Security and Encryption: PGP versus GPG

Security and encryption are something that in my experience, computer users do not worry about until a situation arises out of the neglect. Then, everyone jumps to the situation. The scrambles to security, in retrospect, cause each of us to focus back on the exact reasons we had a breach of security in the first place. In my short time back in Information Technology I saw computer users that take the time to strengthen passwords and others that do not take the time. The number of password resets and password unlocks I got daily gave me enough of an appreciation that security was a major issue in any network. The underbelly of where I worked in I assumed functioned on security keys and secure servers. The only time I remember hearing about DMZ or the de-militarized zone on our network was when we had suffered problems in our network infrastructure. From my perspective though, I did not have to deal with setting up PGP or encryption. Usually, it was assumed our network administrators had the security well in hand.

In that respect, perhaps we need some people like our current domestic police force patrolling civilian networks. I say this because I agree with Ellen Nakashima’s report in the article written of U.S. cybersecurity plans lagging, critics say and the fact that Nakashima says “But the administration is still debating whether it needs new legal authorities – to strengthen the government’s ability to defend private sector networks, for example – or whether existing law allows such actions.” Accordingly, the fact that, as Nakashima says that not enough was done since Obama spoke about the national security highlights the fact of common need for protection.

However, now add in the history of the internet in being free and open and Whitfield Diffie and the article Crypto Rebels by Stephen Levy. Whit Diffie took a system without wide locks and gave a regular key to everyone with PGP.  The idea of PGP, according to Levy, would put the power of securing documents in the hands of the public as opposed to system administrators. However, Diffie did not agree with this amount of control.  So, in retrospect, he would oppose any idea of government having particular control over the network. He would be wary of Obama’s level of control envisioned.

However, consider the idea if police departments would each employ a hacker officer or an officer that is duly trained to  be both police and cybersecure. The question might surround why it is necessary. However, thinking about the fact that police protect the physical public then why not the electronic. Surely, police officers tend to act on orders or from request of different agencies for exposed security infractions on systems. Yet, with massive break-ins of systems such as target, the need for watchdog security might be a solution to consider. Then again, with police officers posing on chatrooms to catch child predators, such as shows past such as “To Catch a Predator”, perhaps such measures are already there. Maybe even Diffie would relent with those reasons.

The application to communication though is far more specific. As such, with communication technologies such as wireless networks, different levels of encryption exist. However, during older implementations of these types of encryption, users would experience a slow-down due to increased levels of calculation. Now, with faster processing on devices capable of transmitting and receiving wireless signals, the slow-down is not so much of a problem. The extra step then, as I related in the beginning, relies on users of technology wanting to take the time on being secure.

The specific focus this week, though, is not especially on the appreciation of Security and Encryption as to how everyone would use it but how I would use either PGP or GPG and why.

If I was to pick the security I would try before I looked at the differences between PGP and GPG I would take PGP because I have known about it longer. The GPG suite seems alright and is open source so I would consider it. However, if I wanted to secure my data and access the internet I would start using Tails more.

The downside of tails is that it does not allow for permanent storage although storage could be setup. Tails loads into a computers RAM and since RAM is based on electrical signals, once your computer goes off it completely resets the memory so there is no trace. However, because of that I don’t have a practical use for Tails since I can’t save any documents I’m working on.

Now, I would look at PGP or GPG as a solution if only for the rare case that if I was say emailing a friend I was coming over, and the friend was murdered before I arrive and I was suspect for murdering him even though I was driving when it happened. I don’t see a reason to encrypt my data.

If I did, I would have to deal with the fact as I said above that not many people are concerned with security and having to get friends and family to install encryption to so that can uncrypt my messages I send to them.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s