-----BEGIN PGP SIGNED MESSAGE-----
Michael McMahon writes:
[Talks about real-time end-to-end encryption of user sessions on BBS's.]
It's not quite as sexy and "James Bond" as real-time end-to-end encryption,
but I think an easier approach to this would be to adopt the architecture of
the offline mail-reading programs that are available.
For the benefit of people unaccustomed to offline readers, these programs
collect up all of the unread messages, E-mails, and file descriptions from a
BBS, .ZIPs or otherwise packs/compresses the files, and then the user
downloads that "packet", and hangs up. The user then uses a program on her
local PC to read and reply to messages in that packet, dials the BBS again,
and uploads her responses.
I haven't fussed around with offline readers much, but I'll bet it'd be
pretty simple to add a step to the collection/.ZIP process, which would
encrypt the whole package with some prearranged key.
This would allow folks to use standard BBS programs, standard terminal
programs, and perhaps even standard offline readers. It should be pretty
simple from a programming standpoint, as well; it's perhaps implementable
with only batch commands. Yes, the "bad guys" will get to watch the user log
on and log off, and can read the menus and choices - but so what? It's
possible (easy, really) to encrypt all of the really interesting stuff.
- --
Greg Broiles greg@goldenbear.com
Golden Bear Consulting +1 503 465 0325
Box 12005 Eugene OR 97440 BBS: +1 503 687 7764
-----BEGIN PGP SIGNATURE-----
Version: 2.2
iQCVAgUBK8R3jH3YhjZY3fMNAQHDagP6AkE+8WrEtSOVNfBDiL6UYplI+TAihl66
IffYPilZ+b9Nxq2VHBF8aUYnX7duLRaivILQ7CPIRsNnKRq3DF5bljcvLY9B9VNn
3SSFSGJFQFYvakElcZPbCGhFbsLdmF8QNN97Z8Cdbx4fGYmj83brNidhHYNeXhpo
5Nk2+5W80mE=
=Yxdd
-----END PGP SIGNATURE-----
