billzo: Have you checked out GPG (Gnu Privacy Guard)? It'll be Linux-centric, but it looks like there's a Windows version.
On the wider point, there was a great point that I read in this article
So now I'll get to the "what is so laughable if it weren't so disturbing" part. The software developers reading this will know immediately what I mean when I call out the following little aspect in the proposed regulations: "Developers of software that enables peer-to-peer communication must redesign their service to allow interception." For those of you who aren't current software developers, or just haven't had your morning coffee yet, I'll spell out the implications.
So, for direct point-to-point communication, they want some way for a centralised organisation to break in? That'll mean we have to redefine "peer-to-peer" as "peer-to-peer-with-the-possibility-of-going-via-a-central-node-which-basically-makes-it-server-based-again".
Also, they go on a bit of a "slippery slope" adventure. They're occasionally spurious arguments, but they do give a "well where do you stop" and "well look at the obvious flaw, which is best displayed in the extreme" example:
As one example, a tool that is seeing explosive growth in the development community is "git", which provides a completely decentralized version control system. Now, one would have to be an especially dumb bad guy to use a version control system for planning criminal activities! But for that reason, git makes a nice extreme case of the implications of these regulations. If the policy is really to apply to every possible case, then that means that anyone developing any kind of software that does not go through a centralized service must provide a secure, undetectable back door for surveillance. (Word to the EGit and Mylyn developers -- might as well get cracking now!)
Thank goodness I'm in the UK...hang on, we're probably nearly as bad as that, and
our government likes to bend over for the Americans. Damnit.
Edited by IBBoard, 28 September 2010 - 02:05 PM.