From: Bruce Nolting Area: Public Key Encryption To: All 14 May 95 21:27:38 Subject: More FBI Meddling..... UpdReq -=> Note: Copied (from: prmlitia) by Bruce Nolting using timEd. -----BEGIN PGP SIGNED MESSAGE----- Hello everyone, you might find this interesting, Originally from Christopher Baker (1:374/14.0) to All. Original dated: May 05 '95, 07:47 * Message text was not edited! (NEWS)(GOVT)(WAS)(00019) FBI Renews Push For Encryption Controls 05/02/95 WASHINGTON, D.C., U.S.A., 1995 MAY 2 (NB) -- The Federal Bureau of Investigation is using the Oklahoma City bombing as an example of why the nation needs controls on private encryption. Civil libertarians are countering that the FBI wants to subvert the free speech clause of the US Constitution. In testimony last week to the Senate Judiciary Committee, FBI Director Louis Freeh expressed concern about the ability of terrorist group members to communicate on the Internet, using encryption technology such as Pretty Good Privacy (PGP). "Encryption capabilities available to criminals and terrorists endanger the future usefulness of court-authorized wiretaps," Freeh told the committee. "This problem must be resolved." Freeh also said the FBI needs increased access to "common carrier records," meaning telephone and telecommunications service carriers, "for counterterrorism and counterintelligence investigations." Freeh appeared to win a convert in Sen. Edward Kennedy (D-Mass.), ranking minority member of the committee and usually considered a strong free speech defender. Kennedy held up what he called a "how to manual for the terrorist" that a staff member had downloaded from the Internet, and said, "We know the advantage of the information highway, but there's the darker side, too, we need to be concerned about." Noting that the Senate Commerce Committee has included a ban on pornography on the Internet in the pending telecommunications legislation, Kennedy said, "We ought to stop terrorism, too." Later, a spokesman for the Massachusetts liberal said he was only seeking to raise the issue for debate and remains committed to the First Amendment. But civil libertarians remain concerned that in the charged atmosphere of the aftermath of Oklahoma City, Congress could try to impose limits on the anarchic and free-spirited Internet. "In these times," wrote Denise Caruso, a member of the board of the Electronic Frontier Foundation, in the New York Times, "it is easy to demonize the big, powerful, invisible Internet -- to be outraged that it harbors pornographers and hackers and hate groups, and demand a means to monitor and control their conversations on the network so they might be stopped." Noting that most of the militia field manuals are available legally in survivalist bookstores, Caruso quoted Benjamin Franklin: "They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." The Times editorialized, "Government is right to worry about keeping pace with electronic criminals. But citizens should not generally be forced to surrender privacy just to make law enforcement easier." (Kennedy Maize/19950502/Press Contacts: FBI press office, 202-324-3691; Drew Taubman, EFF, 202-861-7700) Looks like the Second Amendment isn't the only one they're going for this time. I think I'll stash a few copies of PGP along with my guns, just to be safe of course! :-) Bruce - --- * Origin: UNHINGED! BBS - Kailua, HI (808) 263-4742 (176:700/410) - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 Comment: Bruce D. Nolting mQCNAy7z57kAAAEEAMHpZIZLGW06xIssK2xrvj/zyWC8j7ThTUqqtCHdMP102KBW bmB/bGHfa8i5/cv2NYxkWhrkCA6taBL+NH0vxPzv70zHZYB3Jj/ZlHKmuDug9rN1 MdRHWSxFJi9MZV0AWOEWTEThKiW6wYtS/nDcdjiXyCBZLEt87fnCrEZxnHJBAAUR tBBCcnVjZSBELiBOb2x0aW5niQCVAwUQLvPvNKUkq042JVlZAQGRjQQA5QjWeJlC rNp/xZaJ2wOwE6Ju2TnhyEG2Puk1dFrE2QYddrLqza3teXhqZEBaazKWe3LJJCGx 18V+8zgYeCA4G8x9bWMvJi0cIYwDnQk3ZXTCrmI3Ku2I3qB1bL4Btq2I2Gu83gwO FpFwqgeFWPvHhnJz/uZAWvO+dZRsc8Ikr1Y= =aOOM - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Bruce D. Nolting iQCVAwUBL7UltPnCrEZxnHJBAQEJ6wP+MKFfwzW5Ct49nWql15Gr/TNAROxTdb3h Y31VvQUClIO5FAChhziaLuZrFdxElpNw2LK9eOckjvm+ikmGPX9359dbPwWuHS5H +ncqkxZML6PTF5pdfSD8GsgmkaM832CYpPHHxRYTFTRt91ggaGcIIiARObOHe6d4 roJ9YF4FypY= =GWsJ -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Michael Babcock 8 May 95 17:27:22 Subject: Exon bill passes as a UpdReq =snip= MB> C_ECHO, C_PLUS_PLUS, 80XXX (assembly), ALL THE LOCAL ONES, MB> CAN_CHAT, a bunch of others that i've tried it on...as a matter of MB> fact, i've been told off by every moderator there is for using PGP to MB> clearsign messages except here... keep on plugging it though michael. if we are _really_ moving into a new era of the 'information age' then encryption _will_ become common and routine. eventually a lot of uninformed people will cease to be (uninformed that is). btw, believe it or not, but there are even echoes out there that allow the occasional encrypted traffic as a matter of course. those paranoid of encryption would have you believe that encrypted traffic would quickly drown out the echo and make it unreadable. fortunately, this is not the case. for some reason it _is_ possible for adults to act in a mature manner. what a concept. ****************************************** * / * * O[%\%\%{<>=========================- * * \ * * amp * * <0003701548@mcimail.com> * ****************************************** May 8, 1995 18:27 ... Keep your pants and weapons where you can find them in the dark.-RAH 201434369420143436942014343694201434369420143436942014343694718 From: Merell Matlock Area: Public Key Encryption To: All 14 May 95 22:01:00 Subject: Help, please... UpdReq Hey Everybody! Am new to PGP and have been lurking here the past few days. Got version 2.6.2, and ez-pgp v1.07. I cant seem to get it to work with my omr (olx-td, v2.1, with TAG-X pro for tagline mgmt.) have tried the method in the docs, and ez runs, but no sig file on messages/replies. Can't get the key block from ez, either. OK, guru's, show your stuff!! Regards, Merell ... Take a bite out of crime .. Abolish the IRS! --- * Tag-X Pro v1.10 SUPPORT SHAREWARE! * 201434369420143436942014343694201434369420143436942014343694718 From: Thomas Junker Area: Public Key Encryption To: Michel Bertler 14 May 95 15:51:00 Subject: Re: PGP (Mac <> Ibm) UpdReq -=> Quoting Michel Bertler to All <=- MB> I'm encountering problems decoding a ciphertext file (Ascii radix 64 MB> format) coming from a Mac user! So far, he's been using commands: MB> -sea MB> and MB> -seat MB> but the blocks lines are concatenated into a single line wrapping at MB> excessive length (512 caracters) and PGP does not recognize this as MB> being a ciphertext file. The "t" is supposed to handle this. It's supposed to be used at the time of encryption, and is supposed to accomodate the text line conventions in use on the system that decrypts it. I've run into a case where the problem crops up -- when messages are encrypted inside other messages -- and I don't know if the "t" option completely handles it. MB> What his the appropriate command for MB> translating from Mac to Dos and Dos to Mac? And if such a command does MB> not exist, how could I restore blocks original shapes? You could try arranging that all levels of nested encryption are done with the "t" option. If that doesn't do it, then use an editor that lets you see the control chars. You'll find that those excessively long lines *do* have LF chars embedded in them, and that for DOS compatibility you need to either insert a plain CR before them or just delete them and replace them with an end-of-line (usually CR LF) generated by pressing Enter at that point in insert mode. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: John Schofield 8 May 95 17:47:50 Subject: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- JS> correctly, anonymous. In other words, if you chain your remailers, JS> someone would have to subvert EVERY remailer in the chain to find out JS> the origin and destination and content of a message. If even one JS> remailer maintained its integrity, your anonymity would be protected. JS> If you use a chain of six remailers in six different countries, the JS> chances of all six being subverted are very small. yup. a _very_ powerful tool indeed. JS> On the other hand, the remailer that was mentioned in the Scientology JS> case is the ANON.PENET.FI remailer. This remailer operates differently JS> than the others, and can most accurately be called a "Confidential JS> Remailer." This is different from an anonymous remailer. In a JS> confidential remailer, the remailer operator knows (or can find out) JS> who you are, but promises not to release that information to anyone. JS> This can of course be compromised by court orders, as we have seen. penet is a special case of remailer, as you mentioned. the reason he keeps logfiles that could be used to trace origins is that his remailer is set up so that an anonymous i.d. is created for you so people can send a message to that i.d. and it will be forwarded back to you. while i see a place for such remailers, the user should definitely be aware that messages sent through it are just a court-order away from being revealed. of course, for many, if not most, purposes, that much anonymity may be all that is required by the user. for myself, i'd really prefer chained remailers where the operator of the mailer directs the logs to /dev/null. when i first heard about anon remailers on cypherpunks i was a bit confused about how it all worked. i've come to see it as a _very_ elegant technical solution to the lack of privacy afforded by most modern technology. however, as with encryption in general and more technical stuff like remailers, the users of the technology _must_ be educated on it's use as ignorance can be fatal (in some of the seedier parts of the globe). this wasn't really directed at you, john. just elaborating on your post a bit... amp <0003701548@mcimail.com> May 8, 1995 18:46 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBL651GygP1O9KJoPBAQHMYwf/X12zlNsThkEigncsvJXFBB3nlmxC0zMR W+Zzvdo1EQdffNkbB41rxKf8s+JDp4husBwvhzXnHRzHuS+KEVV3AU36HFdNHJtE iYlJpVoXAsUTSJxDb6InTNio2vPjp8XA7hHZ+3sPbIX2wmVWosUUR3JprPyLKNvi TDI+t9FhRbEjHMT/NcIxMht8StgWI2b2VU+95tGr88pA2pKfuT2gIpFM22h2mhOu rJ20NaMGScMGgkzvjz6IjMetip7L56LAIpzZGUecVAZrsWs+IBWeUApd+3b4oyoQ Qg2fxSIofbmNZSl38Z5wskBczMnAvbTkVPCGKYCwCj4v2bZJ0N/PGA== =UBHV -----END PGP SIGNATURE----- ... If at first ya don't succeed... toss the 9mm & get a .45. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Tom Almy 8 May 95 18:40:12 Subject: Sign v. use UpdReq TA> Yet (to site the misuse), when I posted my key to PKEY_DROP I got back TA> several signed copies! That's a blatant misuse of signing, which TA> relegated their signatures to the "don't trust" level in PGP. heh heh, you mean you have some keys _without_ a 'don't trust' level? if there is one on my key, it was an accident. amp <0003701548@mcimail.com> May 8, 1995 19:40 ... Friends come and go but enemies accumulate in a pile outside... 201434369420143436942014343694201434369420143436942014343694718 From: John Stephenson Area: Public Key Encryption To: quake!netcom.com!tcmay 14 May 95 20:55:52 Subject: "Watch the Skies!" UpdReq qu> Watch the skies! Shouldn't this be in a humor echo? - John ... Oxymoron: Recently new. 201434369420143436942014343694201434369420143436942014343694718 From: Michael Babcock Area: Public Key Encryption To: JOHN STEPHENSON 13 May 95 00:36:00 Subject: RSA UpdReq -----BEGIN PGP SIGNED MESSAGE----- John said something about RSA to All on 05-11-95 23:48 ... JS> Btw I live in Canada, so it's legal :) So do I :) JS> The encryption algorithm is: C = (M^e) mod n JS> The decryption algorithm is: M = (C^d) mod n JS> Where C is the encrypted byte JS> M is the original byte JS> p is a prime number JS> q is a prime number JS> n is pq JS> d is the inverse to the function of e JS> e is the inverse to the function of d JS> So the encryption key is the two numbers: e,n JS> So the decryption key is the two numbers: d,n Ok...here goes (if it's illegal for you to use this information because you (the reader) are in the US, DO NOT USE IT!) Take two prime numbers, (p,q) and multiply them to get n. Make two numbers [p-1] and [q-1], multiply them to get [(p-1)(q-1)] (i'm leaving the unnamed variables as their equations). d is any number between 1 and [(p-1)(q-1)] that is not a factor of [(p-1)(q-1)] (fairly arbitrary choice). Now find a value for e that satisfies [(e)(d)]/[(p-1)(q-1)] = 1. This will work... BTW, as we all know, use LARGE numbers for p and q... ... Iraqi rifle for sale. Never fired. Dropped once. ___ Blue Wave/QWK v2.12 mbabcock@feldspar.com -----BEGIN PGP SIGNATURE----- Version: M.T.B iQCVAwUBL7Q3b6Vk4K5QyJmlAQGQcAQAoyw8XtrIOXjgM+7xMx3ZvUnXrwndK62+ s+HRKDGQ6q6b5wZmnIJHRH5B9LUD1OUF9a3U5DbJD/R97ftw3b+ccgaLN+B28Pk5 KOyumtaxWAtlc+4dCyxfUJSq0wY1a5U4s8AMF6avSyM884jhQYc9dbVePztosmxv g0f8unp5VEk= =BPCV -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: John Stephenson 14 May 95 13:18:42 Subject: Re: PGPWave source code gone UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message dated: 11 May 95, John Stephenson stated: JC> "You should" unplug your modem until you learn some gratitude for JC> freeware authors. JS> Yes! Finally someone sympathizes with what it's like to be a JS> freeware software author and respond to people who send you their JS> bug list with an attitude. disregard the uninformed. they are always with us and are always noisy. [grin] when your new product is ready for testing, you'll have a willing crowd of grateful folks here. and i'll be happy to distribute it again via PUBKEYS and SDS. thanks for all your efforts! TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: SUPPORT the Phil Zimmerman Legal Defense Fund! iQCVAwUBL7Y7ZssQPBL4miT5AQGvAwQAisIOecL1E2ZoUK1GclFCKKRHsfDAB0ms Z6XZhxdVZS3PBLc2upnRsj98vJRmnk5CWHPiTCBFFTgBSPDaXdfuMJX9FJ67zG3b PBwSFwppOEmG3dXkcCEfPvLR+/NA9NYExwjs7IgWpuzL/ykvlZ3zQw4l80i8bthg gf93BeNW/cY= =OH6b -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Tom Almy Area: Public Key Encryption To: Alan Pugh 15 May 95 13:23:50 Subject: Sign v. use UpdReq -----BEGIN PGP SIGNED MESSAGE----- -=> Once upon a time, Alan Pugh said to Tom Almy <=- AP> heh heh, AP> you mean you have some keys _without_ a 'don't trust' level? AP> if there is one on my key, it was an accident. There are some people I *do* trust! But I won't tell you because you shouldn't be trusting my judgment anyway. :-) Tom -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBL7erytmt3ugi2IbhAQHZcQP/fL2UucrBnr/l47NJwUAjwImZ7buj2xV2 C5xDrf1KUifgEEi0pi6Dtx5A0GTX9NbR37yIrkKU1ChKVZyRNF+D9zE+wvoLcRvt Ouh7o4DdWodhUvYsn7UKZlgKxcHRtjSm9G7aDmgRJIFaghAzSIG4NBAeYJf+uG+s ZuZ0hXF9lkk= =PyeY -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Scott Mills Area: Public Key Encryption To: Shawn McMahon 16 May 95 01:07:22 Subject: OS/2 PM shell for PGP UpdReq Sunday May 14 1995, Shawn McMahon writes to All: SM> I haven't downloaded and tested it yet, but I just found the following on SM> 1:109/347: SM> PMPGP.ZIP PMPGP Shell for PGP for OS2 I'll be freqing it tonight. I'll let you know how it looks. Scott Clinton: from 60's flower child to 90's blooming idiot!!! Scott Mills 1024/26CD5D03 For my PGP key freq PGPKEY sm@f119.n265.z1.fidonet.org --- 201434369420143436942014343694201434369420143436942014343694718 From: L P Area: Public Key Encryption To: John Stephenson 14 May 95 09:27:00 Subject: Re: pgpwave Source Cod(1) UpdReq -----BEGIN PGP SIGNED MESSAGE----- -=> Quoting John Stephenson to Thomas Junker <=- JS> You seem to have quite an attitude on you. PGPWave JS> is a great program I have had most of the same problems that Mr. Junker complained of, but I still think that it is a great program just doing what it does do, which is encrypt and sign mail very conveniently. I use it regularly. Thank you very much. TJ> Do you have any idea why PGPWave eats the input message TJ> when Decrypt is invoked? JS> JS> It doesn't when run properly. Please tell me how to JS> duplicate this error. It does eat the input message here too: 1) configure PGPWAVE according to the docs -- I have PGPWAVE in the same directory as BlueWave 2.12 at c:\bwave, my work directory is ramdrive d:\bwavwork, PGP is running from d:\temp, and it has 605k in which to run; 2) load a mail packet with something to be decrypted in a message; 3) invoke PGPWAVE with the R)eply command; 4) tell PGPWAVE to D)ecrypt the message; 5) Unlike when simply invoking the message editor with the M command, the temporary reply file in the d:\bwavwork\reply directory either does not come into existence, or ...?; 6) PGPWAVE complains that it has nothing to work on. TJ> This is especially fun when returning to TJ> the mail reader which then locks up TJ> in confusion over the missing original message. JS> JS> Hmm, odd. That sounds like a bug with JS> your message reader. This has happened here too, using BlueWave 2.12 -- see the above setup. JS> If you noticed the example was an executable. JS> It was never intended that you should be able JS> to run a batch file. I do understand the significance of .bat v. .exe and .com files, so this was not a problem for me. But, now that I think of it, I noticed that when PGPWAVE runs "right" for me doing encrypting, the appropriate PGP command echos, indicating the switches that are being invoked. However, upon decrypt, I don't recall now seeing what looked like an appropriate PGP decrypt command echo. TJ> How about PGPWave eating its own config file? TJ> Any time I try to change the config from within JS> PGPWave it consumes its config file. JS> JS> Odd. That isn't something I've seen happen. JS> Tell me how to duplicate that error as well. This happens to me too, in a fashion. When I invoke the configuration command from the PGPWAVE menu and make changes, it doesn't eat the config file upon saving it, but it deletes the line telling PGPWAVE which editor to use (and possibly another line too): 1) invoke configuration/set up from the PGPWAVE menu; 2) save the changes by any means available on the menu; 3) the config file gets screwed up. JS> I tried to the best of my abilities to make PGPWave JS> as bulletproof as possible. That's why I went JS> through beta testers, and the whole works. What drive/directory setups were successfully used so that all of the PGPWAVE functions worked properly? Thanks, L P -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Get PubKey WHOSASKN.ASC at BBS 907-745-6093 1:17/75 iQCVAgUBL7Y9fF3p8JHts+exAQEyewP/c7HNZ+4/TEO6H3CWfR++Q8C4O8FtSNC3 s+kJFsDldAl7FyAaYY7CCdbQlpHGJGiQWPugTaemMpo+ksEh7AAPZYfZrGVwkJeC --==<<< Continued next message >>>==-- # Origin: Who's Askin'? Matanuska-Susitna Valley, AK (1:17/75.0) * Origin: PODNet <-> FidoNet EchoGate! (93:9600/0.0) SEEN-BY: 107/946 259/212 382/7 640/217 9000/0 9600/0 9608/0 9609/0 201434369420143436942014343694201434369420143436942014343694718 From: L P Area: Public Key Encryption To: John Stephenson 14 May 95 09:27:00 Subject: Re: pgpwave Source Cod(2) UpdReq --==<<< Continued from previous message >>>==-- y+67oInk4kGJ6u9tD7fYvAXt92Rus9v2RBcuT128d+tNaPqudbQGdp4spLYYMRPl eqQ9YUhrnOM= =6rCc -----END PGP SIGNATURE----- --- Blue Wave/QWK v2.12 # Origin: Who's Askin'? Matanuska-Susitna Valley, AK (1:17/75.0) * Origin: PODNet <-> FidoNet EchoGate! (93:9600/0.0) SEEN-BY: 107/946 259/212 382/7 640/217 9000/0 9600/0 9608/0 9609/0 201434369420143436942014343694201434369420143436942014343694718 From: Andy Hayes Area: Public Key Encryption To: JOHN STEPHENSON 13 May 95 21:12:00 Subject: PGPWave source code gone UpdReq In a message to JASON CARR, JOHN STEPHENSON said... JS>Yes! Finally someone sympathizes with what it's like to be a freeware JS>software author and respond to people who send you their bug list with JS>an attitude. May I ask, WHY do you write freeware? (BTW, I'm a shareware author, and I don't have an attitude there, just curious). Andy -=or=- Jose * QUOTEOLX 2.4 1892898 * * OLX 2.2 TD * ...................... Group Photo 201434369420143436942014343694201434369420143436942014343694718 From: Laurence Lane Area: Public Key Encryption To: jason carr 13 May 95 00:16:58 Subject: Send/rec PGP Msg's UpdReq While adjusting the pincushioning for the 14753rd time today, I noticed jason carr's message about "Re: Send/rec PGP Msg's" on the screen... LL>> *** Foreword: I'm experiencing rather grave echomail LL>> difficulties. jc> I saw you, at least. :) Over two months of daily posts and exactly three day's worth echoed. The regular flow, if any, is being manually processed now. LL>> My idea is just the opposite of yours; instead of encrypting LL>> individual messages, encrypt the FTN mail packet. That would LL>> provide jc> I'm not sure it's /opposite/, but it's certainly a good idea. There jc> are compression aps that can use PGP, I think. And .ZIP has it's own jc> (apparently not-very-robust) encryption routine. I guess PGP's compression is not-very-robust compared to .ZIP. :) LL>> for secured transportation and leave the receiving system to its LL>> own security devices (after the packet is decrypted and LL>> processed). That would also be a great way to eliminate mail LL>> bombs in smaller FTN systems or within a NET or HUB level in LL>> Fido. Just a couple of thoughts... jc> Packet-level passwords also kill mail-bombs... Yeah. I initially conceived and implemented the idea to send a private echo through Internet e-mail, where session passwords don't apply. It was an attempt to synchronize several e-mail conversations between myself and a few fellows in the Netherlands. The initial idea was to zip then uuencode the pkts. PGP handled the compression and ascii encoding and added superb security. jc> So the solution for the more obsessive among us would be encrypted jc> echos packed in encrypted packets with packet-level passwords, moved jc> in secure sessions. :) jc> I like it. The weakest links would be the hoomans[sic]. ;) laurence.lane%selfhelp@cjbbs.com ... Hillside, NJ, USA 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: jason carr 13 May 95 16:34:42 Subject: Re: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- AP> not necessarily idiocy. personally, i'm happy with people who take AP> the initiative to use pgp. they are at least cognisant of the issues, AP> though not necessarily fully fluent in all the issues involved. _i_ AP> am quite serious about encryption as i see it as a boon to the future AP> of our Republic. many people will never get all aspects of it down, AP> but i think education on these issues can only increase as technology AP> advances and encryption becomes more common. jc> jc> Yeah, the allusion I was making was not as well-known as I thought it jc> might be. It sounded harsher than intended because I was echoing the jc> quote (I don't know who said it): jc> jc> 90% of is crap, but then again 90% of everything is jc> crap. i recognised it. i used to have a couple of books of murphy's laws. that was one of them. i think the rule is true ftmp. AP> 'tis true, but it breeds uncertainty. this is not necessary a good AP> thing. it is inevitable though. i support this tweaking though my use jc> jc> Software chaos theory! Sourcecode entropy! :) no doubt! i don't have a real problem with people hacking the source as long as they don't mess with the encryption algorythms. having the different versions out there has both good and pad points to it. AP> except in relative terms) i figure 3k keys will be the standard in a AP> couple of years. jc> jc> Prolly so, but I guarantee I won't be generating any 3k keys on this jc> 8088 laptop! :) i feel for ya guy. i've found pgp to be an excellent benchmarking tool in addition to its other wonderful uses. have you ever played with 'fractint'? i finally found version 19 recently and they've beefed up the software so it is now guaranteed to bring a cray to its knees if you zoom into a fractal far enough... the documentation [is a good read too. the author(s) have a pretty good sense of humour. ********************************************* * / The Sword of Truth and Justice * * O[%\%\%{<>===========================- * * \ What All Tyrants Fear Most * * amp * * <0003701548@mcimail.com> * ********************************************* May 13, 1995 17:32 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBL7T7cigP1O9KJoPBAQHcSAf7BerSM7rhlujKuLNa8XJSUqeJlCIxmm6P Ay7PDRegr/uFtW9fLhDw9ahL5xYi5BLn3Wh0Nt7+Dlr63fc09bCX9kKjdaCXWBJ7 Ky7nQg7M+pqhHCOzVhDSrAs6tTNIhL40TiXlNkCLU2SmKru6axta+/k4F0qly9re NmqUx2O4Ikl1uUfhN5Z9xHgP1oi9FcpDqSp2j0RlhiI2If/E1iBFlCAuoq1YyK5s Qr10FDAiK4PD4Kzp/5IaHlJuDsQBQZDRS2k03g03c+nVlbaK8dy8q5eoCMO+c7B3 hq4/SDAdlRYJ9ACOXG6ZAJhe5frNDcHJ+CJCxDP3imamFfxbacFPMQ== =GKTq -----END PGP SIGNATURE----- ... Defend the Constitution from all enemies foreign and elected. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Jeffrey Bloss 13 May 95 16:42:04 Subject: Re: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- JB> Yes, but we're talking about a "third party" trying to derive JB> something useful from the numbers of messages and their JB> senders/receivers. In this case, those "only decrypted by" errors JB> would have value that increased as the numbers of specific errors were JB> collected and analyzed. A cryptanalyst would be specifically LOOKING JB> for these name/key-ID errors, counting them, and basically tallying JB> deviations in things like frequency and length of posts using specific JB> ID's. Changes in these figures paint "something's up" pictures with JB> varying details. ;) if the person attempting to decrypt a message and doesn't have the public key for that person, doesn't pgp just report a 'cannot decrypt key xxxxx' message? (where xxxxx is the key's id number) at least that's the way i remember it working. while _some_ information is better than none from the perspective of the analyst, it doesn't seem very useful unless they can get a copy of your public (or private) key and tie it to you. if you operate on such a network with personal friends and don't post the keys used, analysis would be pretty difficult imo. of course, i could be wrong. amp <0003701548@mcimail.com> May 13, 1995 17:40 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBL7T9PSgP1O9KJoPBAQGePAf/TDcaoKtc+1aR3YypNfaIDQrBVaviTXiV k7KLxt73kS7r7Rdl51/z4cQFSZcdA//PTSmdh4aJovEqmW4501BSjIct/QwlXJ1y ntGRVOIRLXRrJz1XN7LfubpV8CT/rAQDFGf7IlQCRB+foAgcO8GDCSTq5teT93+w VrQv+RASrUK5Dv+0NE4ogODGY58+o+RiOSaFQf7fNXCiIE90o6UwckNlFnvo2qeZ Q84oAtbS+ZhLHLhCTJAHZPmpPkOO71YdBS7ClGC/xllDRgdVSGdFOVxrCIJnrXdU dNaLp+9PZjFXiJYY8Ghkyb3ShRp8TdrGbjp+fpvlyEy9fvCR0bVNKA== =vMc3 -----END PGP SIGNATURE----- ... Want my ammunition? You can have them one bullet at a tim 201434369420143436942014343694201434369420143436942014343694718