From: “William H. Geiger III” <whgiii@openpgp.net>
To: holist <holist@mail.matav.hu>
Message Hash: 86bea7c7807b30447a26bb780eaf49e105495f9704dfa2399465c50d78a484e8
Message ID: <199811222216.RAA002.10@whgiii>
Reply To: <199811222154.NAA25646@toad.com>
UTC Datetime: 1998-11-22 23:42:51 UTC
Raw Date: Mon, 23 Nov 1998 07:42:51 +0800
From: "William H. Geiger III" <whgiii@openpgp.net>
Date: Mon, 23 Nov 1998 07:42:51 +0800
To: holist <holist@mail.matav.hu>
Subject: Re:
In-Reply-To: <199811222154.NAA25646@toad.com>
Message-ID: <199811222216.RAA002.10@whgiii>
MIME-Version: 1.0
Content-Type: text/plain
In <199811222154.NAA25646@toad.com>, on 11/22/98
at 01:54 PM, holist <holist@mail.matav.hu> said:
>I'm sorry if this is gnawing at old bones for you, but I recently heard
>from a rather paranoid, anonymous source here in Hungay that PGP was
>compromised, Zimmermann sold out to the Feds, all versions except
>possibly early DOS versions of PGP have back doors in them.
>He is also claiming that the CIA have already provided the backdoor-key
>to PGP 5.0 to the Hungarian Secret Services. Is he being too paranoid, or
>what?
>The reason I am asking cypherpunks, which I realise is not really a list
>dedicated to PGP, about them, is that their credentials to my mind would
>be sufficient to discredit. I have heard this rumour in sufficiently
>bogus intellectual contexts before (Cyberconf8, if that rings a bell to
>anyone -
>wouldn't blame you if it didn't) where it seemed blatantly obvious that
>it was entirely unfounded, as the people who were spreading it could not
>recognise code if they saw it, and seemed only an attempt to appear to be
>in the know. This source, however, seems different.
>Can I have some reassurance, please? And could you possibly suggest how
>someone unable to check the code themselves could go about authenticating
>a version of PGP? It is fated to become a rather important issue here
>soon.
This is FUD.
Goto: http://www.pgpi.com
Download the source code to the version of PGP you want to run and compile it yourself. You are free to examine the code and insure that there are no "backdoors" in it.
This is the advantage of PGP over the various S/MIME products on the market. PGP source code is available for peer review, Netscape, Microsoft, (add your S/MIME vendor here) is not.
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
---------------------------------------------------------------
Return to November 1998
Return to ““William H. Geiger III” <whgiii@openpgp.net>”