From: Alan Pugh Area: Public Key Encryption To: Peter Bradie 25 Oct 94 21:19:58 Subject: Pgp signatures UpdReq alan jumps in... PB> If PGP is the equivalent of a mailing envelope for E-mail (a good PB> analogy for privacy in communications), why collect the addresses of PB> people to whom you would never write? Beyond the Web of Trust is the PB> Web of Usefulness. IMHO, the only keys of value to me are 1) those I PB> have acquired via netmail or other one-on-one communications, and PB> 2) those with whom I would expect to entertain private communications. it depends upon how paranoid you are. i collect keys and sprinkle them throughout my keyring. if someone were to have a copy of your public key, it might tell them something about the people you use secure communications with. my keyring is pretty much like a telephone book. just because i have someones key in my keyring or name in my phone book doesn't mean that i have any intention of ever communicating with them, or even that i have any idea who they are. PB> I'm sure you are a nice, reliable person. I don't need your key to PB> make sure you're the person who has signed a particular message PB> because I don't know you from Adam's off ox, and the validity of the PB> message is as valid as I know you to be; whether signed or not. PB> Would this message have any greater significance to you if I had PB> 'signed' it and posted my key in PKEY_DROP? nope. i occasionally sign my messages, but the only people it would have any significance to are those who know me. amp <0003701548@mcimail.com> October 25, 1994 22:19 ... Courts are where justice is dispensed with. -s. clemens 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Christopher Baker 27 Oct 94 22:20:10 Subject: traffic UpdReq chris, for the past couple of weeks, i've only been getting 4-10 messages per day in this echo. are we missing anything here? amp <0003701548@mcimail.com> October 27, 1994 23:19 `~~~ PGPBLUE 2.5 ... Klinton virus found. Exterminate? (Y/N) 201434369420143436942014343694201434369420143436942014343694718 From: David McIntyre Area: Public Key Encryption To: John Schofield 31 Oct 94 06:25:40 Subject: Re: PGP 2.6.2 Official M.I.T. UpdReq -=> Quoting John Schofield to Jim Bell <=- JS> But since the full, unmodified PGP somehow always finds its way out of JS> the country, there is no need for this subterfuge. Also, there's no JS> reason the State Department would approve this modified PGP. There's JS> no ruling that says software using keys smaller than 40 can be JS> exported. All we know is that in some cases, software using keys JS> smaller than 40 has been approved, while just about everything else JS> hasn't. The State Department handles these things on a case-by-case JS> basis. JS> They could easily reject this modified PGP for export. My feeling is that PGP distribution is fine the way the 2.6 was distributed. That is, making sure that the primary distribution site was restricted to US citizens only. I personally don't care that the program found its way out of the country, but I had no part in its release. At that time, I was breaking enough other laws to not have to worry about violating export restrictions on cryptography and the consequences that would carry. In all, I feel that the government should not have any restrictions on any invention that they didn't work on and classify. Oh, well. If this is not really a response to your message, I'm sorry. But I just had to get that off my chest. 201434369420143436942014343694201434369420143436942014343694718 From: David McIntyre Area: Public Key Encryption To: Scott Redd 31 Oct 94 06:29:58 Subject: Re: Which PGP version is best? UpdReq -=> Quoting Scott Redd to Jerome Greene <=- SR> Saturday October 15 1994 15:49, Jerome Greene wrote to David SR> McIntyre: JG> Sure you have an internet address it is JG> You could also set it up like JG> this David McIntyre <1:3625/441@fidonet.org> Either way you are JG> identified as being at that address. Just examples in any case. Jerome JG> Greene SR> SR> Unless things have changed, I think the gatekeeper at fidonet.org will SR> not pass encrypted mail to/from the innternet. If anyone else has SR> more information about this please post it to the echo. It will probably pass the message, but if the msg is routed, it's up to the Sysops along the way to decide whether or not to pass encrypted messages. Since the gov't has made Sysops responsible for everything that comes through their systems, some are paranoid that encrypted info _may_ have "illlegal" information, therefor they kill all messages that are not readable by them (damned government). 201434369420143436942014343694201434369420143436942014343694718 From: David McIntyre Area: Public Key Encryption To: Scott Redd 31 Oct 94 06:36:38 Subject: Re: Which PGP version is best? UpdReq -=> Quoting Scott Redd to Richard Wallen <=- SR> I suggest that David include that along with any other user id's he SR> may need. Following is how my key looks: SR> SR> pub 1024/6D3FE9 1994/04/29 Scott H Redd SR> Scott H Redd SR> Scott H Redd SR> Scott Redd <1:285/5.47 FidoNet> SR> Scott H Redd SR> SR> There is a userid for each of my major email addresses, including SR> Fidonet. Also, just for the hell of it, I included my city, state and SR> country. This would come in handy if someone was doing simple string SR> search via an automated keyserver. Thanks for the advice. I think I'll use it that way (or at least along those lines). I'm just not sure if I want to distribute my key yet, as I don't really have a way to send Netmail yet, and I haven't gotten a version of PGP that I feel comfortable with yet. The 2.6 I have now won't read all the keys that have come through the normal distribution channels. I'll eventually find the 2.6ui that I'm looking for, but I no longer have Internet access, and I'm not really into calling LD. Oh, well. I'll be at a comfortable point eventually. David 201434369420143436942014343694201434369420143436942014343694718 From: Jim Cunningham Area: Public Key Encryption To: Garet Jax 30 Oct 94 23:41:00 Subject: CRYPTOGRAMS UpdReq GJ>I'd like to receive cryptograms (of the type found published in GJ>newspapers and magazines) from anyone who may have old copies laying GJ>-Garet These are from our local paper labeled CRYPTOQUOTE and they are copyrighted by King Features Syndicate. I use program called CRPTGRAM that does the global substitution for me. I hope these will help. 1. Fri 09-16-1994 LQT VUACM EH BK OURGLAK, SCC BSGYEGM SAT BK FATLQATG, SGM LU MU WUUM EH BK ATCEWEUG. --LQUBSH ISEGT 2. Sat 09-17-1994 GX OGF GXHJDMDXH JH TFD FTNU NFHD, LWD VJNXH QIFV DGX TXED XEJD. --MTFTUVFWH 3. Mon 09-19-1994 JXG RGWOGJ ME JFM HM EIOJXGO FKAA QM, JXG RGWOGJ ME JXOGG Y XIHPOGP FKAA UHMF. --RDYHKRX DOMCGOL 4. Tue 09-20-1994 YQYFK JFPJA AMC JIB COLYC; OJ OC IYSS JB SBBD MJ TBJA TYWBFY IY GBHHOJ BPFCYSQYC JB YOJAYF. --MYCBV'C WMTSYC 5. Wed 09-21-1994 JAVYSZ AV FPL ESJLH FPRF LQRONLV DV FS DVL TQSJNLYWL USH FPL OLQLUAF SU SDHVLNBLV RQY SFPLHV. --FPSZRV JRFVSQ 6. Thu 09-22-1994 FXO YXD'W JSW WCVSY XB AOBBCDK, ROW FXO YXD'W BCDY CDKZCVUWCXD CD WMSA. --JSXVJS RSVDUVY KMUQ 7. Fri 09-23-1994 FWJKG VBFP KCG RVQJIG BL CJY FCB XBQGT EBO KCBOAC EBO XJNG JK PBK RK ZWGTGPK. -JKRXJRP ZWBQGWS 8. Sat 09-24-1994 DAT HIE LFDE BIX ODH GI VIJ BIXJ OIXHEJB, VIJ EFCB DJC NKDUNC EI ECNN BIX. --ZDJT AECKHUCOT 9. Mon 09-26-1994 LYVFBLHF LBF: L CBKWAHF KO FXZ ASFLUZSFZW, VKUW YG FXZ ASCBTS- HTCUZW FK FXZ AFFZBUG YZJTUWZBZW. --LU HLCC 10. Tue 09-27-1994 BLCQBXLPDO PQ CSWO US PSQDLTVXSD DC EX TQXR, SCD U RXPDO DC EX JCLQKPBBXR. --YUWHPS YCCWPRZX 11. Wed 09-28-1994 SU SQ SB OLQ SO QZY SOQYHYBQ LU QZY MAGJSF, SQ SB OLQ SO QZY SOQYHYBQ LU GABSOYBB. --VLBYMZ Z. WYUHYYB 12. Thu 09-29-1994 ZBWMYJTKWR DWHH YGA TASYJ AKM TABSWY GZ OMBF VLPK EGGJ SJOWPM ZGB OMBF HGYE. --BGQMBA HFYJ 13. Fri 09-30-1994 UFRX P UARX AT UYPUARU, UAGYVMFRX ZDFXMV FR POO, TOAEYDU FR VMY UCGGYD, TFDYU VMY TPOO. --DAZYDV O. UVYBYRUAR 14. Sat 10-01-1994 QJ GIBN BXZRU, LKX BXZRU MXY? QJ GIBN BXZRU MXY, LKX BXZRU? --BKQMRUR TEXHREF 15. Mon 10-03-1994 APDYEXR ML H JPZHX; MA TPE XRKURWY VRD YPSHT SP XPY RFIRWY YP DRKHMX VRD YPZPDDPJ. --ADRXWV IDPBRDN 16. Tue 10-04-1994 QM FBWMJ HIVM YMFYOM YIL CMINOL BFN QPIW QM WPRJV QM TIEM WPMH. --DFGJWMAA CRIJM 17. Wed 10-05-1994 HMKCMSRWXF XR DWM KSD PN LMDDXYL PDWMS FMPFHM DP SAY VXDW GPAS XCMK KR XN XD VMSM DWMXS PVY. --WKSSG R DSAJKY 18. Thu 10-06-1994 MHEZGMQXPI: Q WHIGPO SCP EPHG XP XCH KQWZXQM PN CZG KPFOXIT XP ZOKIHQGH CZG PSO. --QUJIPGH JZHIKH 19. Fri 10-07-1994 ZJ FJJEF AY ZROJ FJJK QJAAJL VRSF, RF TZY ZRF KYA TZY ZRF FJJK SJFAJLVRS. --QSLYK 20. Sat 10-08-1994 FVC FSWDR RF KCJG ZSLR JL MVUXMVJRMFV RJTCL DMH, QFK YDJR DC KCJGL JL J RJLT YMXX GF DMH XMRRXC WFFG. --LJHSCX ZFDVLFV 21. Mon 10-10-1994 JC ULZNPWNV BDF BDF DA DFIJVLKH ULPPJXXSS BS QLNZF EKLWDWZH VXJZZ WS DX XBS FLUM. --DKXBNK YLZFWSKY 22. Tue 10-11-1994 MKGXAXB JXBAXJ KWJ ZGNV- OBC MXUU KQJ VG VXXL GY QVZXJOGBJ. --AGUOQWBX 23. Wed 10-12-1994 WEH VESFW CHCSFJHV SD RCHFJBRQ XSWHFV JV TERW NHHMV SZF MSKJWJBJRQV JQ SDDJBH. --TJKK FSIHFV 24. Thu 10-13-1994 VDUXU OXU BUMBFU SDMJ L SLND SUFF, OEC MEFH SLND VDOV L ZMIFC SLND GUVVUX. --QMUVDU 25. Fri 10-14-1994 UBS MWYTU DSNUJYS WD N FSM ZNZA GT GUT OWUBSY'T TGFKGFK. --QGF BJZZNYC 26. Sat 10-15-1994 HJ EYF SBGW KWDHFP, HDCFPUOE XHII HRTOYGW HU; HJ EYF SBGW DYDW, HDCFPUOE XHII PFTTIE HUP TIBAW. --PHO NYSD OWEDYICP 27. Mon 10-17-1994 ALMPH G WTJMZMEMGP MU G WTTK WKTRLUUMTP. ALMPH G WSAJME ULKDGPZ MU G PTAJL TPL. --OLKALKZ OTTDLK 28. Tue 10-18-1994 H XHM'Q JMWGLGQW JM WOG UFLNB JQ FMNR WOG FZGLD FD OJQ JMWGLGQW JM OJXQGND. --SGFLSG V. QOHU 29. Wed 10-19-19 QKJ QF KLUG WC H ZEPZJU UZJ H'XC FDEJ NFQ FDC FQGCK UMCCO Z UEFPCK. --NECDD BFKO 30. Thu 10-20-1994 HY TOSHQ XQRS USI RCRO D JYHWRORHJR, DMF S EYF YW WYYEXIZ XQRSI ZSCR QXRQ FZROR. --W. WXFLTROSEQ 31. Fri 10-21-1994 FYBFJY KIB JTRY TO NJULL IBQLYL I UOLKYP DIY AYJJ. --APQWY FUDDYPLBO 32. Sat 10-22-1994 XG KCC A XG OGCVAPK XTHKN CKNXCTADX; XG OGCVKX FGQ OGCVTPK AN XRK NTADX. --NQUTDDK SGQVMTNN 33. Mon 10-24-1994 CTRM CB RYMOSO QSSJFK; CTRM CB WBRKM BIGBSMBL HBYBFRWWN TRGGBYK. --LOKFRBWO 34 10-25-1994 FJV DVUZNFL EH OQTTVOO PO FE KV KESVM KL FJV DVEDNV FE OUQK LEQ. --UZUTL ZOFES 35. Wed 10-26-1994 HQP NYGXH JP JPLGBX LH QYX IEHQPG'X ZBPP BEFLTLCX YX HE SP ALGPNMJ EN QPG --LBEB 36. Thu 10-27-1994 UVP USGEKBP LCUV I YSPIW VGEDP CD U ZGDUD ULCZP ID WEZV ID RGE YSPIWPY CU LGEBY. --DGESZP GKDZESP 37. 10-28-1994 EVYUFNOM EVDOBOFO BD PNFFBDK MVYU KYNOFO FCPJ MVY --V. C. GCFFBOFC 38. Sat 10-29-1994 OB DIV GVUFHYD PUZXG UO KHGDVU MZZU, DIVL HUV EZDI PZZC BZU YZDIOYP. --PVUKHY MUZFVUE --- * SLMR 2.1 * Thesaurus: ancient reptile with an excellent vocabulary. 201434369420143436942014343694201434369420143436942014343694718 From: Carl Forester Area: Public Key Encryption To: Robert T. Miller 25 Oct 94 01:23:00 Subject: PGPLoad 1.2 UpdReq * Reply to msg originally in FIDO-PGP Key drop -=> Quoting Robert T. Miller to All <=- RTM> Here is a Bluewave PGP interface called PGPLoad. RTM> It's UUENCODE'ed so you'll need to export it to RTM> a file and then UUDECODE it to use it. RTM> Hope you like it. I gave it a try, I could not add keys or decrypt messages. When I tried it went to the editor and gave me a blank screen. I also tried to sign this message and it didn't do it. When I tried to post my it went back to bluewave and gave me an error message. -Carl- ... "He was a man, all and all, I shall not look upon his like again." 201434369420143436942014343694201434369420143436942014343694718 From: Robert Nelson Area: Public Key Encryption To: Robert T. Miller 25 Oct 94 19:52:12 Subject: Re: PGPLoad 1.2 UpdReq -=> Quoting Carl Forester to Robert T. Miller <=- -=> Quoting Robert T. Miller to All <=- RTM> Here is a Bluewave PGP interface called PGPLoad. RTM> It's UUENCODE'ed so you'll need to export it to RTM> a file and then UUDECODE it to use it. Good try Bob. I guess copying is the sincerest form of flattery. Well I can not get the thing to work. Also it would not add keys. And it would not automatically decrypt a message when I hit the reply key. How do I get an index of what keys I have? Will a registration now work with the future versions of Blue Wave? What about OS/2? Windows? ~~~ PGPBLUE 3.2 201434369420143436942014343694201434369420143436942014343694718 From: Marc Stuart Area: Public Key Encryption To: Marshall Votta 31 Oct 94 23:05:06 Subject: PGP embedded in .gif's ? UpdReq MV> The program is called "Stego"; at least, my version is. What it does MV> is alters 50% of the colors 1/256th in grayness, replacing the bit MV> with one of the bits of your message. MV> Modifications are not detectable by the naked eye. I must have picked up a different version, or an older one. The version I found only handled TIFs, and I could plainly see the change in the TIF file. I couldn't read the message, but I knew something was there. ~~~ PGPBLUE 3.0 ... I didn't climb to the top of the food chain to eat vegetables! 201434369420143436942014343694201434369420143436942014343694718 From: John Mudge Area: Public Key Encryption To: Mike Riddle 31 Oct 94 11:41:02 Subject: PGP 2.6.2 Official M.I.T. UpdReq Hello Mike! Saturday October 29 1994, Mike Riddle writes to Jim Bell: MR> Notwithstanding the plain language of the ITAR about these matters, Da MR> Guvmint (which always knows best) continues to insist that source code, at MR> least in electronic form, is export-controlled. MR> Bruce Scheirer(sp?) wrote _Applied Cryptography_ and my understanding is MR> that the book could be exported, but not the disk that contained programs MR> listed in the book. It seems to be based on a First Amendment "Rule of Thumb" where the "Freedom of the Press" is taken to only refer to printed matter. Another example that recently happened to me involved a strong "suggestion" from the BATF that I not make weapons related files available to folks under 18. Grocery stores and libraries, however, do not have this restriction.....the only difference being the format in which the information is stored. Are you aware of any Court Rulings defining BBS's as "Press" under the First Amendment? Actually, the entire First Amendment would seem to cover BBS operation! John Mudge 201434369420143436942014343694201434369420143436942014343694718 From: John Mudge Area: Public Key Encryption To: Wes Perkhiser 31 Oct 94 11:49:02 Subject: hpack UpdReq Hello Wes! Tuesday October 25 1994, Wes Perkhiser writes to all: WP> Looking for a FREQable source for MS-Dos version of HPACK (any version WP> later than 0.78) and/or KEYCVT (to allow the HPACK to use public key WP> encryption). HPACK79.ZIP is available from here. John Mudge 201434369420143436942014343694201434369420143436942014343694718 From: John Mudge Area: Public Key Encryption To: John Schofield 31 Oct 94 11:51:04 Subject: PGP embedded in .gif's ? UpdReq Hello John! Answering a msg of , from John Schofield to John Mudge: Thank you very much! I grabbed them from you. Now, if only I understood them! The docs on one explain the process in detail so if I read it enough times, possibly it will sink in! John Mudge 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: Scott Mills 31 Oct 94 21:55:50 Subject: Nodelist problems UpdReq -----BEGIN PGP SIGNED MESSAGE----- --====-- SM> @MSGID: 1:250/114@fidonet.org af153065 SM> @PATH: 250/114 101 99 3615/50 396/1 280/1 209/720 102/2 SM> SM> **T******10-17-9404:08CHARLES SM> CHAPMAN **** REED DARSEY Re: Article in Dr. SM> Dobb's *E****** > Well, duh! Maybe SM> if I read the docs a little more carefully, BS> huh? Thanks. SM> Sure thing! Hope it works for ya. =) WL> REXX command script that handles everything for me under WL> OS/2, and gives me the choices of encrypting to multiple WL> people, etc. =) Nothing you can't do under DOS, though. :) WL> If you're interested, I can send it to ya, or post it here. SM> WL SM> -!- FidoPCB v1.5 beta-'j' SM> ! Origin: Fidonet: SMARTalec Port Credit Canada 905-278-9495 SM> (1:250/114) I quoted the above message in its entirety. To use a technical computer term, something appears to be screwed up. {grin} I wrote a message about "nodelist problems" but it had nothing to do with Dr. Dobb's Journal or REXX. JMS - -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLrXW8Gj9fvT+ukJdAQFGAQP/Z1px/GPbBqQFnQiiFnlIh/dDPAhf5d7V zx+0Tq1dYiXWSMWP20EvIaBStma1sU1lLPkj9XYVh0Vw35zNaahOQUicMlDIOXXU jJCeXzUsCv39cVkhjPLhaa8SiVmZHDZNkrGbGvaZ/FAZoTmZabguF2p4g8ktMtBc /PiFJQ3xTg4= =OGI5 - -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... "Stop that, son! You'll go blind." "I'm over here, Dad." -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLrXYNWj9fvT+ukJdAQFNWwP+Lle/2siUqWEFaOcTy3qPlJYJ3qYhDNeN uRkC2P0HsLKNlXBMUvqZxcr0XZpBkxTTVHBLmyBYMHfrG6aPwQKob8JNYfx4oNaL ZLAkhT4rFXq3VsfgHimhP3fXdlz8wmI6J8K90yjiKvQu+Mi/b1AbnHX9BmYL7NUX AJXZj5iZkw4= =WXOt -----END PGP SIGNATURE----- **EZ-PGP v1.07 201434369420143436942014343694201434369420143436942014343694718 From: Charles Chapman Area: Public Key Encryption To: John Mudge 1 Nov 94 00:28:00 Subject: PGP embedded in .gif's ? UpdReq * In a message originally to All, John Mudge said: JM> ============================================================= JM> * Forwarded by John Mudge (1:352/111) JM> * Area : SURV_COMM (Survnet: SURV_COMMUNICATIONS) JM> * From : Chris Hall, 9:2300/0 (Monday October 24 1994 15:50) JM> * To : All JM> * Subj : PGP embedded in .gif's ? JM> ============================================================= JM> Anyone have the source file for placing pgp encrypted JM> messages in a .gif JM> for distribution over the net ? -----BEGIN PGP SIGNED MESSAGE----- After I read your message, I did some "quick and dirty" Veronica and Archie searches, and located the additional steganography files listed below. I obtained same by ftp from: (1) gopher.ee.und.ac.za, from the pub/crypto/cypherpunks /steganography, and pub/crypto/cypherpunks/steganography/jsteg subdirectories; and (2) ftp.netcom.com, from the pub/qwerty/Steganography subdirectory. I have uploaded the files onto The Sprawl. While I am not familiar with FidoNet, I assume that, like the other files our Sysop, John Schofield, listed in his earlier response to your message, these new, additional files are (or SOON will be) available for FREQ from the Sprawl at: 1:102/903 (14.4) 1:102/904 (28.8). HDSK41.ZIP: Hide and Seek v 4.1. Data hiding/seeking using GIF files. These programs take data, usually text, including encrypted text, and hide it in a gif file. Just type hide [key] and viola! Your data is hidden away where it will be hard to detect. INCLUDES DOS EXECUTABLE ONLY; NO SOURCE CODE. Unfortunately the nature of the method doesn't allow for _perfect_ secrecy file has been changed a bit, and if you know what to look for, you could probably spot a GIF with hidden data in it, depending on how much data. Author recommends black and white photo gifs for maximum security. HDSK41B.ZIP: Hide and Seek v. 4.1b. Same as version 4.1, but includes these additional files/applications. GREY v1.0, a color to greyscale converter for GIF files. Grey converts color GIF files to reyscale. It is a handy utility for use with the hide-and-seek teganography programs, which work a lot better with greyscale IFs. REDUCE v1.0, a utility to reduce and alter GIF palettes for use with the ide-and-seek steganography programs. Reduce takes a 256 color GIF and makes it into a 128 color GIF with a special palette wherein each color is repeated twice, in pairs. this makes the GIF more usefull for the HIDE part of hide-and- seek-effectively allowing HIDE to hide data invisibly in a color GIF. INCLUDES BOTH DOS EXECUTABLE AND SOURCE CODE. 201434369420143436942014343694201434369420143436942014343694718 From: Charles Chapman Area: Public Key Encryption To: Gv4.Zip 1 Nov 94 00:29:00 Subject: This version of the Independent JPEG Group's JPEG SoftwareUpdReq t steganography in JFIF output files. To compile the package, simply follows the steps given in the original README file. To inject a data file into a JPEG/JFIF image, simply add the option "-steg filename" to the "cjpeg" command line. If the data file is too large for the image, "cjpeg" will inform you. At this point, you can compress the data file, increase the quality of the image (thereby increasing image size), or try a different image. INCLUDES "C" SOURCE CODE ONLY; NO EXECUTABLE. MANDLEXE.ZIP MandelSteg V1.0, including and GIFExtract V1.0, for DOS. These two programs allow you to hide confidential data in fractal GIF images, giving an increased level of security compared to sending PGP-encrypted email over the Internet. MandelSteg will create a Mandelbrot image (though it could easily be modified to produce other fractals), storing your data in the specified bit of the image pixels, after which GIFExtract can be used by the recipient to extract that bit-plane of the image. STEGODOS.ZIP StegoDos aka Black Wolf's Picture Encoder, Version 0.90b. For 320x200x256 only. Description: This picture encoder consists of a group of programs designed to let you capture a picture, encode a message in it, and display it so that it may be captured again into another format with a third-party program, then recapture it and decode the message previously place inside it. It is at a bare-bones stage right now. INCLUDES BOTH DOS EXECUTABLE AND SOURCE CODE IN ASSEMBLER. STLTHDOS.ZIP Stealth.exe V1.1, for MSDOS. This is Christopher M. Wiles port of Henry Hastur's Stealth V1.1 to the MS-DOS filesystem. First and foremost, this PGP filter does _not_ work with an ascii-armored text input file. It was designed and coded for use with straight binary files. This is fine when your primary purpose is to exchange files via the use of steganography, but is rather useless if one wishes to remove and replace the PGP headers on an e-mail message. In addition I uploaded STEGLIST.ZIP. I highly recommended this list of Steganography programs. It discusses the programs in depth, including strengths, weaknesses, bugs, patches, commands, etc. It includes list of ftp sites, and is very helpful. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLrYEK9RsZFzPbtphAQGgLwQAjwxY9b39ZmXQ0xU19KpLz+atwKX2167H Yah7cZzd9rI1Qvmn8OusO9/4BPgrL4Ib9+omdd6ddPGqYjjtBPeWMULze692BwJU zdMPuZgrFUMDh1ltarZm39y7NeRT8/M8olYmaSoAQEs4Q7p+vRoD+nJcCGuxZvlJ YG0mH4TvCic= =qgac -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Charles Chapman Area: Public Key Encryption To: John Mudge 1 Nov 94 01:24:00 Subject: PGP embedded in .gif's ? UpdReq * In a message originally to All, John Mudge said: JM> ============================================================= JM> * Forwarded by John Mudge (1:352/111) JM> * Area : SURV_COMM (Survnet: SURV_COMMUNICATIONS) JM> * From : Chris Hall, 9:2300/0 (Monday October 24 1994 15:50) JM> * To : All JM> * Subj : PGP embedded in .gif's ? JM> ============================================================= JM> Anyone have the source file for placing pgp encrypted JM> messages in a .gif JM> for distribution over the net ? JM> Anyone know where to access such a program for DOS based JM> machines ?? JM> --- JM> * OLX 2.1 TD * ++ Police Tag Line, Do not Cross ++ Police JM> Tag Line Do No JM> -+- WILDMAIL!/WC v4.00 JM> # Origin: The Rising Storm BBS in California, 408-926-9445, JM> (9:2300/0.0) -----BEGIN PGP SIGNED MESSAGE----- As I said, I am not familiar with FidoNet. :) So I see my reply to you was cut into two messages, and munged in the process. The one file description that was messed up is set forth below. Again, I believe this, and the other files I listed, are (or soon will be) available for FREQ from the Sprawl at: 1:102/903 (14.4) 1:102/904 (28.8). JSTEGv4.ZIP This version of the Independent JPEG Group's JPEG Software (release 4) has been modifed for 1-bit steganography in JFIF output files. To compile the package, simply follows the steps given in the original README file. To inject a data file into a JPEG/JFIF image, simply add the option "-steg filename" to the "cjpeg" command line. If the data file is too large for the image, "cjpeg" will inform you. At this point, you can compress the data file, increase the quality of the image (thereby increasing image size), or try a different image. INCLUDES "C" SOURCE CODE ONLY; NO EXECUTABLE. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLrYQmtRsZFzPbtphAQFh5QP/d1nYHkjRTdp3iDyKICw3wYtCsYTCoEOC lF9bAur+4qDZzkR1eRddSi4y30d2otjjrGuoSZS0R92DVA0wCN+PdaSIkY1GzGgI 2PaDQuR5g2Rr7Jo+S1k9EZOxCKOR2jiDLzrY2JcE+vCitHOYigZAT8rXfdrX0xf0 NniBAQjpw8I= =3Z3i -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Elgin Tan Area: Public Key Encryption To: Jimmy Djapri 27 Oct 94 22:58:10 Subject: Time and Bites UpdReq Dear Jimmy, I am only able to t'fer 25 mins and 500kb to U, due to Bulletin Board Service limitations.Goodbye & have a nice day!! --- FMail/386 1.04+ 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 1 Nov 94 00:21:44 Subject: PUBLIC_KEYS Echo Guidelines - regular repostUpdReq -----BEGIN PGP SIGNED MESSAGE----- This is the PUBLIC_KEYS Echo. The purpose of the Echo is to provide a place to discuss public-keys for data privacy within FidoNet and elsewhere. We also consider electronic signature possibilities using public-keys and discuss data and software encryption and the various schemes and programs that produce them. This is a technical Echo with very few rules. Those very few rules are: 1. Stay on-topic. Topics of keys and encryption and related privacy and electronic signature issues are welcome. Others are not. 2. No politics [except as it relates to privacy issues] and no religion. 3. No personal attacks, slurs or innuendo. Stick to issues not personalities. 4. No Private flagged messages in Echomail! Encrypted traffic using public-keys is permitted for the exercise so long as it is on-topic. Don't send person-specific encrypted traffic. Such specific traffic belongs in direct Netmail. Encrypted traffic should be in the form of public-keys or public-key signed messages that can be read by anyone with PGP 2.4+ and your public-key. Include your public-key when sending such messages in case the other end doesn't have it or make them aware of how to get it from your system. 5. This Echo may be traveling around the world so try to be concise. Avoid excessive quoting for one-liner responses. 6. Be aware that Echomail is NOT secure. Don't take anything at face value. 7. The posts in this Echo are the sole responsiblity of the poster. If you need verification, use Netmail. 8. The Moderators will deal with off-topic traffic. Don't respond for them. Links to this Echo will only be curtailed when absolutely necessary so please don't make it necessary. [grin] The Moderators are Christopher Baker [KeyID: 1024/F89A24F9 1994/05/18] and GK Pace [KeyID: 1024/EE38FB41 1994/05/14] at 1:374/14 and 1:374/26, respectively. It is Gated into Zone 2 by Jens Mueller at 2:24/24 who sends it on to Harry Bush at 2:51/2. Consult Jens or Harry for Zone 2 feeds. The Echo is gated into Zone 3 by Jackson Harding at 3:800/857. [thanks, guys!] The other Zones are open [hint, hint]. It is recommended that individual, public-keys be made available via Netmail or by file-request with the magic filename: PGPKEY and that the public-key provided for that request by given a distinctive filename using part or all of each provider's name and address. For example, on my system, a file-request of PGPKEY will give BAK37414.ASC to the requesting system. A magic filename of KEYRING will yield extracts from my Public Keyring as BAKPUB14.ASC. This will avoid duplicate overwriting and make it easier to track the keys. Using standard magic filenames will make it easier to find keys and keyrings on different systems. The PGP and Privacy and encryption related files on each system should be maintained with a magic filename for file request. PGPFILES should be set on all participating systems to allow your current related files to be picked up at any time. It is suggested that the actual filename indicate the origin of the list to avoid confusion and overwriting. PGPFILES requested from this system gets the requestor a file called: PGP37414.LST. The contents of this Echo are archived on 1:374/14 as the area is purged. The current past traffic is in the file PUBKEY.ECO. Archived volumes of past traffic [P_ECHO1.ZIP - P_ECHO99.ZIP for example]. Files on this system are available anytime except 0100-0130 ET and Zone 1 ZMH at 1200-9600+ HST/V32 for FidoNet listed systems only. Request FILES for complete listings. This Echo is currently available on the Zone 1 Backbone. It has been EListed as of ELIST211. Please feel free to announce this Echo in all Nets and Networks. A companion Echo for the purpose of submitting public-keys only is now available as PKEY_DROP Echo. PKEY_DROP may be obtained via the same channels as PUBLIC_KEYS. NOTE: If you lose your secret-key password [or forget it] or your secret-key in a drive crash [because you failed to back it up on floppy], you cannot issue a revocation certificate. In that case, you should make a general announcement in all related Echos that your old key should be disabled using the PGP disable command [PGP -kd userid] for your userid. That keeps your useless key on their keyrings [so they won't be replaced from other lists who didn't get the word] and permits them to add a new key from you without one interfering with the other. Thanks. TTFN. Christopher Baker & GK Pace Moderators -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLrXQbcsQPBL4miT5AQFN6AP+PHaw481+aUvpUr3zdKWVHE1YiQxXspHn uGf1PFJ7v52uAidvKfAzhNn6EfPyqO/UQ2sRB5HwaYc1UVe1AsjyH1di+xz6gzqR IkuL3TJ7P4QrGnfVVZdxxeYXttOvJwngrUpxWtpXAJ2Nj7Fr0kDWaRRbxaHy3AQq MrT0pHGc0JY= =rzDN -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 1 Nov 94 00:22:42 Subject: PGP-related filename conventions UpdReq -----BEGIN PGP SIGNED MESSAGE----- [the following are the standard magicnames for various PGP-related files available from participating FidoNet systems. please adjust your magicnames to match those in the list. this will make it much simpler for folks to find PGP-related stuff they need. thanks] the following is the list of standard PGP-related magic filenames that should be used for uniformity by all who provide such files: PGPKEY for your public-key. make the filename distinctive with your Node number or name. mine is BAK37414.ASC. KEYRING for your public-keyring. make the filename distinctive likewise. mine is BAKPUB14.ASC. REVOKE for any key revocation certificates you might issue. mine is BAKREVOK.ASC. PGPFILES for your PGP/privacy/encryption filelist. mine is PGP37414.LST. PGP for the current version of MSDOS PGP executables and docs. PGPSRC for the current version of PGP source files. PGPALL for both executable and source. PGPAMIGA for Amiga version of PGP. PGPATARI for Atari version of PGP. PGPMAC for Macintosh version of PGP. PGPOS2 for OS/2 version of PGP. PGPUNIX for Unix version [if there ever is one] PGPVAX for Vax version [likewise] [send them the source if they request a Unix or VAX version!] if we all use the same conventions, it will be easy for anyone anywhere to file-request just what they want and get what they expect. [grin] thanks. TTFN. Chris p.s. in addition, some of us compiled PEM public-keys for Internet use. those keys and rings are available as: PEMKEY for your PEM public-key PEMRING for you PEM public-keyring C. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLrXQpssQPBL4miT5AQF3xwP9FPPs0+rlF5/O7jdyWXQMIs4jRdcBFG/2 rhxPm/1sj5aykweyQdamOUpazi7IJuM3a1/E7vvO0rqrJlaalSR4boSSqt8Y2T91 EzUkFoGWrv/d5uM+SOyHDTOPSHH0qHTrLuNMrut/+ZVDtD3RqvpZ17+JSgfwqHAf omEovGn4oHg= =S7bb -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 1 Nov 94 00:23:30 Subject: SecureMail Host Routing System info UpdReq -----BEGIN PGP SIGNED MESSAGE----- The FidoNet (r) SecureMail System 30 Mar 94 Copyright (C) 1994 Jim Cannell [Source: GK Pace, 1993; Christopher Baker, 1994] Introduction: This document describes the SecureMail FidoNet (r) Routing System, its Statement of Purpose, and defines the principles by which it shall be operated. It should be noted that FidoNet is a registered trademark owned by Tom Jennings, used by permission to refer to the FidoNet, a hobbyist network of amateur, independent, interconnected systems (Nodes) providing E-Mail transfer services world-wide. Definition: SecureMail can be defined as a group of FidoNet Sysops who have volunteered to provide an alternative E-Mail routing service within the FidoNet Network. The SecureMail System is a component of the FidoNet Network. SecureMail is NOT an alternative, separate, or distinct network. Statement of Purpose: The primary purpose of Securemail, and reason for its creation is the desire for providing increased privacy in the routing of FidoNet E-Mail. The term privacy as used in the transfer of E-Mail is an arbitrary one. Absolute privacy cannot be expected. The degree of privacy obtained will always be related to the procedure(s), effort used to insure privacy, and should not be expected to be absolute if data is to be communicated from one place to another. Routing of E-Mail, as compared to sending it direct, cannot be expected to have as high of a degree of privacy as might be expected when sending it direct. Those who are engaged in operating the Securemail system do so with the primary goal of insuring that all E-Mail routed thru it be afforded the highest degree of privacy technically possible. Those using the Securemail System can expect to enjoy a higher degree of privacy than other forms of routing, but should not expect absolute privacy. Functional Description: The SecureMail System is a group of individual FidoNet Sysops who have volunteered to work together to provide the SecureMail Routing Service to FidoNet Sysops. This group is organized, but does not have authoritative positions. Each SecureMail Sysop is an independent volunteer furnishing a service. There are no monetary rewards, each Sysop contributes the resources he or she uses to provide the service, including all costs incurred in providing it. The operational structure may appear to have hierarchical order and indeed it does, however such structure implements a routing matrix, not positions of authority. The SecureMail operational philosophy can be described as cooperative autocracy. Each SecureMail Sysop is an independent operator who has volunteered to assume the various responsibilities required of an organized effort. No one is compelled to participate, but participation requires the performance of certain agreed upon functions, standards, and of course interaction as a group. Most of the activities parallel or are incidental to normal FidoNet activities. Routing Hierarchy: The basic routing strategy follows the normal FidoNet pattern of routing thru Zones, Regions, Nets, to Nodes. The difference is that SecureMail traffic is routed thru SecureMail Hosts rather than the FidoNet Hosts. A SecureMail Sysop serving in each position is referred to as a Host. There are functional (not Authoritative) positions such as Zone SecureMail Host (ZSMH) Region SecureMail Host (RSMH) and Net SecureMail Host (NSMH). An International SecureMail Host (ISMH) functions as a central coordinator for this functional hierarchy and maintains the routing lists and this document of intent and mission. Note that at any given time, all positions may not be filled, due to the fact that positions are filled by those who have the means and desire to provide the service of each position. Operational Practices: Each SecureMail Host (SMH) has agreed to route E-Mail (referred to as In-Transit mail) in a manner which provides the highest degree of privacy technically possible. Some variances can be expected, as the technical characteristics of each system differ, however each SecureMail Host strives to provide the best service possible. Specific operational practices include: - In-Transit mail shall not be read. Note that some systems do not provide the ability to restrict a Sysop from viewing In-Transit mail. In such cases the Sysop makes every effort to avoid noticing the content of such E-Mail as they scan thru their message bases. - The content of In-Transit mail shall not be disclosed, or given to anyone but the addressee, except as required for routing thru the SecureMail System. - All SecureMail Hosts agree to route any In-Transit mail they receive. This includes encrypted and clear-signed traffic now refused by some systems in FidoNet. In-Transit mail that cannot be delivered shall be returned to the sender along with a brief explanation of why it could not be delivered. If no local routing via another SMH is available, the mail will be sent directly to its destination by the receiving SMH. - In-Transit mail shall not be censored. Routing of In-Transit mail shall not be refused for any reason even remotely associated to the content of such E-Mail. Note: how could it be if it isn't read in the first place? Avoidance of Liability: Those participating in the SecureMail Routing System do so to provide a service at no cost to those who choose to make use of it. There is no guarantee of performance implied nor accepted by the SecureMail System as an organization, nor by the individuals who voluntarily participate to provide this service. Those who choose to make use of this service should recognize that although we strive to provide the best service possible, we cannot and will not offer any guarantees, nor do we accept any obligation for providing any service, or the performance of any service to a defined standard. Those who provide this service specifically deny any liability for the content of In-Transit E-Mail. Any liability that may apply must rest upon the originator. It is the stated practice of those who participate to provide this service, that In-Transit E-Mail is not read. On that basis, those who participate in the SecureMail Routing System will not have knowledge of the content of In-Transit E-Mail, will not censor, make judgements as to the legality, morality, nor suitability of any In-Transit E-Mail to be routed, before during or after having any contact with it. Those who participate in the SecureMail Routing System do so for the purpose of providing a service to others using the FidoNet E-Mail System. It is specifically denied that such service is supplied for the purpose of promoting, enhancement, implementation, or aiding the accomplishment of any illegal activity. No one participating in the SecureMail Routing System will knowingly allow its use to aid, abet, or otherwise participate in illegal activities, or make use of the SecureMail System for any illegal purpose. Further it is our stated operational practice that we shall not be engaged in viewing In-Transit E-Mail for the purposes of knowing whether or not the content of such could be considered illegal, and specifically deny that we could have any such knowledge. Those engaged in SecureMail Routing are constrained by the ECPA [Electronic Communication Protection Act] and FidoNet Policy in their ultimate handling of In-Transit E-Mail in regard to disclosure. Anyone who supports the goal of E-Mail privacy and who agrees to abide by the standards herein proclaimed, may apply to act as a SecureMail Host Routing System at their own expense and without regard to In-Transit E-Mail content. A list of current SMH Nodes is contained in the file SECUREML.MAP which accompanies this document. Applications may be made via direct Netmail to the ZSMH, RSMH, or NSMH closest to your area. International applications may be sent to the ISMH as listed in the map. Most SMH Nodes are identified by the flags listed above in the FidoNet Nodelist. Any questions regarding the SecureMail Routing System may be directed to any SMH listed Node. A FidoNet Echomail conference for all participating SecureMail Hosts is available as SECUREMAIL from any listed SMH. -30- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLrXQ18sQPBL4miT5AQGLVAP7BiBakhNBDQjM3zf01NaYGcSMMrAmtIN7 palWDp6QOgaEdnt2a7i/fLYxSdJNs/fX8Muo6hxWdywMF+ckmQ05m5truvzmdBbp SVJ+do0ofMQE0Xlc8w7jYalXGgtdLzRvPrmdABFVhHKauvIiBWhV4jEh5A34rtyJ fBQKK5hbXQg= =gM9w -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 1 Nov 94 00:24:22 Subject: SecureMail Host Routing map UpdReq -----BEGIN PGP SIGNED MESSAGE----- SecureMail Host Systems Zone Sysop Address |--ISMH Jim Cannell 1:216/21 | | |--Z6SMH Open | |--Z5SMH Open | |--Z4SMH Open | |=================================================================== | |--Z1SMH Jim Cannell 1:216/21 | | RSMH Net Sysop Address Flag | |--- 10 Radi Shourbaji 1:143/110 X | | | SMH |-- 102 Dave Lord 1:102/338 | |-- 119 *none at present* | |-- 125 Barry Kapke 1:125/33 X | | |-- 352 John Burrows 1:352/333 X | | | |-- 143 Radi Shourbaji 1:143/110 X | |-- 161 Mike Burgett 1:215/705 | | |-- 215 Joe Pye 1:215/25 | | | |-- 202 Guy Martin 1:202/905 | |-- 203 Lee Dohm 1:203/111 | |-- 205 Zorch Frezberg 1:205/1701 X | |-- 206 Dan Wilson 1:206/2507 X | |-- 207* Dave Sparks 1:207/212 | |-- 210 Steve Garcia 1:210/11 X | |-- 216 Jim Cannell 1:216/21 X | | |--- 11 Jeffrey Oxenreider 1:226/560 | | | |-- 120 Ryan Anderson 1:120/379 | |-- 226 Jeffrey Oxenreider 1:226/560 | |-- 2202 Ryan Anderson 1:120/379 | |-- 2215 Jim Bailey 1:2215/480 | |-- 2240 Ryan Anderson 1:120/379 | |-- 2410 Ryan Anderson 1:120/379 | | |--- 12 Jesse David Hollington 1:225/1 X | | | SMH |-- 167 Frederic Giroux 1:167/535 | |-- 221 Paul Henry 1:221/279 X | |-- 225 Brett Dubroy 1:225/100 X | |-- 252 *none at present* | | |--- 13 Marc Stuart 1:2624/402 X | | | |-- 107 *none at present* | |-- 267 Matthew Landry 1:267/109 X | |-- 2613 Jack Mooney 1:2613/108 X | |-- 2624 Marc Stuart 1:2624/402 X | | |--- 14 Jason Buchanan 1:286/702 X | | | SMH |-- 285 Mike Riddle 1:285/27 X | |-- 286 Jason Buchanan 1:286/702 X | |-- 287 Danny Walters 1:287/507 X | |-- 291 *none at present* | |-- 296 *none at present* | | |--- 15 Dave Munhollon 1:128/86 X | | | SMH |-- 114 Allen Borovkoff 1:114/169 | |-- 128 Dave Munhollon 1:128/86 X | |-- 303 Thomas Lange 1:303/5 | |-- 314 Doug Preston 1:314/5 | | |--- 16 Todd Rourke 1:323/110 | | | |-- 323 Todd Rourke 1:323/110 | |-- 325 Frank Perricone 1:325/611 X | | |--- 17 Ted Rolle 1:105/36 | | | SMH |-- 105 *none at present* | |-- 340 *none at present* | |-- 346 *none at present* | | | |--- 18 Christopher Baker 1:374/14 X | | [cbak.rights@opus.global.org] | | | |---- 3:800/857 Jackson Harding 3:800/857 X | | | |------- 285 Mike Riddle 1:285/27 X | | | SMH |-- 116 *none at present* | |-- 123 Scott Miller 1:123/416 X | |-- 135 Tom Cropper 1:135/327 [Down] | |-- 135* David Bobo 1:135/110 | |-- 151 James Barrett 1:151/132 X | |-- 360 Stephen Frazier 1:360/23 X | |-- 362 Jack Whaley 1:362/940 X | |-- 365 Chris Britton 1:365/200 X | |-- 366 Rob Buckman 1:366/844 X | |-- 369 *none at present* | |-- 374 GK Pace 1:374/26 X | |-- 375 Tom Jones 1:375/1 X | |-- 378 Sydney Marcus 1:378/10 X | |-- 379 *none at present* | |-- 3608 Michael Smeby 1:3608/3 X | |-- 3636 Chris Chastain 1:3636/16 X | |-- 3647 Gale D. Wilkerson 1:3647/1 X | |-- 3649 Chris Hunter 1:3649/17 X | | |--- 19 Mike Lenker 1:106/1776 X | | | SMH |-- 106 Mike Lenker 1:106/1776 X | |-- 124 Bob Ratliff 1:124/7020 | |-- 130 Dale Hopkins 1:130/908 X | |-- 147 Bill Teasley 1:147/3660 X | |-- 170* Jim Watson 1:170/610 | |-- 382 Chuck Haynes 1:382/502 X | | |=================================================================== | | |--Z2SMH Harry Bush 2:51/2 | | | RSMH Net Sysop Address Flag | |--- 50 (Russia) Dmitry Kiselev 2:5026/3 | | | |-- 5022 Dmitry Turevsky 2:5022/8 | SMH |-- 5026 Dmitry Kiselev 2:5026/3 | | |--- 51 (Latvia) Egons Bush 2:5100/8 | | | SMH |-- 5100 Egons Bush 2:5100/8 | | |=================================================================== | |--Z3SMH Jackson Harding 3:800/857 | | RSMH Net Sysop Address Flag | |--- 51 Jackson Harding 3:800/857 | | | |-- 800 Jackson Harding 3:800/857 Note: Those nodes listed with an asterisk "*" are accepting SecureMail for their Nets, but do not currently route mail from their Nets thru SecureMail channels. SecureMail Hosts are identified by the following flags in the FidoNet Nodelist: ISMH - International SecureMail Host ZSMH - Zone SecureMail Host RSMH - Region Securemail Host NSMH - Net Securemail Host SMH - SecureMail participating Node [these flags may or may not be preceded by a U in the Nodelist.] SecureMail Hosts are requested to ask their Local Coordinator for the appropriate UserFlag for their primary Node number. Those currently flying the ?SMH flag in the nodelist are show with an X by their node number. Complete information on the FidoNet SecureMail Host routing system is available by file-request or first-time download as SECUREML.ZIP from the ISMH or any of the RSMH systems. -30- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLrXRCcsQPBL4miT5AQF3pAP+P2+xXXcYccJ0qRl+BUSeE8ncZWq2RA00 EAIgmLTqvftiJnODjH0vbagn/q9tz/NuGXEWDMosT5qEVDBuQFsWhAwRDsX4dlUC pQtlKkXVAppgf0tzhgVo/q0GvNy0Ag0+oxgk+yPRYt+lTULUKrgkB1GoAjerNVGs pVEJpCsZX3o= =noQh -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Ian Lin Area: Public Key Encryption To: Jeremy Scott 1 Nov 94 06:37:30 Subject: cryptography UpdReq JS> ok...whats the big deal here some explain to me what the whole JS> "privicy" thing is about...im interested... Well it's just that you want sometimes to have information only go from you to certain other people and not to everyone. Don't you have any secrets? I've got plenty. If I share some, I'd be very angry if they were overheard and spread without my control. Wouldn't you? Whether you whisper more quietly or in another language, or encrypt if it's in typed text, it's all because privacy is of utmost importance. Having more capacity for privacy is better than having less capacity for privacy. In the event you want something really publicly known, just publish something. Write publicly and don't enrypt if that's what you want. But when I want something to get from me to someone else and no one else is to read it, I PGP it so no one else CAN read it. It's no good trying to trust that others won't if the physical ability is there. People are too curious and won't stop reading. Don't you close your bathroom door when you need to use it, or close your house doors and curtains at home? All right, some people don't and some people really don't value their own privacy that much. :) I value it because I like it. If you're someone who does value privacy, and most of us really do, it's a good thing to be able to encrypt, among other things. After all, the option to not be private is always there. ... Vote death by dismemberment when you have to take a Stand. 201434369420143436942014343694201434369420143436942014343694718 From: Ian Lin Area: Public Key Encryption To: Jim Bell 1 Nov 94 06:52:32 Subject: PGP 2.6.2 Official M.I.T UpdReq JB> If the government said, "You can't export a program that can be JB> modified to do good encryption," then the proper answer is that ANY JB> program can be modified to do good encryption, with enough changes. I bet anything we'd be told then that all encryption is now banned. :) Ya, it's not what we want, but you know how government is. :) So do you use PGP? I use PGP 2.3a (I refuse to use the MIT versions). I best let my key off here so people can check my signatures in the future. ___--BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQBNAi4x4EQAAAECALPQNsNsz/9FtevOc61EZTxaf8JkLbYg0dEIpaHMnstkck32 iVL8pZ6JvzgHNEEOwSyQJ6vw4RAZ0eZxnHtmpm0ABRO0CU5ldFJ1bm5lcg== =0uLN ___--END PGP PUBLIC KEY BLOCK----- ... ============== POLICE TAGLINE - DO NOT CROSS ============= 201434369420143436942014343694201434369420143436942014343694718 From: Ian Lin Area: Public Key Encryption To: Christopher Baker 1 Nov 94 06:49:34 Subject: legal PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- CB> -----BEGIN PGP SIGNATURE----- CB> Version: 2.6.2 CB> Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] PGP 2.3a is legal outside the U.S.! I'll use that instead. :) Is PGP 2.3a totally illegal now in the U.S.? ... A little pain never hurt anyone. ___--BEGIN PGP SIGNATURE----- Version: 2.3a iQBVAgUBLrYra9HmcZx7ZqZtAQG/jwH/VmikaN7wzd7yFfstgs2qguwNvUk4OUQg gP9DE0bgGeU6EKvvKJ+g6328TM8PVERw1RJ3O/mMf0rjQNx850mxXQ== =fZBQ ___--END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Jim Bell Area: Public Key Encryption To: MIKE RIDDLE 2 Nov 94 00:06:00 Subject: PGP 2.6.2 Official M.I.T. UpdReq -=> Quoting Mike Riddle@1:285/27 to Jim Bell <=- MR> In a message to CHRISTOPHER BAKER on Oct 26 94 at 21:51, Jim Bell MR> wrote: JB> Justa moment there. Presumably, the object code is JB> restricted for export due to the fact that it contains a JB> program that can do encryption. However, the source code JB> (by itself) cannot encrypt anything. JB> Is there any reason to believe that source code (or even JB> equations, explanation, etc) can be legitimately JB> restricted? JB> It's not as if I'd be surprised if the government were to JB> take such a foolish position; however I haven't heard that JB> one yet. MR> Notwithstanding the plain language of the ITAR about these matters, Da MR> Guvmint (which always knows best) continues to insist that source code, MR> at least in electronic form, is export-controlled. Does that mean that PGP could be exported, in source code form, if it was written on paper? Or, UUENCODE on paper. Does that include 1 and 2-dimensional bar codes? I realize that this may seem simply a make-work excercise, but remember that this only has to be done ONCE for that program to exist, legally, around the world. True, recent versions of PGP are actually written outside the US and brought in, but I think that we should test the principle in hopes of sticking the government with an untenable position. It shouldn't be necessary to do the export first: Merely ask what forms of export are legal, and once told that a particular form is legal, do it. ... Way Too Much is Not Nearly Enough. ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718 From: Jim Bell Area: Public Key Encryption To: JOHN STEPHENSON 2 Nov 94 00:06:00 Subject: PGP 2.6.2 Official M.I.T. UpdReq -=> Quoting John Stephenson@1:249/146 to Jim Bell <=- JB> If the government said, "You can't export a program that can be modified JB> to do good encryption," then the proper answer is that ANY program can JB> be modified to do good encryption, with enough changes. JS> It would probably work like guns in the states. You can't buy a weapon JS> that can be more easily turned into a automatic gun, than building one JS> yourself. Same with something like PGP. First, I think you have misinterpreted the rules concerning guns. Plenty of semi-auto guns can be modifed to full-auto. "Easily" is not particularly definitive. But there is at least a DEFINITION as to what's not allowed. On the contrary, there is no specific statement in law or in regulation (as far as I know) which states that certain types of encryption programs are prohibited from export. ... The rest of this tagline is encryp*&l#1E0+=|>fcd}85^7@jowxz*7"[=- ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: David McIntyre 2 Nov 94 09:40:52 Subject: Re: Which PGP version is best? UpdReq Despite the stern warnings of the tribal elders, David McIntyre said this to Scott Redd: DM> pass encrypted messages. Since the gov't has made Sysops DM> responsible for everything that comes through their systems, This is false. In fact, the government passed the law that best protects sysops; the ECPA. Not only can't you be held responsible for what comes through your system (remember, Steve Jackson *WON*, and the settlement has turned his dinky BBS into a major Internet provider) but it's a felony for you to even READ it if it isn't public mail. DM> some are paranoid that encrypted info _may_ have "illlegal" DM> information, therefor they kill all messages that are not DM> readable by them (damned government). They're committing a felony when they do. All you gotta do is prove it. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: All 30 Oct 94 13:00:56 Subject: EPIC 1/2 UpdReq -----BEGIN PGP SIGNED MESSAGE----- =anything above this line is bogus= =some off-topical stuff deleted= Source-Date: Sat, 29 Oct 1994 13:58:37 -0700 MBX: listserv@sunnyside.com TO: * Alan Pugh / MCI ID: 370-1548 Subject: EPIC Alert 1.06 EPIC Alert 1.06 =SNIP= ============================================================ Volume 1.06 October 28, 1994 ------------------------------------------------------------ Published by the Electronic Privacy Information Center (EPIC) Washington, DC (Alert@epic.org) ======================================================================= Table of Contents ======================================================================= [1] FTC Orders Trans Union to Stop Selling Credit Reports to Marketers [2] State Department Rules 1st Amendment Doesn't Apply to Disks [3] FBI Director May Ask For Mandatory Key Escrow Legislation [4] Clipper: Alive and Well [5] EPIC on Compuserve [6] New Files in the Archive [7] Upcoming Conferences and Events ======================================================================= [1] FTC Cracks down on Trans Union =snip= ======================================================================= [2] State Dept: 1st Amendment Doesn't Apply to Disks ======================================================================= The State Department ruled on October 7 that some forms of electronic speech are not protected by the First Amendment and can be prohibited from export. The decision raises questions about the protection of free speech on the information superhighway. The controversy arose over the export of an electronic version of Applied Cryptography: Protocols, Algorithms, and Source Code in C (John Wiley and Sons, 1994) by Bruce Schneier. The agency ruled that electronic source code for computer programs that contains cryptographic algorithms is not protected under the First Amendment and thus is not exportable under current law. The ruling follows just a few months after the same department OK'd the export of the same code in printed form. Under current State Department rules, the export of almost all software with confidentiality and privacy features is prohibited unless permission is granted by the National Security Agency prior to export. Earlier this year Schneier and San Diego engineer Phil Karn requested and received permission to export the printed version, which contains over 100 pages of source code for different cryptographic algorithms in a type face easily converted to electronic form by a standard computer scanner. The book has sold over 17,000 copies worldwide in less than one year. When Karn and Schneier requested permission to export the disks, which have the exact same information as is contained in the book, William Robinson, the director of the Office of Defense Trade Controls, rejected the request stating "the text files on the subject disk are not an exact representation of what is found in Applied Cryptography...each source code listing has been partitioned into its own file and has the capability of being easily compiled into an executable subroutine . . . This is an added value to any end user that wishes to incorporate encryption into a product." Computer users and experts are critical of the distinction. Karn noted "with the widespread availability of optical character recognition (OCR) equipment and software, even printed information such as the Book is easily turned into 'machine readable' disk files equivalent to the diskette." Bob Stratton, a Senior Engineer at AlterNet "Whether its in a book or on a disk, it doesn't matter. The technology [the cryptography code] will flow no matter what." When Karn and Schneier appealed the decision, Martha C. Harris, the Deputy Assistant Secretary for Export Controls at the State Department stated "We...have concluded that continued control over the export of such material is consistent with the protections of the First Amendment" She noted that a high level, interagency review had resulted from the request. Bob Peck, a First Amendment lawyer with the American Civil Liberties Union notes "any claim that the First Amendment is inapplicable because of the medium is just not valid." Karn plans to appeal the decision. ======================================================================= [3] Clipper: Alive and Well ======================================================================= Vice President Gore's July letter to Rep. Maria Cantwell led some observers to to hail the "death of Clipper." Others (including EPIC and Sen. Patrick Leahy) maintained that the Gore letter simply re-stated earlier Administration pronouncements on the encryption issue and did not represent a change in policy. Any lingering doubts were laid to rest recently by Lynn McNulty, the Associate Director for Computer Security at the National Institute of Standards and Technology (NIST). Speaking at a conference sponsored by the Electronic Messaging Association, McNulty gave a presentation entitled "Clipper: Alive and Well." Noting that some media reports had pronounced Clipper dead, McNulty said simply "that is not correct." He reported that the government is "moving ahead to implement key escrow," and that the designated escrow agents are, in fact, escrowing keys. To date, 10,000 Clipper-equipped telephone units have been purchased by the law enforcement community. And the National Security Agency is continuing to aggressively market its key escrow technology to private manufacturers. =continued...= -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCxAgUBLrPfStQ9obngT6LhAQEcgATdGZmZSyO+gz4dU10uKgc7HI0E6mNTA0hP jknvoJNDvfF41AyRix6UoUtNC2wj+vABfchNT+nQt94Zn70xN7uzuc85E9lNG6oh 3c6lDz1jgY1FHW3gvtICIR7uleteZUlHp7wy7kc5Kk8Wa9KC2/gbgXn614SS4Rf7 DGWk6TfGanJTyUzFgw7nIwmaBol6deL30LqQzdELnQZkbNQY =7gT0 -----END PGP SIGNATURE----- ~~~ PGPBLUE 2.5 ... PRIVACY is Important! Use PGP Regularly. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: All 30 Oct 94 13:02:06 Subject: EPIC 2/2 UpdReq -----BEGIN PGP SIGNED MESSAGE----- =anything above this line is bogus= =...continued= ======================================================================= [4] FBI Director May Ask For Mandatory Key Escrow Legislation ======================================================================= At a conference on Global Cryptography earlier this month, FBI Director Louis Freeh suggested that if the administration's Clipper key escrow encryption scheme was not widely adopted, he may ask Congress for legislation making it mandatory. The FBI confirmed to comments to reporters Brock Meeks and Steven Levy. Excerpt from transcript of Freeh talk as faxed to MIchael Froomkin by the FBI: [note: bracked material is summary of earlier exchange] Q: [If people pre-encrypt while using Clipper, would] the policy then have to change? A: The terms of encryption being a voluntary standard? Oh yea, definitely, I mean if five years from now we solve the access problem but what we are hearing is all encrypted I'll probably ah, if I am still here, be talking about that in a very important way. Sure, I mean the objective is the same. The objective is for us to get those conversations whether they are by an alligator clipped or or [_sic_] ones and zeros wherever they are, what ever they are, I need them. ======================================================================= [5] EPIC on Compuserve =snip= ======================================================================= [6] New Files at the Archive ======================================================================= OTA Report on Cryptography /cpsr/privacy/ota_report_1994 Final Version of HR 4922/S 2375. - The Communications Assistance for Law Enforcement Act of 1994 HR 5199 - Encryption Standards and Procedures Act of 1994 /cpsr/privacy/crypto/hr5199.txt Files related to the Applied Cryptography Export Decision /cpsr/privacy/crypto/export/applied_crypto/ The CPSR Internet Library is a free service available via FTP/WAIS/Gopher/listserv from cpsr.org:/cpsr. Materials from Privacy International, the Taxpayers Assets Project and the Cypherpunks are also archived. For more information, contact ftp-admin@cpsr.org. =snip= To subscribe to the EPIC Alert, send the message: SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname to listserv@cpsr.org. You may also receive the Alert by reading the USENET newsgroup comp.org.cpsr.announce. Back issues are available via FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert and on Compuserve at Keyword: NCSA, Library 2 (EPIC/Ethics) ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government and Computer Professionals for Social Responsibility. EPIC publishes the EPIC Alert and EPIC Reports, pursues Freedom of Information Act litigation, and conducts policy research on emerging privacy issues. For more information email info@epic.org, or write EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax). The Fund for Constitutional Government is a non-profit organization established in 1974 to protect civil liberties and constitutional rights. Computer Professionals for Social Responsibility is a national membership organization of people concerned about the impact of technology on society. For information contact: cpsr-info@cpsr.org To alter or end your subscription to this mailing list, write to listserv@cpsr.org. For general information send the message: HELP To unsubscribe, send the message: UNSUBSCRIBE CPSR-ANNOUNCE You need to do this from the same machine you subscribed from. In both cases, leave the subject blank, or at least not resembling an error message. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCxAgUBLrPfi9Q9obngT6LhAQFBbATfWsevCZwp1T0a7+bNZARsR9+rzCd6m5w0 Cr01DILZgfFSFatOOB6yEYpkxsUtk/FtsUxqLYIgRgq1+8I46fYi4Mz3/NtzzNqF VEuzE6dqVRfx0/KlxLE/CUVccX++y785B/Z0bDmnh9VwUeOAMp7dcrg2GZ3bY6hk 3sFfz+AKsrWnkwMADpg/3bt1/clTgKswYyxDIL83rSw0iJep =PKMI -----END PGP SIGNATURE----- ~~~ PGPBLUE 2.5 ... Gun Control: A Logic-Free Philosophy. 201434369420143436942014343694201434369420143436942014343694718 From: Nolan Lee Area: Public Key Encryption To: Shawn McMahon 2 Nov 94 00:07:04 Subject: hpack UpdReq On Oct 30 16:21 94, Shawn McMahon of 1:19/34 wrote: SM> I do not know if they're currently available for FREQ, but SM> the filenames were: SM> HPACK79D.ZIP (DOS version.) SM> HPACK79O.ZIP (OS/2 version.) The dos version is, I just grabbed it, thanks. :-) Nolan 201434369420143436942014343694201434369420143436942014343694718 From: Nolan Lee Area: Public Key Encryption To: Charles Chapman 2 Nov 94 00:27:36 Subject: PGP embedded in .gif's ? UpdReq On Nov 01 00:28 94, Charles Chapman of 1:102/903 wrote: CC> HDSK41B.ZIP: Grabbing it now, thanks. later, Nolan 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: All 1 Nov 94 09:35:16 Subject: GMSG UpdReq -----BEGIN PGP SIGNED MESSAGE----- When I bounce a message with GenMSG, it sets the return address to the FROM address on the message. To illustrate: When a message is from John Doe at 1:123:456 to a non-existant node, and I bounce it with GenMSG, the bounced message will be From: GenMsg AutoReturn @ 1:123/456 To: John Doe @ 1:123/456 My address (1:102/903) doesn't show up anywhere. Do I have something configured wrong, or is this a SERIOUS bug? Here's my INI file, with comments deleted: ;================================================================ ; GenMsg.ini for version 4.20 ; MUST be in the same directory as GenMsg.exe ! ;================================================================ Name=John Schofield Node=1:102/903 Netmail=e:\mail Editor=c:\utility\ed.exe Alias-1=1:102/904 Alias-2=11:102/12 AKA-1=Keep Out AKA-3=Sysop Ask-Name=Off Areas d:\gmsg\areas.gen Smart-Last=On PGP c:\pgp\PGP.exe PGPPath=g:\PGPkeys KeyName=ac086@lafn.org Ask=Id=Off Origin=The Sprawl +1-818-342-5127 -- Home of Keep Out Magazine! uucp-gate 1:102/851 Init-Strings off Show-Edits Off Seenbys on View-All off Kludges on Dbridge Off Auto-PGP On Add-Uucp=On uucp-address=John.Schofield@Sprawl.Expressnet.Org Scan=Off Use-Bios Off Text-Char 1 Text-Back 3 Menu-Char 3 Menu-Back 1 Error-Char 12 Error-Back 1 -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLrZ7+Gj9fvT+ukJdAQFBPwQAoGxxmW5wIVocraNEosM6JUx3WdIwmLF1 whwBNTi6LM4k8poF/AnBTNH+94Ozn2ESCcB0osgsmlVv1AiOMXWyQIjzK9OVFuul LLNnM9rqQFMIzYRHM8wEilc48k9cfl3XAddRxWAVZh8ViwlaR4ubpoSPFJi7qPiN 1GCF+3N4I5k= =Dcv0 -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... "It's not frozen up, it's just resting." -- John Schofield 201434369420143436942014343694201434369420143436942014343694718 From: John Mudge Area: Public Key Encryption To: Marshall Votta 1 Nov 94 07:16:00 Subject: PGP embedded in .gif's ? UpdReq Hello Marshall! Sunday October 30 1994, Marshall Votta writes to John Mudge: JM>> Any sources for this software? MV> I have it. MV> The program is called "Stego"; at least, my version is. What it does is MV> alters 50% of the colors 1/256th in grayness, replacing the bit with one MV> of the bits of your message. .... MV> On the net, surf over to soda.berkeley.edu via FTP, and go to the MV> /pub/cypherpunks/steganography directory for Stego 1.0a2. Thank you very much for the great information and the info on the Internet site! I had managed to get a copy, but your information made it a bit clearer. It sort of looks like the sort of thing that would be really nice to have a shell for in order to use PGP with it and avoid having to remember all the steps :-) John Mudge 201434369420143436942014343694201434369420143436942014343694718 From: Dan Mlodecki Area: Public Key Encryption To: Ian Lin 1 Nov 94 22:06:20 Subject: legal PGP UpdReq -----BEGIN PGP MESSAGE----- Version: 2.3a hIwC8d4fqT/H2B0BBACYKXfXX+HuU3L8SbQ/cjpfsvT71jfcLz+ZX5GhgZUjGz7/ v3Sxb5Xw0aHZLkbzKDOh74ECGXN2hyJZ6CJB+ujjRC/eYyeXN7jeafH01L57wIBW 4240MyoduvEIngC+amlSMEPisK4JSzPmupBeJmdpMPYuRcOzpSXJHNj8YJOrHaYA AAIDscs18GgnfU2DQq6lItVNSnFSj064CuG2XSdYW23frax91v0ro5XjTH2wLpnf 7vGkH4m3UK3AnmluotrH9WsoXKvEIy1dkhydkvEvUSKYM8BrAR4WBGZ9m0+Azx9p e4xzyG0PWsVS6rWkDBrKUa0VgW8yfzkYgodV+9s9WLv77Zzb4LRrFbTYwv1pX0Jh xlcQirFeS9AT0H8RnfxW8DynuEeKoDHJ6k+/QGwn1KFDvHSvARcRKEVJn12YPjGu mKt+s3wrMQbC4fngL8X34cLLdR4abIzVyFYfqEBQt/PbwaXL/JDrPkJD1I9CBphx 2wjN8KSHl+H16BWTHbb0ML9B8/g/kYOFnmBnJdAWpUvFuBp7z/8G90fp+0UShRzr sK33MlJAtEL/XIePyeS7n8slG+s84qkZckxW6Tc4TRO8GXuU8mv2cxRJ0P7lI0zy iGO0LFTbV6KZu/cp7z6dF9dnwAKkdnT9rNHULOa9+ZkNTR+ZlCh5WcvYywqxhon9 WU4n9UyFkjqllvrEdI5GuVu3PDAJbcAHZyI/a5CmKHHKwbbXqbF0sICdfDyXPcuA vdhNoShU/8dWkmHkWWNlSdpZlgLjvXQqCQFRzbNSvhgMTvSTaH3nlnD8p1Ald0aZ uOxiJFvbZUz8596oW7B1lCnt9XujSqdPxgQEg3zW4jEHCG5gQAk= =6C6C -----END PGP MESSAGE----- ... No MSG! 201434369420143436942014343694201434369420143436942014343694718 From: Dan Mlodecki Area: Public Key Encryption To: Peter Bradie 1 Nov 94 22:09:32 Subject: Pgp signatures UpdReq -----BEGIN PGP SIGNED MESSAGE----- - -=> From: Peter Bradie To: Jim Grubs, W8grt <=- - -=> Subject: Pgp signatures On: 27 Oct 94 20:01:00 <=- PB> It sorta gets back to the Web of Trust... I don't have your key PB> because I don't know you, don't know anyone who does know you, and PB> cannot anticipate any time in the future when I'd need to send PB> confidential information to you that might require encryption. If you PB> have my public key you could send me something encrypted... but I've no PB> earthly idea why you might want to do so. And if you did, how do PB> you know that I really am Peter Bradie? Question: If no one here can certify that a user is actually that user, then how can anyone trust anyone else at all? There has to be a limit imposed on paranoia, for sanity reasons! -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLrcC2QtRIAyZcZF7AQGN3AP/RKMV4YuifD6TfU4nQzsfeaR+QZsQ0iT0 UW9S1bED5mJvGrkhnpY/nXYKONtoflnxfF6ji1TLN1tBf69l0bL3X1hhqfhjuIry DZx0wCN1VXWLoyecuAF2wp5tNARwnTyIlSpYcfpBhphN4DSR/IWIJm6TaIMgTD5u Wo7g3jWi9HE= =+0Ws -----END PGP SIGNATURE----- ... Resistence is useless!! (if less than 1 ohm). 201434369420143436942014343694201434369420143436942014343694718 From: Dan Mlodecki Area: Public Key Encryption To: All 1 Nov 94 22:11:36 Subject: Pub Key.. Just in case I forgot UpdReq Just in case I forgot to post it here... -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAi6la58AAAEEALBa22hw2vSTCQvs66vX2SgOaZ9Yd2KuXMX05zYHOhjcOTg7 Ss/lTvjCbj3vtaYhp49Gv9rFhxaCLYWFrdGS1VU+pe6XP/n+MPAQnHZSKbJgVZZy EKqxJQaPNkuyS71znFCcIFykEeIES8kQ7iDuWCtHu3UpqcKDXwtRIAyZcZF7AAUR tBRIZXJlc2F5IDwxMDoyNDMvMTE4PrQjRGFuIE1sb2RlY2tpIDxIZXJlc2F5ICgx MDoyNDMvMTE4KT4= =lazu -----END PGP PUBLIC KEY BLOCK----- ... Gee,Mr. Wizard! Aren't nuclear reactors dangerous? 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 1 Nov 94 13:48:50 Subject: draft of U.S. House bill w/EFF analysisUpdReq -----BEGIN PGP SIGNED MESSAGE----- has just been hatched into PUBKEYS file distribution as: HR-5199.ZIP this bill proposes to further entrench the federal government's control of what encryption may be privately used. although it purports to bring the two sides together [the snoopers and the citizens], it fails to provide any real safeguards for the citizens while promoting the concept that the government has a right to invade your privacy for 'national security' reasons which is what this bill really boils down to when fully reduced. the EFF is keeping an eye on this one. let's do likewise. all PUBKEYS links please poll. thanks. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLraNlcsQPBL4miT5AQE8RgQArFNVSkNEMKsAmRcmDLUBhKb+R77IzWtt qc+a5Qyp6rqDL3VewBuWlMuYlZ4qVcPbNy57HenQBmLggGpumtZMfZOxVOZKz51/ smsMrbFKvx3M/w1/GnqzUU4Stev9lGtiQrElSPsWDnS2gw1M2px09eJYOHNeYkRg szv6gTf4RWA= =swhD -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Michael Bauser Area: Public Key Encryption To: Jim Bell 2 Nov 94 15:54:26 Subject: PGP 2.6.2 Official M.I.T. UpdReq -----BEGIN PGP SIGNED MESSAGE----- Who: Jim Bell What: PGP 2.6.2 Official M.I.T. When: 02 Nov 94 00:06:00 JB> Does that mean that PGP could be exported, in source code form, if it JB> was written on paper? Or, UUENCODE on paper. Does that include 1 and JB> 2-dimensional bar codes? Exporting printed copies of source code is very legal. The test case was the book "Applied Cryptography". It included printed samples of source code and was legal to export. Someone applied for an export permit for a floppy disk containing the exact same source code, and the export permit was denied. The government says that source code on disk is "value-added" so that it's not necessarily covered by the First Amendment the way books are. (That's a very weird argument that probably won't hold up in the long run.) Phil Zimmerman and MIT have acutally talked about releasing a *book* containing all the PGP source code, but no definite plans have been announced. If they do release such a book, they'll probably wait until after they've released PGP 3.0--Phil's working on enough things already. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: The legal_kludge is dead! Upgrade, already! iQCVAwUBLrf7jMRHZFQbZSuZAQGhQwP8CXqSCM7TCFakHEMOo76KzK2ClBpcxZBX i3OpV0bICffRGYIJ8DyPxrMlJD93axzmlV6wG5AFLt2hdkhuu/jI1AXeVkMN4+NE 0PMzn2bEBr/YlnDdiYKf2P7BK9ZHIY4rmTsTpByhkJIAeeLkr4yV3oYotmvxIXL4 WLd4i5y+GJQ= =0jPw -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... Can we talk in private? Not if the FBI & NSA have their way. 201434369420143436942014343694201434369420143436942014343694718 From: Michael Bauser Area: Public Key Encryption To: All 31 Oct 94 03:10:44 Subject: Problem with PGPload UpdReq -----BEGIN PGP SIGNED MESSAGE----- A program I've never heard of before (so I assume it's fairly new) showed up here this week. PGPload (pgpl1-2.zip) is *another* program for inte- grating PGP and Bluewave, but when I tried to install it on my XT, all I got were a couple of runtime errors. Specifically, INSTALL.EXE produced: Runtime error 105 at 0000:0187. PGPLOAD.EXE produced: Runtime error 105 at 0000:06D6. Anybody know what those mean? I can only guess it's complaining about being on an XT, but the only hardware requirement listed in the docs is a CGA monitor. (I've got an XT with a CGA monitor and 40mb hard drive, running MS-DOS 6.20, in case it's relevant.) Anybody got experience with this thing? It's documentation lists some fairly impressive features, and it's cheaper than PGPBLUE. I would really like to try this one out.... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Yeah, this is the MIT version. Live with it. iQCVAwUBLrSlncRHZFQbZSuZAQGtMAP8CgOQn1nZW42yBvNFRx5tlykSEqLc7YHa 0wzKBuO+t111KyJBmckfZDHDAVYOey79tlwL1zl7bir+A6YPfZwdF7+30ZNqE3lT QQpO3ts0+vB2rlyb7xxQHFReYInjx9rME4Gkmre3dbY6YSKKcodmwTz6s23Qoo17 iMnmB6dElNY= =hBiU -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... RIPEM, mbauser@kentvm.bitnet, FEF6F89F08EBDD64 996B4B4B5E2D4603 201434369420143436942014343694201434369420143436942014343694718 From: Michael Bauser Area: Public Key Encryption To: Christopher Baker 2 Nov 94 16:29:02 Subject: PUBLIC_KEYS Echo Guidelines - regular repostUpdReq -----BEGIN PGP SIGNED MESSAGE----- Who: Christopher Baker What: PUBLIC_KEYS Echo Guidelines - regular repost When: 01 Nov 94 00:21:45 CB> 4. No Private flagged messages in Echomail! Encrypted traffic using CB> public-keys is permitted for the exercise so long as it is CB> on-topic. Don't send person-specific encrypted traffic. Such CB> specific traffic belongs in direct Netmail. Encrypted traffic should CB> be in the form of public-keys or public-key signed messages that can CB> be read by anyone with PGP 2.4+ and your public-key. Include your CB> public-key when sending such messages in case the other end doesn't CB> have it or make them aware of how to get it from your system. Can I suggest a couple of minor changes to this section of the rules? One is technical, one is semantic. The technical suggestion is about the "messages that can be read by anyone with PGP 2.4+" part. PGP 2.4 and 2.5 are affected by the same 1 Sep 94 flag day as older versions. Strictly speaking, 2.4 compatibility requires an older version, legal_kludge (which was removed from 2.6.2), ViaCrypt 2.7, or an international version. Maybe it's time to require 2.6 compatibility. The semantic suggestion is even more obscure. Are you sure it's wise to include clear-signed messages and key-blocks under the category "encrypted"? In the discussions last month (here and in MODERATORS) about allowing clear- signed messages, part of the argument was whether or not signed messages are "encrypted" or not. Maybe section 4 up there should say something more explicit like "encrypted traffic is not allowed, but clear-signed messages are", so that non-PGP users get the point that PGP-users consider encrypting and signing different things. I'm just kibitzing, as usual. Let me know what you think. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: The legal_kludge is dead! Upgrade, already! iQCVAwUBLrgDuMRHZFQbZSuZAQHsTwQAlMcNBEISPTycVJ9uUxw/GIBFjKbIlgIg X/mCFopgZq7EpUkyOaHZlfKqU8aqoBHwDFZJds/4QRhaPWr9MmWzy1vcvT0XoSFf cNlokSbE/QQfQBxC4zmfuG/EbXTgugW1KmMGyLA2l9M18NbQRUsnF4NVu9q6bhpM k4FqZ7E0g28= =JNLI -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... 1984--We're behind schedule 201434369420143436942014343694201434369420143436942014343694718 From: Michael Bauser Area: Public Key Encryption To: David McIntyre 2 Nov 94 16:43:28 Subject: Re: Which PGP version is best? UpdReq -----BEGIN PGP SIGNED MESSAGE----- Who: David McIntyre What: Re: Which PGP version is best? When: 31 Oct 94 06:36:39 DM> gotten a version of PGP that I feel comfortable with yet. The 2.6 I DM> have now won't read all the keys that have come through the normal DM> distribution channels. I'll eventually find the 2.6ui that I'm looking PGP 2.6 shouldn't have problems adding keys unless they're signed with versions before 2.3, or by versions 2.3/2.4/2.6ui set in backward- compatibility mode. *Sigh* Why are so many people obsessed with being compatible with those old versions? They're all buggy, 2.2 dangerously so--I don't know why anybody still using 2.2 (as their main program) or any good reason to do so. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: The legal_kludge is dead! Upgrade, already! iQCVAwUBLrf+3MRHZFQbZSuZAQGLdwQAhy6cKmPj9aLbepXdYvrZPnfZYqlMR6rv W3Sl6El5ia79evoYpZ/P7KYZbEapAd2qqpjMvyZV6rZa7IUaeNQe4uahOwwhRQ0y cnJqco3acgZotvKxO1BuA1Qfkx115TfOQasl6VT4HFeU0/jcpnfPwhFcV61pcIoG hOqvuN3moRA= =jouL -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... We stand today on the brink of a revolution in cryptography. 201434369420143436942014343694201434369420143436942014343694718 From: Jim Bell Area: Public Key Encryption To: MIKE RIDDLE 3 Nov 94 00:01:00 Subject: PGP 2.6.2 Official M.I.T. UpdReq -=> Quoting Mike Riddle@1:285/27 to Jim Bell <=- MR> In a message to CHRISTOPHER BAKER on Oct 26 94 at 21:51, Jim Bell MR> wrote: JB> Justa moment there. Presumably, the object code is JB> restricted for export due to the fact that it contains a JB> program that can do encryption. However, the source code JB> (by itself) cannot encrypt anything. JB> Is there any reason to believe that source code (or even JB> equations, explanation, etc) can be legitimately JB> restricted? JB> It's not as if I'd be surprised if the government were to JB> take such a foolish position; however I haven't heard that JB> one yet. MR> Notwithstanding the plain language of the ITAR about these matters, Da MR> Guvmint (which always knows best) continues to insist that source code, MR> at least in electronic form, is export-controlled. Does that mean that PGP could be exported, in source code form, if it was written on paper? Or, UUENCODE on paper. Does that include 1 and 2-dimensional bar codes? I realize that this may seem simply a make-work excercise, but remember that this only has to be done ONCE for that program to exist, legally, around the world. True, recent versions of PGP are actually written outside the US and brought in, but I think that we should test the principle in hopes of sticking the government with an untenable position. It shouldn't be necessary to do the export first: Merely ask what forms of export are legal, and once told that a particular form is legal, do it. ... Way Too Much is Not Nearly Enough. ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718 From: Jim Bell Area: Public Key Encryption To: JOHN STEPHENSON 3 Nov 94 00:01:00 Subject: PGP 2.6.2 Official M.I.T. UpdReq -=> Quoting John Stephenson@1:249/146 to Jim Bell <=- JB> If the government said, "You can't export a program that can be modified JB> to do good encryption," then the proper answer is that ANY program can JB> be modified to do good encryption, with enough changes. JS> It would probably work like guns in the states. You can't buy a weapon JS> that can be more easily turned into a automatic gun, than building one JS> yourself. Same with something like PGP. First, I think you have misinterpreted the rules concerning guns. Plenty of semi-auto guns can be modifed to full-auto. "Easily" is not particularly definitive. But there is at least a DEFINITION as to what's not allowed. On the contrary, there is no specific statement in law or in regulation (as far as I know) which states that certain types of encryption programs are prohibited from export. ... The rest of this tagline is encryp*&l#1E0+=|>fcd}85^7@jowxz*7"[=- ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718