From: J. Michael Diehl <mdiehl@hydra.unm.edu>
Date: Wed, 5 May 93 01:26:49 PDT
To: cypherpunks@toad.com
Subject: pgp temp files.
Message-ID: <9305050826.AA20910@hydra.unm.edu>
MIME-Version: 1.0
Content-Type: text/plain


After using pgp to read an encrypted message, I ran chkdsk on my hard drive.  I
was astonished to find that chkdsk found an error on my hard drive, but I was
even more astonished to find that when I recovered the error to a file, it 
contained most of a message I had just read using pgp.  Apearantly, this was
what was left of a temp file that pgp used.  IMHO, pgp should have wiped this
file.  Maybe I should try to use a ramdisk as my temp-file path.  Just thought
ya'll should know that pgp may not be as secure as we hope.

In my effort to write a menu system for pgp-encrypted email, I use pgp very 
often, and in very unusuall ways.  Consequently, I have found a (very) few 
weaknesses in the program.  Is anyone currently supporting pgp, or am I on my
own?  If anyone is supporting pgp, I'd like to talk to you. ;^)  Thanx in 
advance.
+-----------------------+-----------------------------+---------+
| J. Michael Diehl ;-)  | I thought I was wrong once. | PGP KEY |
|                       |    But, I was mistaken.     |available|
|                       +-----------------------------+---------+
| mdiehl@triton.unm.edu | "I'm just looking for the opportunity |
| mike.diehl@fido.org   | to be Politically Incorrect!   <Me>   |
| (505) 299-2282        |                                       |
+------How do I send email between fidonet and internet?--------+