[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: a hole in PGP



DF> How is it "unscholarly, unprofessional, needlessly personal, and just
DF> plain insulting" to question the idea that hundreds of thousands of
DF> people are trusting their freedom to software that is probably not
                                                          ^^^^^^^^
  This is where you go too far. You have no basis for assigning such a
probability. While the incentives for releasing a crippled version are
there, the program has been subjected to intense scrutiny. As time goes
on, the failure to detect the kind of weaknesses you describe only
increases trust in the algorithms.

  But if you are paranoid, get a hold of one of the international
versions, use it to generate your keypairs, and then use MIT PGP to
encrypt and decrypt your communications. Nobody can know what version
you are using to make keys.

  Hell, if you are seriously paranoid, get the source code for key
generation, and compile your own stand-alone keymaker. Post it to some
.binaries thing via a remailer, and be happy that you foiled the
dastardly plot. And send a copy to me, while you're at it. With source.
I can compile my own from it that way.

  [Uh-oh. Sounds like "C'punks write code...."]



 * 
Everyone should have a cause.
I have a cause.
It's smut.








I'm for it
---
 * [email protected] *