Apple should take a lead on security

tkntkn
Posted:
in macOS edited January 2014
Apple should seemlessly integrate GnuPG into the Finder and mail.app with automatic key generation and handling. That would be a great feature. Give it a spiffy name like "iSecure" or "Confidential" and advertise the heck out of how every file you make and every email you send is secured.



I think that would be a real step forward for Mac OS X on corporate environments. Especially in medical and legal environments which are ripe for lawsuits from the amount of unsecured email flying around.



TKN

Comments

  • Reply 1 of 9
    overhopeoverhope Posts: 1,123member
    I can see a few objections to that, primarily the potential speed hit if every single document is being encrypted, and second, the implication that everyone you're going to send anything to needs to have similar software running if they're to open any documents.



    Sure, put it in there, but turn it off by default. Given that 90% of users have a hard time picking a password which isn't ridiculously easy to guess (on one board I moderate at least half the users have the name of the board as their password...), expecting them to even begin to understand how to use a cryptographic system properly might be a bit of a long shot...



    Now I think about it, might the security agencies have something to say about releasing a whole OS with strong encryption built in? I suppose it might drive Mac OS market share up amongst undesirable elements. <img src="graemlins/lol.gif" border="0" alt="[Laughing]" />
  • Reply 2 of 9
    dobbydobby Posts: 794member
    GnuPG would be good to have built in, especially if they included the RSA support.



    Even better though if they perhaps had a few standard things like auto password expiry etc.

    That would be make it easier to intergrate into corporate nets.



    Dobby.



    [ 02-16-2003: Message edited by: dobby ]</p>
  • Reply 3 of 9
    kickahakickaha Posts: 8,760member
    Auto password expiry is included in MacOS X Server, 10.2.x.
  • Reply 4 of 9
    torifiletorifile Posts: 4,024member
    Sure it would be nice, but think about all the problems they would have with the NSA getting in their face about it. I don't know if it's still true, but it used to be illegal to download secure browsers and such if you weren't in the US. It would be a nightmare to navigate, especially during these hyper-paranoid times.
  • Reply 5 of 9
    you can install it onto your system anyway...



    However, if you start sending a lot of encrypted e-mail messages, you'll start getting funny phone calls and e-mails from people "recommending that you don't use encrypted e-mail"
  • Reply 6 of 9
    bartobarto Posts: 2,246member
    [quote]Originally posted by torifile:

    <strong>I don't know if it's still true, but it used to be illegal to download secure browsers and such if you weren't in the US.</strong><hr></blockquote>



    Back when it was illegal, people didn't care. That's because you used NOT to get thrown in jail for sharing software.



    Barto
  • Reply 7 of 9
    [quote]Originally posted by Barto:

    <strong>



    Back when it was illegal, people didn't care. That's because you used NOT to get thrown in jail for sharing software.



    Barto</strong><hr></blockquote>





    It was never illegal to download the software with the "high level encryption", browsers,etc... I was a violation of US export controls for a person/company to export the encryption software.



    The US could do nothing a person in Russia who downloaded it, but could go after the US company/citizen who allowed then to download it, there by exporting it to Russia.



    The export restrictions have eased up a lot but there are still several in place, but 128bit crypto is "good enough" and if you really are in a position where your info is so important that its not enough, then you already have much bigger things to worry about.
  • Reply 8 of 9
    [quote]Originally posted by TKN:

    <strong> "iSecure" </strong><hr></blockquote>



    Please God no, enough of the 'I's.



    Great idea though, I totally agree with you.
  • Reply 9 of 9
    tkntkn Posts: 224member
    So you use iPGP or another non-export restricted algorithm. As far as processing the tasks, ninety-nine percent of emails and documents are really pretty short and it could be set to do it in the background after saving.
Sign In or Register to comment.