NetWorld! What People Are Really Doing on the Internet and What It Means to You - David H. Rothman

PGP and the Fight for Privacy—and

Against Clipper—on the Internet

Father Bill Morton, an Anglican priest in Woodstock, New Brunswick, could take confessions via e-mail without violating his vows. Encryption software guarded the privacy of his communications. In Florida a bright teenager without any vices—but with a nosy mother—could protect her diaries. And in New York, an employee of a leading investment house could routinely guard his credit card number. The same software made it possible for thousands to use the Net for confidential business transactions. At the same time, democratic activists in the former Soviet Union would be able protect their messages if tyranny returns.

The name for this encryption package was PGP and by 1995 it was as much a cause as a program. Thousands had downloaded it off the Internet and other networks. Named in tribute to Ralph’s Pretty Good Grocery on Garrison Keillor’s radio show, PGP stood for Pretty Good Privacy. PGP lived up to its name—people needed it. Part of the reason was the nature of the Net itself. A skilled hacker could intercept unencrypted e-mail more easily than on the regular commercial networks. Mail often passed through computers at a number of universities and companies before reaching its destination. Without question the best way to protect the contents of your outgoing mail was to scramble its message before you sent it into cyberspace.

PGP was also popular because its use showed that the Net would never accept Clipper chip encryption schemes—designed to make it easier for the government to snoop on citizens.

Not surprisingly, then, at the time I was writing this book, Phil Zimmermann was a hero to many on the Internet. His program meant dignity. It meant safer commerce on the Net. Other privacy protection programs existed, but his was most popular, making it all the more useful. So when the Feds threatened Zimmermann, many people correctly felt as if Washington were attacking them along the way. The irony was that the federal government’s policies against safe encryption could actually threaten world security and had already set back efforts on behalf of computer security.

In a sense the PGP story was part of a continuum, and not just because the Egyptians had scrambled messages four thousand years ago or because encryption had been a staple of Cold Warriors.

Even while growing up in Miami and Fort Lauderdale, Phil Zimmermann had tinkered with secret codes. At around age ten he had learned Morse code, Braille, and, via lemon juice, invisible ink. By his teens he was building code wheels; at Florida Atlantic University, he kept up his passion for puzzles and secrets. He started out there in physics; switched to computer science; married; packed up for Boulder, Colorado, where he became a computer consultant; and thought of a move to New Zealand. Phil Zimmermann believed it would be safer, in the event of nuclear war, than Ground Zero countries.

Instead of leaving the States, however, Zimmermann decided to stay and help throttle back the military. Along with the astronomer Carl Sagan and Daniel Ellsberg of Pentagon Papers fame—and hundreds of others—Zimmermann was arrested at testing grounds in Nevada. Soon his love of computers would be converging with his distrust of people in uniforms.

Zimmermann in the early ’80s was selling a gadget that plugged into an Apple II computer but used an 8088 chip just like the then-new IBM personal computer. This gadget was designed to allow people to keep their old Apple hardware and software while running new programs for the fast new chip. Zimmermann called his company Metamorphic Systems. A programmer from Arkansas saw a Metamorphic ad and called Zimmermann to pitch to him an encryption system that was too long to run on most machines. Would Zimmermann care to adapt the system to run on an 8088 chip? He would.[^[6.13]]