USENIX supports diversity, equity, and inclusion and condemns hate and discrimination.
Trusting PGP
;login: Enters a New Phase of Its Evolution
For over 20 years, ;login: has been a print magazine with a digital version; in the two decades previous, it was USENIX’s newsletter, UNIX News. Since its inception 45 years ago, it has served as a medium through which the USENIX community learns about useful tools, research, and events from one another. Beginning in 2021, ;login: will no longer be the formally published print magazine as we’ve known it most recently, but rather reimagined as a digital publication with increased opportunities for interactivity among authors and readers.
Since USENIX became an open access publisher of papers in 2008, ;login: has remained our only content behind a membership paywall. In keeping with our commitment to open access, all ;login: content will be open to everyone when we make this change. However, only USENIX members at the sustainer level or higher, as well as student members, will have exclusive access to the interactivity options. Rik Farrow, the current editor of the magazine, will continue to provide leadership for the overall content offered in ;login:, which will be released via our website on a regular basis throughout the year.
As we plan to launch this new format, we are forming an editorial committee of volunteers from throughout the USENIX community to curate content, meaning that this will be a formally peer-reviewed publication. This new model will increase opportunities for the community to contribute to ;login: and engage with its content. In addition to written articles, we are open to other ideas of what you might want to experience.
PGP is a great tool, but if you’re coming to it now, after this year’s NSA revelations, then it’s probably not the service you want. In fact, I’ll go further: if PGP is being peddled to you as the panacea to the NSA issues, the peddler probably doesn’t understand what they’re talking about.
In all security decisions, you should decide what you’re trying to protect and from whom. Additionally, you should decide how much the protection is worth to you. Only once you’ve done this, can you decide which attributes (confidentiality, authenticity, etc.) you need and what tradeoffs are worth it.
For various good reasons, I run my own mail service that serves only two people; for various other reasons, I stand out like a sore thumb. Frankly, the NSA is not in my threat model. If it were, I wouldn’t run servers with network services provided by programs written in C. In this article, I assume that the reader is dealing with people who have suddenly decided that the NSA is part of the threat model and that the reader needs data points to apply in a reeducation process.
Download Article:
Article Section:
SYSADMIN
;login: issue: