BBC Online 24/3/2000: "MI5 laptop snatched"
Caspar Bowden
cb at fipr.org
Fri, 24 Mar 2000 14:27:30 -0000
> > At 09:38 24/03/00 -0000, you wrote:
> > >Lucky the chap wasn't enroute to Cheltenham with GTAC's
> main key archive,
> > >eh? Where was it GTAC is going to be physically located Simon ?
> > >
> >
> > My thoughts entirely, not very reassuring is it,
>
> And I thought it was the general consensus here that good
> encryption is so
> secure that you can allow anyone to have access to your
> secrets, oh, for 50
> years or so :-) You really can't have it both ways, you know.
Yes you can. There's all the difference in the world between trusting crypto
that is setup and used according to one's own criteria, and trusting your
key to a wholly opaque organisation, whose procedures and compliance will
not be independently specified or audited, and is under continual
cheese-paring pressure to cut corners and do stuff on the cheap. The risk is
out of your control and in the immortal words of Tristan Garel-Jones MP
signing a Matrix-Churchill PII certificate, "could result in unquantifiable
damage".
--
Caspar Bowden http://www.fipr.org
Director, Foundation for Information Policy Research
Tel: +44(0)171 354 2333 Fax: +44(0)171 827 6534