[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DId you ever think...
> [email protected] (Peter Beckman) writes:
> Did anyone ever think that maybe, just maybe, PGP was developed, and before the
> programmer started giving it away for free, that he was paid by the government
> to give them the key which can unlock ANY PGP locked document/file/etc??? I
It's more likely that the government after the fact has started trying to
spread the rumor that PGP has an intentional hole in it or can be broken
easily. I've seen a number of rumors of this kind, and at least one of
the latter (i.e. they can read traffic with 1024-bit keys easily, but 2-4K
keys might make them sweat) was encouraged by a visiting NSA guy, according
to the person who posted it. The frequent postings of the first rumor (prz
corrupted) to a.s.pgp look orchestrated to me... but then I'm a bit paranoid.
> distributing, etc... Makes you wonder huh... It's possible. Maybe he wrote in
> the PGP program a loophole in the encryption so that he could decrypt anything
No, doesn't make me wonder, no, it's not possible. Read the code -- it's
all free. If you don't read C, find somebody you trust to read it to you.
Read the math -- it's all been published and vetted by experts. Watch the
emerging analysis of IDEA; watch the factoring records and the amount of
time required for them. Don't trust the executables -- recompile it
yourself with a different compiler... they can't hack 'em all.
If you don't know anybody you trust to read code and compile for you,
you're not in a strong enough position to worry about your own security
anyway. Yes, that's elitist -- sue me. It's <your> security, so <you>
have to pay attention to the developments that affect it.
Jim Gillogly
1 Thrimidge S.R. 1994, 17:59