FW Editor: What are your plans or objectives in the near future?
InstantCrypt: Programming is a hobby of mine--it allows me to live my mathematical-engineering creativity. So, of course, I have a number of plans that have nothing to do with InstantCrypt.
My plans with InstantCrypt, however, are thus: I see that the development of InstantCrypt has reached a place where I am not shy promoting its use. Further improvements and changes will depend on the user feedback I get. One could think of many smaller and bigger improvements, of writing different versions for different level users (beginner-intermediate-expert), or writing cross-platform versions for Apple’s Mac, Linux or even cell phones and other portable devices—-but I need to know if people like the program at all and which improvements they would really need and like. So currently I am looking for user responses to InstantCrypt and will take it from there.
FW Editor: How and when did you start writing the code for Instant Crypt? What inspired you the most? Do you plan to develop new software, or are you more focused on optimizing the current ones?
InstantCrypt: I started writing InstantCrypt in 2004 or so, because I saw that neither my bank, nor my accountant, nor my doctor (not even my brother, for that matter), nor really anybody I knew were able to use PGP encryption, although this excellent technology had been around for almost twenty years. I looked for a program to point them to that would be absolutely easy to use (I thought nobody would use it if it proved to take more than 15 or 20 minutes to install, set up and use) and found none. So I started to write one myself, thinking it would not be so difficult and knowing I could base it on the open-source program GPG (also called GnuPG) as my encryption engine. At the moment I am not planning other projects—-I totally underestimated the amount of work of this project!
FW Editor: Instant Crypt is a new name on the encryption software market. How do you plan to overcome your competition?
InstantCrypt: At this point, the market is wide open, that is, the number of people who do not use encryption but should is gigantic, especially when it comes to private users. The more PGP encryption becomes known and people become willing and able to use it, the better for InstantCrypt. In this way, my so-called competitors and I are actually helping each other by popularizing the PGP encryption standard. As a hobby programmer of a freeware program I do not have an advertising budget, so currently I promote my program by offering it on the web, relying on recommendations such as your website (FamousBy), and word-of-mouth. I hope that people find InstantCrypt convincing enough so that they recommend it to their friends and business partners.
FW Editor: Is there any feature or tool that it is not available on the current Beta but it is going to be incorporated into the final version of this software?
InstantCrypt: No. And there really is no final version apart from the current beta. I call my versions “beta” to point to the fact that I do not have a testing department and can only do limited testing, and that I am grateful for feedback.
FW Editor: What are the advantages of using Instant Crypt over any other similar product?
InstantCrypt: I wrote it with these goals in mind:
• Attuned to users who don’t know anything about public-key encryption.
• Easy installation.
• Teaching the principles of public-key encryption to an entry-level user on the fly.
• Not tied to a particular e-mail program—-thus, no requirement to switch e-mail programs. Fast and easy cooperation with preinstalled e-mail programs.
• Usable with Web mail (such as yahoo mail, hotmail, gmail, etc.).
• Using an encryption technique that is considered absolutely safe.
I do not know all other similar products, but InstantCrypt’s competitive advantages should be here: Minimal installation efforts; simple, easy-to-learn interface (“learn encryption as you go”—I should make this a slogan for InstantCrypt!); no requirement for a specific e-mail program; works with Web mail.
FW Editor: How safe this Instant Crypt Beta version is?
InstantCrypt: First, we need to discuss what “safe” means. In encryption, safe is not an absolute concept. With unlimited computing power, unlimited financial resources, and unlimited time, every encryption can be cracked. Also, every so often a “weakness” of GPG or PGP is discovered, that is, a possible route to cracking their messages. As far as I could see, most (maybe all) of these weaknesses were rather theoretical, that is, only applicable in certain unlikely cases or reducing the theoretical decryption time from many million years to only half as much or so—-that is, these weaknesses had no real practical implication for encrypted messages. Another development is that as computers become more powerful, methods that used to be secure in the past are not secure any more.
This is the down side: there is no absolute security. On the up side, however, is the fact that we do not need absolute security! Consider this: almost all secrets only have value for a certain amount of time: do you really need your love letters, industrial secrets, military operations, or whatever, to be secret in 1000 years? Probably not. Knowing this, the real definition of “safe” is: an encrypted message is safe if any conceivable adversary is not able to crack the encryption with available computing power and available financial resources within the limited time that the encryption of the message is of any value to you or to the adversary.
How does InstantCrypt do within this definition of safety?
A message encrypted by InstantCrypt is encrypted with the GPG encryption engine, which uses PGP encryption algorithms. Thus, InstantCrypt’s message are as secure as GPG and the PGP algorithms. And at this time, GPG and the PGP algorithms are considered to be secure in the above defined way, i.e., a text or file thus encrypted cannot be read by someone who does not have access to the key for which it was encrypted (even with all the world’s computer power and within reasonable time, as explained above). This includes, to the best of my knowledge, private or government agencies that have access to the currently available most sophisticated methods.—-But maybe the American NSA has a secret way of cracking PGP code that nobody knows about? Possible! But as far as I know, most experts seem to think that this is unlikely.
So, now that you know that “safe” does not point to absolute security but to security as discussed above, my answer is: to my best knowledge, InstantCrypt is safe. That is, to my best knowledge, messages encrypted by InstantCrypt cannot be read by a snooper who intercepted your encrypted message. And to my best knowledge, although there currently exist other equally safe methods, measured by practical standards there are no really safer methods available than the PGP algorithms used by GPG and InstantCrypt.
(Be aware that I cannot be legally liable for this statement; there is a rest of uncertainty that we all have to live with. The only certainties are, as we all know, death and taxes!)
Postscriptum: Because decrypting the messages themselves is rather impossible, people who want access to your secrets will most likely try indirect methods, such as: try to get access to your computer, try to get access to the encryption key, try a man-in-the-middle attack, or try a bland impersonation. (Some of these methods and how you can protect yourself are explained in InstantCrypt’s helpfiles, by the way.) So, if you have secrets so valuable that people might put considerable effort in discovering them, be sure your keys are well protected, make sure you really verify the owners of the keys you receive, and absolutely secure your computer. You may very well need a computer security expert to do this right.
FW Editor: How can you describe Instant Crypt in just a few words? Why?
InstantCrypt: InstantCrypt is a program encrypting text and files with the PGP encryption algorithm. It is designed mainly for use with e-mail and Web mail; it was developed with an entry-level user (this is a friendly word for “beginner” in the field of encryption) in mind.
FW Editor: What is your favorite Instant Crypt feature and why?
InstantCrypt: All features are designed to work together to give a good user experience, so I should really not have a favorite. Nonetheless, one feature that I am quite proud of is the way it facilitates the export of encrypted messages into Web mail. I do not know any other program that does that.
FW Editor: Now, to end our small interview, is there any message you would like to send to Instant Crypt users?
InstantCrypt: Use it! Send feedback! Spread the word!
About this interview