From: John Deters <jad@dsddhc.com>
Date: Tue, 18 Jun 1996 19:43:43 +0800
To: cypherpunks@toad.com
Subject: Re: SafE Mail Corporation
Message-ID: <2.2.32.19960618043122.0095e0a4@labg30>
MIME-Version: 1.0
Content-Type: text/plain


At 05:21 PM 6/17/96 -0400, you wrote:
>We would like someone to be able or should I say try and crack our
>encryption. IT IS IMPOSSIBLE.
>
>Our Web site is http://www.sfmc.com  Phone number is 1-800-252-9938.
>
>Randy Estridge
>SafE Mail Corporation  

Well, when I read this letter, I was sure it was a troll.  I was amazed to
find that not only are these people serious, but they're convicing other
people to buy into this nonsense!

Almost every page on their web site contains factual errors that range from
misleading to incorrect to slander.

Here's a gem from the comparison page:  http://www.sfmc.com/comp.html

Security of different programs 

                | Public  | Compres.| Error   | ITERNET        
   Program      | Key     |         | Correct.| Compatib.  
  --------------+---------+---------+---------+----------
  SafE Mail(TM) |   YES   |   YES   |   YES   |   YES 
  PGP           |   YES   |   NO    |   NO    |   NO
  PEM           |   YES   |   NO    |   NO    |   Yes
  --------------+---------+---------+---------+----------

[ So, how many of you were surprised to learn that PGP is not Internet
compatible, and doesn't do compression?  I'm sure Mr. Zimmerman will be
quite amazed! ]

--

>From their FAQ:  http://www.sfmc.com/faqu.html

* SafE Mail(tm) utilizes a short 22 character Public Key which I realize is
"great" for key exchange. Does this short Public Key the encription code
vulnerable to attack?
     No! The Public Key is generated by a "One Way Hash Function" when the
owner of the software names a private key or passwords. This makes the
encryption code secure and not vulnerable to attack by unautorized individuals. 

* Is SafE Mail(tm) software a solution to concerns about under age or general
viewing of obscene material on the INTERNET?

     Yes! Remember SafE Mail(tm) will encrypt virtually any type of computer
generated files including pictures, video and audio. 

* How can SafE Mail(tm) be used for exchanging sensitive or obscene materials
over the INTERNET?

     Image provider and Subscriber should both utilize SafE Mail(tm) software.
Upon exchange of Public Keys by both parties, Image provider can transmit
encrypted files that can be decrypted by Subscriber with his public and
private keys. Files encrypted with SafE Mail(tm) will be a strong barrier to
any unauthorized viewing. 

[So, remember, the next time you wish to break the law by transmitting
obscene images (which have been shown in court already to be illegal), use
SafE Mail(tm).]

--

More from the comparisons page:  http://www.sfmc.com/comp.html

SafE Mail(tm) and RSA(r) algorithms comparison table 

                   |  SafE Mail(TM)              |   RSA  (RC4+MD5)
-------------------+-----------------------------+--------------------
 Programm          | SafE Mail(TM) for Win 1.12  | Entrust 1.1r1
                   | SafE Mail(TM) for DOS 1.12  |
                   |                             |
 Performance Speed | ~4400kB/Sec (In addition to | ~770kB/Sec (Only
 (Results based on | Encryption also performs    | does Encryption)
 33mHz SunSparcs   | Compression, Error          |
 Station)          | Correction, Internet        |
                   | Compatibility and Electronic|
                   | Signature at the same time).|
                   |                             |
 Compression       | Yes, up to 85%              | No, increases
                   |                             | file size by up
                   |                             | to 40%
                   |                             |
 Internet          | Yes                         | No
 Compatibility     |                             |
                   |                             |
 Electronic        | Yes                         | Yes
 Signature         |                             |
                   |                             |
 Public Key        | Yes                         | Yes
 Distribution      |                             |
                   |                             |
 Length of Public  | 22 characters only          | Over 1200 characters
 Key               |                               | can distribute on the 
                   |                             | diskettes only
                   |                             |
 Integrity Checking| Yes                         | Yes
                   |                             |
 Error Correction  | 9 different levels, selected| None Available
                   | by user.                    |
                   |                             |
 Best Attack       | No known way                | Statistical
                   |                             | Analysis
                   |                             |

[ Where to begin?  I wonder if it's their DOS or Windows version that runs
on the 33MHz SparcStation?  Oh, and I love the "no known way" to attack them. ]

--

What are the trade magazines saying about SafE Mail(tm)?  Well, this is from
that traditional bastion of reporting integrity, the Carolina Computer News,
June 1995:  http://www.sfmc.com/scop02.html

" ...SafE Mail(tm) is designed to be a powerfull business and personal
communications tool, ideal for public or private network communications.
SafE Mail(tm) provides the least expensive, fastest, INTERNET compatible,
secure file transmission on the ma rket today. SafE Mail(tm) has a unique
encryption algorithm.
It's encryption key is longer than any other similar product currently
available on the market today. The user can define the distortion/error
correction level which determines the length of the encryption key. The
longer the key length, the more difficult it is to break. SafE Mail(tm) employs
the Public Key Distribution algorithm. Unlike currently available encryption
algorithms (DES,RSA), SafE Mail(tm) generates a unique 22 character public key
for each user. Des has no public key generator and the RSA Public Key
becomes larger (up to several kilobytes) as the number of recipients
increase. SafE Mail(tm) error correction is capable of restoring a binary file
having 15% distortion errors or an ASCII file with 30% errors. SafE Mail(tm)
excellent compression capability allows an ASCII file to be deflated by
almost 85%!... " 

[ If you read the quotes from the various magazines, you probably won't be
surprised at the list of quality magazine names that have been taken in by
these hucksters:  Byte, PC Week, PC Today, and others. ]

--

However, it gets even better than this.  The capstone (if you'll pardon the
pun) of these folks is their contest, described at http://www.sfmc.com/cont.html
If you can break their security, you'll win FIVE FREE COPIES of SafE Mail(tm)!
Gosh, how can we pass up such an opportunity?

-j, ROTFLOL  :-)
--
J. Deters
>From Senator C. Burns' Pro-CODE bill, which I support and you can find at:
http://www.senate.gov/member/mt/burns/general/billtext.htm
"  (2) Miniaturization, disturbed computing, and reduced transmission
 costs make communication via electronic networks a reality."
+---------------------------------------------------------+
| NET:     jad@dsddhc.com (work)    jad@pclink.com (home) |
| PSTN:    1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'33"N by 93^16'42"W Elev. ~=290m (work)     |
| PGP Key ID:  768 / 15FFA875                             |
+---------------------------------------------------------+