I’m one of the maintainers of our PKI-enablement library, PKIF. It’s open source, cross platform, and does a lot. Our main target platforms are Red Hat, Windows and Solaris 10. Every once in a while, I’ll build and test elsewhere mainly to make sure accidental assumptions haven’t crept into our code or build process. Tonight, I gave it a run on OS X Leopard and was just amazed at how much “just worked” for free (or for minor tweaks to the build system, which will be folded into the next release) especially in the GUI library and test applications. You won’t mistake it for something developed from the ground up for the Mac, but you can certainly use it. I’m particularly surprised at how well the GUI works without even a little tweaking of the interface for Mac, all thanks to wxWidgets.

I’d suggest not trying this at home until you see 2.1.6 on the sourceforge site, though, as the ease of accomplishing this is an indirect result of many improvements to our build scripts, which will be available for download with 2.1.6.

This message is digitally signed. Any confidential information sent to this email account should first be encrypted using the X.509 certificate included with this digital signature. The recipient of electronic communications controls neither the routers handling internet email nor the server upon which such messages will ultimately reside. Given the mechanics necessary for the transmission of email over the internet, it is impossible to compel any intermediary or recipient to delete or disregard information contained therein; the only reasonable guarantee of confidentiality is encryption. Failure to encrypt confidential information indicates that the sender accepts sole responsibility for any breach that may occur, regardless of any disclaimers or instructions that may accompany such information.

I hate to knock hard-working I.T. folks. Managing a company’s systems is fraught with challenges. Sometimes it’s difficult just to keep the lights on. But any “I.T. Manager” who complained to Microsoft about this utility is surely not doing his or her job. Microsoft has provided I.T. departments with facilities to control who can and can’t install software for many years now. These facilities are actually pretty good in Windows XP, which is required for Private Folder. The fact is, if a user cannot be trusted not to expose your business to increased risk of data loss by installing and running this utility, that user should be prohibited from installing software on your systems and you should refuse to install this software on them. End of story. Any manager who allows this type of user to install software is neglecting to manage their infrastructure.

Now, I’ve never been opposed to reasonable police powers. If the cops can convince a judge that a warrant is justified, they should certainly be able to obtain the wiretaps they need to perform their duty. That’s not disturbing in the least. But coupled with stories of “designated free-speech areas” and people being arrested and/or harrassed for such things as t-shirts advocating peace, the notion that backdoors should be built into every piece of communications equipment gives me pause. In particular when the regulation requiring the backdoor includes provisions for activation without a warrant. I opposed this crap during the previous administration and opppose it now.

So my big question about the proposed regulation is: will my activities now be criminal? See, my needs aren’t served by the communications equipment on the mass market. I’m presently building my own communications equipment to service my requirements. My build includes:

• A Soekris single board computer
• Two wireless cards: one for my own secured communications, and one for the convenience of passerby, as a public service
• Firewall, VPN and routing software developed in Switzerland
• A hardware cryptographic accelerator developed in Taiwan

Now, it’s a real safe bet that neither the crypto accelerator nor the firewall software will ever include the backdoor the feds mandate. Frankly, if they did, I’d write my own firewall and do my crypto in software I’ve personally audited for holes before I’d consider using them. It’s absolutely impossible to design a backdoor such that authorized police agencies can access it and no one else can. Any assertions to the contrary are over-optimistic, disingenuous or both.

Do they honestly plan to make the use or distribution of this correctly functioning equipment illegal? That sounds unthinkable to me, but apparently I’m an exception in this regard. I’m patriotic. I have no intention of doing anything harmful or illegal. But this really rubs me the wrong way. Am I the only one?