1993-08-26 - Re: Commercial PGP: Verifying Trustworthiness

Header Data

From: norm@netcom.com (Norman Hardy)
To: cypherpunks@toad.com
Message Hash: be94eb0e3af59e112dab21292672b71a2b77f35d82f81d6fca7c4e1ebe1c680c
Message ID: <9308262157.AA25459@netcom5.netcom.com>
Reply To: N/A
UTC Datetime: 1993-08-26 21:57:34 UTC
Raw Date: Thu, 26 Aug 93 14:57:34 PDT

Raw message

From: norm@netcom.com (Norman Hardy)
Date: Thu, 26 Aug 93 14:57:34 PDT
To: cypherpunks@toad.com
Subject: Re: Commercial PGP: Verifying Trustworthiness
Message-ID: <9308262157.AA25459@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


thug@phantom.com (Murdering Thug) writes:
> I'm assuming the NSA will pressure ViaCrypt to put in a backdoor.  One
> possible backdoor that can be placed inside the commercial PGP and still
> allow it to pass the above test is if commericial PGP secretly writes all
> keys and pass phrases to a block on your hard disk, and marks that
> block as used to the file system.  In order to prevent you from scanning
> your hard disk and finding that block, the information stored there could
> be encrypted by a key which the NSA has in it's possession.
 
At least the Commercial PGP is not tamper proof and examination can,
in principle, discover the backdoor. After discovery it would
impossible to deny.





Thread