[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
PRZ/PGP loses it
------- Forwarded Message
Date: Thu, 4 Dec 1997 15:02:44 -0500
From: [email protected] (Barry Skaggs-D26)
To: [email protected], [email protected]
Subject: IP: (OT) Cloud Over Future of PGP
Seems like the days of peer-reviewed encryption
software may be numbered. Just trust Us.
Regards,
Barry Skaggs
Cloud Over Future of Pretty Good Privacy
The Price of Key Recovery
Following Monday's US$35 million cash
acquisition of PGP by Network Associates,
the man who once testified before the
Senate that key recovery could "strengthen
the hand of a police state" now works for a
company that actively promotes it.
Reaction from e-privacy activists was swift
and harsh.
"The users of PGP can no longer rely on the
credibility of Phil Zimmermann to ensure that
the product is everything that they've been
promised it's been previously," said Dave
Banisar, attorney for the Electronic Privacy
Information Center and co-author of The
Electronic Privacy Papers
Network Associates, formerly known as
the Key Recovery Alliance, an organization
that lobbies Congress for key recovery that
would grant law enforcement agencies
back-door access to private encrypted
communications.
Network Associates and other companies
support key recovery because it would allow
them to export strong crypto software
without bothering to make a separate
nonrecoverable version for the domestic
market. The Commerce Department forbids
export of the strongest available encryption
without elaborate promises from
manufacturers to develop key recovery
features. Thus many companies are forced
to develop both export and domestic
versions of their software, each with
differing crypto strengths.
But Zimmermann, a pioneer of strong
encryption, has spent years crusading
against key recovery, calling it an invasion
of privacy. And the most recent release of
PGP's encryption software allows users to
disable key recovery.
"People should give their consent to use
[recovery]," Zimmermann said. When asked
whether future versions of the package will
retain that option, Zimmermann replied,
"Certainly, as long as I have anything to say
about it."
Zimmermann's new title at Network
Associates is "fellow," but he declined to
comment on exactly what authority and
responsibility that confers. Meanwhile, Phil
Dunkelberger, PGP's former president and
CEO, was named general manager of
Network Associates' Total Network
Security Division.
"It's going to take some time to figure things
out," said Zimmermann.
EPIC's Banisar was less diplomatic and
postulated that Zimmermann's new title
reflected a clash of values between him and
Network Associates on key recovery.
"We have a number of fellows here, and
they are usually unpaid volunteers," Banisar
said.
"It will require a fundamental examination by
human rights groups and others about
whether any newer versions of PGP are
truly trustworthy," said Banisar.
Network Associates could not be reached
for comment.
Wired, Dec. 3, 1997
**********************************************
To subscribe or unsubscribe, email:
[email protected]
with the message:
subscribe ignition-point email@address
or
unsubscribe ignition-point email@address
**********************************************
http://www.telepath.com/believer
**********************************************
------- End of Forwarded Message