Latest Crypto-Gram discusses Open Source, linux, and the Microsoft/NSA key

[ Thanks to Rhet
for this link. ]

Bruce Schneier’s latest Crypto-Gram
is out. He has a good article on the benefits of Open Source as it
relates to crypto and Linux as well as a discussion of the
NSA/Microsoft key that’s been in the news recently. Read
Crypto-Gram here.

“As a cryptography and computer security expert, I have never
understood the current fuss about the open source software
movement. In the cryptography world, we consider open source
necessary for good security; we have for decades. Public security
is always more secure than proprietary security. It’s true for
cryptographic algorithms, security protocols, and security source
code. For us, open source isn’t just a business model; it’s smart
engineering practice.”

“This argues very strongly for open source cryptographic
algorithms. Since the only way to have any confidence in an
algorithm’s security is to have experts examine it, and the only
way they will spend the time necessary to adequately examine it is
to allow them to publish research papers about it, the algorithm
has to be public. A proprietary algorithm, no matter who designed
it and who was paid under NDA to evaluate it, is much riskier than
a public algorithm.”