1996-08-29 - Not PGP, PGPfone!

Header Data

From: John Anonymous MacDonald <remailer@cypherpunks.ca>
To: cypherpunks@toad.com
Message Hash: 7032829cd1401d04cc437cbe11ed924d5dd28907415eace54b01e37fde45b4e6
Message ID: <199608290102.SAA07316@abraham.cs.berkeley.edu>
Reply To: <199608281157.EAA04520@jobe.shell.portal.com>
UTC Datetime: 1996-08-29 04:47:57 UTC
Raw Date: Thu, 29 Aug 1996 12:47:57 +0800

Raw message

From: John Anonymous MacDonald <remailer@cypherpunks.ca>
Date: Thu, 29 Aug 1996 12:47:57 +0800
To: cypherpunks@toad.com
Subject: Not PGP, PGPfone!
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <199608290102.SAA07316@abraham.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


>  Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to 
> allow the NSA to easily break encoded messages. Early in 1992, the author, 
> Paul Zimmerman, was arrested by Government agents. He was told that he 
> would be set up for trafficking narcotics unless he complied. The Government 
> agency's demands were simple: He was to put a virtually undetectable 
> trapdoor, designed by the NSA, into all future releases of PGP, and to
> tell no-one.

This is wrong, and easily disproven.  There was no way to put a trap
door in PGP because the source code was made publically available.
Modifying every C compiler in the world is just not realistic.

However, the situation has become considerably different with PGPfone.
Source code to PGPfone is kept extremely secret.  A few outsiders may
be given the source to review, but they will not be allowed to compile
and distribute it.  Only binaries of PGPfone compiled by the authors
will be available.  Some interesting portions of the program have even
been intentionally obfuscated to make them extremely difficult to
disassemble and analyze.

With PGPfone, a back would be considerably easier to install...





Thread