1995-08-04 - Re: a hole in PGP

Header Data

From: monty.harder@famend.com (MONTY HARDER)
To: CYPHERPUNKS@toad.com
Message Hash: 1346b323e68d4ba2d8f9913717020539da4c41c96b502effb0789166ba0b8672
Message ID: <8AE74C9.00030002C3.uuout@famend.com>
Reply To: N/A
UTC Datetime: 1995-08-04 03:45:35 UTC
Raw Date: Thu, 3 Aug 95 20:45:35 PDT

Raw message

From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 3 Aug 95 20:45:35 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: a hole in PGP
Message-ID: <8AE74C9.00030002C3.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


DF> How is it "unscholarly, unprofessional, needlessly personal, and just
DF> plain insulting" to question the idea that hundreds of thousands of
DF> people are trusting their freedom to software that is probably not
                                                          ^^^^^^^^
  This is where you go too far. You have no basis for assigning such a
probability. While the incentives for releasing a crippled version are
there, the program has been subjected to intense scrutiny. As time goes
on, the failure to detect the kind of weaknesses you describe only
increases trust in the algorithms.

  But if you are paranoid, get a hold of one of the international
versions, use it to generate your keypairs, and then use MIT PGP to
encrypt and decrypt your communications. Nobody can know what version
you are using to make keys.

  Hell, if you are seriously paranoid, get the source code for key
generation, and compile your own stand-alone keymaker. Post it to some
.binaries thing via a remailer, and be happy that you foiled the
dastardly plot. And send a copy to me, while you're at it. With source.
I can compile my own from it that way.

  [Uh-oh. Sounds like "C'punks write code...."]



 * 
Everyone should have a cause.
I have a cause.
It's smut.








I'm for it
---
 * Monster@FAmend.Com *    





Thread