That's why Silent Circle, the new crypto startup with Phil Zimmerman, creator of the indispensable Pretty Good Privacy program, has been quick to assuage concerns about the reliability of its code by announcing that it would be making it available for inspection. It's also why many are sceptical about Kaspersky's claim that his company will be writing a secure operating system for industrial applications, but without allowing the code to be examined.
This natural fit between open source and protecting secrecy and privacy is evident in the new CryptoParty movement, which aims to introduce general users to the basic encryption programs and how to use them in everyday life. This is in response to increasing online surveillance by governments around the world, even of law-abiding citizens. A particularly egregious example is the Draft Communications Bill in the UK, which proposes storing all key information about our internet use – email and web addresses – along with communications data from mobile phones.
A CryptoParty is an informal gathering where people can learn from experts how to use available crypto tools to regain some measure of privacy and secrecy in the face of this governmental assault. As the accompanying CryptoPartyHandbook makes clear, the software recommended is nearly all open source: Thunderbird, Firefox, KeePassX, PGP, TrueCrypt and Tor. There's even a section entitled "The necessity of Open Source."
The CryptoParty idea was only dreamt up a few months ago, but events have taken place in many dozens of cities around the world, with more planned. Alongside their intrinsic importance, they also represent a unique opportunity for free software.
As explained above, much of the CryptoParty sessions revolve around free software, and its advantages. This means that, in the nicest possible way, CryptoParties are seeding people's minds with the idea that free software is something worth having and using. One way to foster that attitude would be for free software organisations and supporters to take part in local CryptoParties, helping to show people how to install and use key free software programs.
In particular, this would seem a useful thing for Mozilla to get involved in as well, since its programs are specifically promoted as two of the pillars of a secure approach to computing – a great endorsement. Moreover, privacy and security are already key elements of its work, so providing support to CryptoParties would be a good fit.
What's interesting is that the increasingly intrusive actions of governments around the world might not only spur more CryptoParties to be organised, thus alerting users to the options available to them if they wish to protect themselves online, it could also be an opportunity to promote the wider benefits of free software in a low-key but effective way. It would get around the problem that few general users are interested in rather abstract issues like digital freedom or coding superiority: framing it in terms of preserving personal privacy and confidentiality may well bring home to them why this stuff really matters.