1997-10-06 - Re: New PGP “Everything the FBI ever dreamed of”

Header Data

From: “William H. Geiger III” <whgiii@invweb.net>
To: Alan <alan@ctrl-alt-del.com>
Message Hash: bcc613fd88712e8b52b6a977b135d7eaa0e8753952533896c3bb239797ffe521
Message ID: <199710060249.WAA15953@users.invweb.net>
Reply To: <3.0.3.32.19971005124929.03dfa15c@ctrl-alt-del.com>
UTC Datetime: 1997-10-06 02:57:24 UTC
Raw Date: Mon, 6 Oct 1997 10:57:24 +0800

Raw message

From: "William H. Geiger III" <whgiii@invweb.net>
Date: Mon, 6 Oct 1997 10:57:24 +0800
To: Alan <alan@ctrl-alt-del.com>
Subject: Re: New PGP "Everything the FBI ever dreamed of"
In-Reply-To: <3.0.3.32.19971005124929.03dfa15c@ctrl-alt-del.com>
Message-ID: <199710060249.WAA15953@users.invweb.net>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

In <3.0.3.32.19971005124929.03dfa15c@ctrl-alt-del.com>, on 10/05/97 
   at 12, Alan <alan@ctrl-alt-del.com> said:

>At 11:46 AM 10/5/97 -0500, William H. Geiger III wrote:
>>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>
>>In <v03102800b05d58dd0280@[207.167.93.63]>, on 10/05/97 
>>   at 08, Tim May <tcmay@got.net> said:
>>
>>>Let's hope PGP, Inc. comes to their senses and stops doing the work of
>>>Big Brother.
>>
>>This is really silly Tim,
>>
>>The ability to encrypt using multiple keys has been a feature of PGP since
>>day one. All the Business Edition is doing is automating the process.
>>Despite the flawed news reports on this matter (who would have guessed)
>>their is nothing covert about it. The user is both informed that this is
>>being done and there is a way for the user to disable it in the client.

>I guess the real question is whether the messages/files generated just
>add an extra key or if they leak the key through some harder to identify
>method.

>The current version of PGP no longer shows you the list of recipients, so
>it is more difficult to determine if extra keys are added.

>Is the method they are using for this new version to "escrow" the keys
>obvious to the recipient or not?

I *highly* doubt that they are doing anything other than adding an extra
recipiant when encrypting. The code for doing so is already there and
achives the objectives desired by their customers. Really no reason to do
anything else from a programming or business prospective.

I have not had a chance to obtain a copy of 5.5 and check it out so I
don't know what info is being presented to the user. I don't run Win95/NT
or MAC so it is unlikly that I will spend the $$$ for a copy. Perhaps
someone running one of these inferior OS's could obtain a copy and
investegate this aspect futher. :)

Looking at the encrypted messages should revial wether or not extra keys
are being added or not.


- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                        
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNDhTPY9Co1n+aLhhAQEI1QP9Fj3g1lC/WMiWxYCOJnyoCgniD+zb2Ksf
bBWsMtflzQVSx7usOGProMxKcael8H9fHBxEuOJU+y2jlINDFAgXBCKHrErtlzfR
uJ+NWGeR4ctx+qEJps0mlPcNp7cDzfX5A7bAiVnWb1G/n2R0y4+5sn1i1HkAs0sa
u/5KZLVgPZg=
=64ir
-----END PGP SIGNATURE-----






Thread