From: IPG Sales <ipgsales@cyberstation.net>
Date: Thu, 22 Feb 1996 08:20:46 +0800
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Internet Privacy Guaranteed ad (POTP Jr.)
In-Reply-To: <v02120d1aad50107a5006@[192.0.2.1]>
Message-ID: <Pine.BSD/.3.91.960220184124.18188A-100000@citrine.cyberstation.net>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 20 Feb 1996, Lucky Green wrote:

> At 17:22 2/20/96, IPG Sales wrote:
> 
> >If you are able to break the system, and everyone knows what we mean by
> >break, then we will publicly admit that we are snake oil salesmen, and
> >all the other things that Perry Metzger and others called us.
> 
> It is by no means clear to me what "breaking the system" means. One does
> not have to be able to decipher a single message to prove a system to be
> insecure. Moreover, cryptanalysis is economics: is it more expensive to get
> the information by analyzing the crypto than it is to get it by other
> means?
> 
> Do we have to show an exploitable flaw? Or we have to do the exploit? That
> might be expensive. Who would judge the contest?
> 
> The alogrithm aside, IPG provides the intial OTP. Seems to me that IPG can
> read the messages. End of story.
> 
Hedging, hedging, hedging - why? I did not noitice this in my first 
reply - in addition to giving you the company if you can break the 
system, we will give you the company if you can establish, through our 
employees or any other method, that we retain any Ocopies of the TPs, 
any! - for very large systems, we maintain a temporary copy to insure 
safe arrival, by excuting the check system menu item - 
it is immediate destroyed upon system notification. Anyone that wants to 
audit us cazn do so, unannounced at any time - subject to payment ofd 
expenses! We do not keep copies, we would not be in business 30 days if 
we did.

> 
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> 
> 
>