait and see what turns up during the Hope Hacker Conference.
In case you didn't bother to read the article all this person wanted to do was simplify the process which we can all agree is a real PITA.
Even if that process is simplified two parties are involved and both need to take action. Most importantly if you are the person wanting to send something encrypted the recipient is the one that needs to take action first. That is where the breakdown is in it's use.
Back when PGP first came out, several of the email clients had incorporated it. So it's entirely possible that someone could produce an app to make it easier to use. But I agree that it takes two people to use it and that's more likely what's prevented its wide-spread usage. (That and the fact that the powers-that-be were attempting to prosecute the inventor of PGP for a while because he'd come up with a way to thwart their spying.)
But inherently, PGP use isn't very complicated. The only reason I can think of that Greenwald couldn't "get" it after a video tutorial is that Snowden didn't explain it simply. In fact, if Snowden took 12 minutes to explain it, he almost certainly didn't explain it simply.
Even if that process is simplified two parties are involved and both need to take action. Most importantly if you are the person wanting to send something encrypted the recipient is the one that needs to take action first. That is where the breakdown is in it's use.
Are you daft?
Do you really think this developer is so stupid as to think it only requires one party?
As I suggested before, you didn't bother to read the article:
Quote:
“No logins, and no private keys to manage. Both are eliminated. That’s what’s special,” says Kobeissi. “Users can have their identity for sending and receiving files on any computer that has miniLock installed, without needing to have an account like a web service does, and without needing to manage key files like PGP.”
If miniLock becomes the first truly idiot-proof public key encryption program, it could bring sophisticated encryption to a broad new audience. “PGP sucks,” Johns Hopkins’ Green says. “The ability for regular people to encrypt files is actually a valuable thing…[Kobeissi] has stripped away the complexity and made this thing that does what we need it to do.”
Do you really think this developer is so stupid as to think it only requires one party?
As I suggested before, you didn't bother to read the article:
Why do you need to be so abrasive in your posts?
I didn't say the developer didn't realize it. The point is no matter how simplified the process is the breakdown occurs becsue two people need to take action. If the person I want to send encrypted files too is too lazy or could care less it's not going to happen without action from their part. No matter how safe I want to be with my communication I'm reliant on the actions of another party.
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.