[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Scientology tries to break PGP - and fails?



> 
> News Flash!
> 
> According to an informed source, the so-called "church" of Scientology is
> trying to force Larry Wollersheim to give them his de-encryption code for
> PGP. 
> 
> Larry Wollersheim is the director of FACTNet, a Colorado BBS that 
> specializes in distributing information about religious cults - 
> especially the Church of Scientology.  Scientologists raided FACTNet 
> recently and seized its hardware and records recently, in a case that has 
> spread news of the Scientology wars all over the Internet.
> 
> Scientology has been in possession of Larry Wollersheim's computer 
> records for quite a while now - at least three weeks, I believe.  They 
> have been scanning it for what they claim to be "copyright violations."  
> Yet, their list of scanning criteria also includes a list of 34 names of 
> their critics and enemies, including a famous Netizen named "Rogue Agent."
> 
> Yet it seems that despite all their efforts to get what they want, they 
> can't break PGP - so they have to force Wollersheim to reveal the key.
> 
> Mr. Wollersheim has stated that he will go to jail before he reveals his 
> encryption key.
> 
> Please forward this note to all interested parties.
> 
> Call this one: BIG WIN FOR PGP!
> 
> For more information on Scientology's war against the Internet, read the 
> many Web pages set up to cover the story.  My own page, an "Introduction 
> to Scientology," is:
> 
> 	http://www.tiac.net/users/modemac/cos.html
> 
> It includes a link to the FACTNet Web page, as well as Ron Newman's 
> famous Web page: "The Church of Scientology vs. the Net."
> 

I took a look at the FACTNet web page.  There is a file encrypted with
PGP using the "-c" option.  They are asking for people to help guess
the Pass Phrase.  Why would anyone bother if they had no clue that the
file contained anything 'interesting'.

If this is the file that the Co$ is trying to crack, then what the
is being asked for is a pass phrase that can be handed to the Co$ that
will pass the PGP valid key check and still not decrypt the data to
anything usefull.

If Larry Wollersheim does have the valid key.  It would be a simpler
process to know what fake key to use and work it backwards through
the MD5 to arrive at an ascii string to produce the fake key.

Too bad this wouldn't be plausable for the secret ring.  Perhaps PGP
needs an option to specify the key in Hex and make the process easy.