From: Peter Bradie Area: Public Key Encryption To: Jim Grubs, W8grt 27 Oct 94 20:01:00 Subject: Pgp signatures UpdReq -=> Quoting Jim Grubs, W8grt to Peter Bradie <=- > If I'm out of line, please let me know. If not, then > could you explain > the rationale for accumulating keys from people you do JGW> The rationale is that if someone wanted to tamper with your key or JGW> create a phony in your name he would have to replace all the copies on JGW> everybody's keyring. It sorta gets back to the Web of Trust... I don't have your key because I don't know you, don't know anyone who does know you, and cannot anticipate any time in the future when I'd need to send confidential information to you that might require encryption. If you have my public key you could send me something encrypted... but I've no earthly idea why you might want to do so. And if you did, how do you know that I really am Peter Bradie? ... If we don't stop censorship now, we'll be >>>>>ked! ... Blue Wave/QWK v2.10 201434369420143436942014343694201434369420143436942014343694718 From: Peter Bradie Area: Public Key Encryption To: Brian Mcmurry 27 Oct 94 20:11:00 Subject: Pgp signatures UpdReq -=> Quoting Brian Mcmurry to Peter Bradie <=- PB> Would this message have any greater significance to you if I had PB> 'signed' it and posted my key in PKEY_DROP? BM> If your key had been signed by someone *I* trust -or- you had later BM> denied that the post had originated from you, yes. That gets back to 1) the Web of Trust and 2) the need for validation. I also think that your above statement should be conjunctive rather than disjunctive.... -and- versus -or-.:-) Since you don't know me from Adam's off ox, and the above statement has virtually no significance, whether I denied making it or not is almost immaterial. Now, if the message was significant, so much so that you would take some positive action because of it, I'd expect you'd call me to verify that the message was from me, and that the action was expected. Please don't misunderstand me; I think that PGP is a marvelous tool. I just think that people make too much of the trappings that go along with it. ... First, we kill all the paranoids... ... Blue Wave/QWK v2.10 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: Christopher Baker 28 Oct 94 16:41:06 Subject: Re: PGP 2.6.2 update note UpdReq I believe that the legal_kludge= option has been taken out too. 201434369420143436942014343694201434369420143436942014343694718 From: Marshall Votta Area: Public Key Encryption To: John Mudge 30 Oct 94 09:06:30 Subject: Re: PGP embedded in .gif's ? UpdReq JM> Any sources for this software? I have it. The program is called "Stego"; at least, my version is. What it does is alters 50% of the colors 1/256th in grayness, replacing the bit with one of the bits of your message. Modifications are not detectable by the naked eye. You can pick it up as magic name "STEGO" from 1:323/140. On the net, surf over to soda.berkeley.edu via FTP, and go to the /pub/cypherpunks/steganography directory for Stego 1.0a2. Instructions: #1) Delete 'newmess.dat', 'message.dat', and 'message.scr'. #2) Pick your favorite .GIF, .PCX, whatever. #3) Run "GETSCR", a TSR which will grab the picture into memory. #4) Run a graphics view program that supports 320x200x256. #5) View the graphic in the aforementioned mode. #6) While it is onscreen, hit PRINTSCREEN. #7) Leave the viewer, and make your text message in 'message.dat'. #8) Run "ENCODE", which combines 'message.dat' and 'message.scr'. What the PRINTSCREEN does is dumps the file into MESSAGE.SCR format. It will put the file in your current directory; if your graphics driver isn't in your Stego directory, you will have to move it. If you are not in 320x200x256 mode, it will not work. The encrypted result, the text in your picture, is stored in "message.scr". To view the picture, use "PUTSCR". Unfortunately, the only way to convert the SCR to a GIF or another format is to run PUTSCR, capture the picture with some other utility, and import it into your normal viewer. Newer versions, which are probably available on the net site, might fix this. To decode: #1) Run DECODE. #2) Look at NEWMESS.DAT. The contents will be identical to "MESSAGE.DAT". Have fun. -ls 201434369420143436942014343694201434369420143436942014343694718 From: Scott Mills Area: Public Key Encryption To: John Schofield 17 Oct 94 09:11:10 Subject: Nodelist problems UpdReq **T******10-17-9404:08CHARLES CHAPMAN **** REED DARSEY Re: Article in Dr. Dobb's *E****** > Well, duh! Maybe if I read the docs a little more carefully, BS> huh? Thanks. Sure thing! Hope it works for ya. =) WL> REXX command script that handles everything for me under WL> OS/2, and gives me the choices of encrypting to multiple WL> people, etc. =) Nothing you can't do under DOS, though. :) WL> If you're interested, I can send it to ya, or post it here. WL 201434369420143436942014343694201434369420143436942014343694718