From: Mike Ingle <MIKEINGLE@delphi.com>
Date: Sat, 15 Jan 94 14:25:51 PST
To: cypherpunks@toad.com
Subject: Secure Drive versions
Message-ID: <01H7PWWV4WY299EJCL@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


My only problem with Secure Drive 1.2 is that it doesn't include the
bug fixes which needed to be included. If Edgar wants to use my 1.1 code
to make 1.3, great. But the two-drives bug needs fixing, and I wrote a
cracker which tests 1000 passphrases per second on the 1.0 version.
The 1.1 version iterates the passphrase hash to prevent this. As for how
it's distributed, I've always requested that it not be exported, and there
is a message in the new distribution asking that foreign sites not carry
it if they somehow obtain a copy.

--- Mike

P.S. All these forged messages are becoming a problem. Detweiler may
succeed in his effort to make us not know who's real and who's a
tentacle. Ignore anything from a remailer, which (a) has a name at the
bottom, or (b) sounds like Detweiler. As for what to do about SMTP
spoofing, any ideas? Next he will start posting denials of real messages.
That way we won't know what messages are real and falsely denied, and
which ones are false and the denials are real.