From: TruthMonger <an7575@anon.nymserver.com>
To: cypherpunks@toad.com
Message Hash: bb0b3a28cf1525caaa7e560636888c0570d49797cdcd070bd338109f2971a30e
Message ID: <199703132233.PAA07051@shaman.lycaeum.org>
Reply To: <199703120626.XAA27069@shaman.lycaeum.org>
UTC Datetime: 1997-03-13 22:34:07 UTC
Raw Date: Thu, 13 Mar 1997 14:34:07 -0800 (PST)
From: TruthMonger <an7575@anon.nymserver.com>
Date: Thu, 13 Mar 1997 14:34:07 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: Anonymous Nymserver: anon.nymserver.com
In-Reply-To: <199703120626.XAA27069@shaman.lycaeum.org>
Message-ID: <199703132233.PAA07051@shaman.lycaeum.org>
MIME-Version: 1.0
Content-Type: text/plain
Alan Olsen hunt and pecked:
> At 08:30 PM 3/12/97 -0700, TruthMonger wrote:
> >Alan Olsen wrote:> >
> >> > > an7575@anon.nymserver.com writes:
> >> >> >> The use of PGP=>2.5 suddenly became a 'non-issue' for use in the
> U.S.
> >> >> because they use both the algorithm and sub-routines developed by the
> >> >> NSA and the Military.
> >> > I always wonder where these people get their information. I know people
> who
> >> know little to nothing about cryptography, but "they know PGP has been
> >> broken".
> > I always wonder why there seem to be so many lame fucks on
> >the cypherpunks list who, rather than responding to the posts
> >on the list, seem to be responding to some broken recording
> >going on in their own head.
> > Naturally, these lame fucks never have a direct quote available
> >to match the words inside their heads that they purport to place
> >in the mouths of others.
>
> The problem is burden of proof. You made a claim with no evidence or facts
> to back it up.
> You made the statement that PGP >2.5 was comprimised. When asked for
> something more that assertion, you go off on a screed.
> Are you retracting that claim? Do you have something you want to share with
> the rest of the class?
Now that you seem to have actually read what I have written, perhaps
you might consider reading what you, yourself, have written.
I stated my case for contending that PGP=>2.5 has been compromised,
and got back wild-eyed demands for proof of that which I did not
claim, mainly, that PGP had been 'broken.'
To reiterate my original observations:
1. The development of RSA was funded and controlled by the spooks.
i.e. - The National Science Foundation and the Navy.
2. The campaign of persecution against Phil Zimmerman ground to a
halt once he agreed to PGP using the spook-developed RSAREF subroutines
to implement the RSA functions, instead of PGP's original subroutines.
If people with guns came to me and told me that software I had
written now had to use their subroutines, instead of my own, then
I would consider my software 'compromised', regardless of whether
or not I could immediately discern any anomalies in it.
It is far, far easier to 'build' a back-door, than to 'find' one.
It never fails to amaze me how the back-doors that software makers
intentionally build into their products for their own convenience
suddenly become 'bugs' when hackers, among others, take advantage
of them.
One hacker I know used to find most of his hacks into AT&T UNIX by
screwing up his system (i.e. - corrupting the passwd file) and then
calling in the AT&T support techs and observing their tricks and
techniques (and then improving on them).
In regard to the question of whether RSA's spookware has some type
of back-door, or has been 'broken', the answers to these questions
are moot, from my point of view, because I do not intend to base
my privacy and security only on programs developed by even the
most well-intentioned of others.
TruthMonger
Return to March 1997
Return to “TruthMonger <an7575@anon.nymserver.com>”