[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP compromised?

To: holist <[email protected]>, [email protected]
Subject: Re: PGP compromised?
From: Bill Stewart <[email protected]>
Date: Mon, 23 Nov 1998 00:24:23 -0500
In-Reply-To: <[email protected]>
Sender: [email protected]

At 01:54 PM 11/22/98 -0800, holist wrote:
>I'm sorry if this is gnawing at old bones for you, but I recently heard from
>a rather paranoid, anonymous source here in Hungay that PGP was compromised,
>Zimmermann sold out to the Feds, all versions except possibly early DOS
>versions of PGP have back doors in them. 
>He is also claiming that the CIA have already provided the backdoor-key to
>PGP 5.0 to the Hungarian Secret Services. Is he being too paranoid, or what?

Pure disinformation.   It does have a few locally-customized twists to it.
As another poster said, you can get the source from www.pgpi.com,
check it out yourself, and compile it yourself.

There are some versions that have features allowing you to encrypt
data to multiple recipients, and some versions allow you to set this
with one or more recipients as the default (e.g. yourself,
or your corporate security officer.)  But you do not need to set this.

There are also some design bugs in the early DOS versions that make
them weaker than the later DOS versions or the newer versions,
so you don't want to use anything before 2.5 anyway.
				Thanks! 
					Bill
Bill Stewart, [email protected]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639

References:
- No Subject
  - From: holist <[email protected]>

Prev by Date: Re: Is Open Source safe? [Linux Weekly News]
Next by Date: update.403 (fwd)
Prev by thread: Re:
Next by thread: Re: your mail
Index(es):
- Date
- Thread