From: fc@all.net (Dr. Frederick B. Cohen)
To: rah@shipwright.com (Robert Hettinga)
Message Hash: 6159db8177e9b5a341e46a7d7d61884c5768de30646308713d7535e195d3c243
Message ID: <9508010103.AA06094@all.net>
Reply To: <v02120d06ac432493c978@[199.0.65.105]>
UTC Datetime: 1995-08-01 01:10:12 UTC
Raw Date: Mon, 31 Jul 95 18:10:12 PDT
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 18:10:12 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: a hole in PGP
In-Reply-To: <v02120d06ac432493c978@[199.0.65.105]>
Message-ID: <9508010103.AA06094@all.net>
MIME-Version: 1.0
Content-Type: text
>
> At 8:08 PM 7/31/95, Dr. Fred said:
>
> >it is impractical to verify that there
> >are no subtle back doors
>
> Ah. I knew my undergraduate philosophy degree from good ol' Mizzou would
> come in handy some day. In the sophistry biz, the above is an informal
> fallacy. It's called a disproving a negative, more popularly called the
> "Flying Saucer" fallacy, as in, "prove to me that flying saucers (or PGP
> trap-doors) don't exist".
More accurately, you cannot prove a forall statement about an infinite
set by demonstrating examples - but you can disprove it with a single
refutation, however, your argument is incorrect in this context.
Since computers current digital computers (and programs) are (close to)
finite state machines, we can prove many forall statements. But even
more to the point, it is the job of the person asking you to trust them
to justify that trust. If you trust them with a less-than-adequate
basis, you have only yourself to blame when you get burned.
> I would put the rest of your rejoinder in the same class of tinker-toy
> logic, Doc.
That's me - a tinker-toy logician. But why do you believe that PGP can be
trusted? Because someone told you so in email on an Internet forum? I
would hate to bet billions of dollars a day and the lives of hundreds of
thousands of people on that judgement.
> You're testing my patience. Feeling flush from my New Orleans road trip, I
> went out and bought the commercial version of Eudora, filter-feature and
> all, which means I'm just itching to test it. In other words, it means you
> are flirting with the kill-file, the bozo-filter, more rudely, a
> <plonk!ing>.
Ah!!! A threat. You should be aware that threatening homocide is a form
of assault. I will be certain to tell the FBI your exact words... "the
kill-file, the bozo-filter, more rudely, a <plonk!ing>." sounds to me
(and may well sound to them) like a threat to commit murder.
> Play nice, Doc, or don't play at all.
I am being nice, but you are not. Perhaps you should consider
addressing the issues.
--
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
Return to August 1995
Return to “rah@shipwright.com (Robert Hettinga)”