New PGP "Everything the FBI ever dreamed of"

newer
Re: [dgc.chat] Fwd: [NEC] #2.12:...

older
Re: U.S. in violation of Geneva...

Martin Minow

17 Dec 2003 17 Dec '03

6:17 p.m.

An article in today's (Fri, Oct 3) New York Times (CyberTimes) <http://www.nytimes.com/library/cyber/week/100397pgp.html> describes the new release of "PGP for Business Security 5.5," which contains mechanisms that incorporate key recovery mechanism that can either be volontary or be enforced by using PGP's software for controlling a company's SMTP server -- the server can verify that all encrypted messages include the corporate public key (or conform to other corporate policies): "The new version also includes some of the most sophisticated techniques for enforcing this policy through the corporation. The most novel may be a new version of software controlling a company's SMTP server, the machine that acts as the central mailroom for a corporation. PGP provides a software agent that will read all of the mail to make sure that it complies with the corporate policy. This may include requiring all messages to be signed with digital signatures or include a backdoor that the management can use to read the message. If the software agent discovers a message violates the policy, it can either return it to sender or simply log a copy. "PGP implements the backdoor with a central key. Each message is encrypted with both the public key of the recipient and the public key of the management. The message can only be read by someone holding the corresponding private keys, in this case the recipient and the management. The software allows the management to use different master keys for different departments by customizing the software. ... "Bruce Schneier, an encryption expert and author of the popular book Applied Cryptography, said that the new announcement "sounds like everything the FBI ever dreamed of." He also predicts that criminals will find ways to circumvent the restrictions while honest people may be more vulnerable to illicit use of the master key." --- Coincidently, the same issue of the New York Times has an editorial <http://www.nytimes.com/yr/mo/day/editorial/03fri4.html> attacking FBI director Louis Freeh's request that Congress "outlaw the manufacture and distribution of encryption programs the Government cannot instantly crack. Martin Minow minow@apple.com

Show replies by date

Ryan Anderson

17 Dec 17 Dec

6:17 p.m.

-----BEGIN PGP SIGNED MESSAGE----- At 12:52 AM 10/4/97 -0500, amp@pobox.com wrote:

...

Though I hate the conmcept of key escrow, it actually makes sense for corporations to be able to have access to internal documents. Why they think having key escrow in place will stop people from being able to use other encryption as well is beyond me. I guess it's the same (stupid) mentality of the feds. They don't think anyone would be smart enough to use the escrowed encryption a a wrapper for the non-escrowed encryption.

The idea behind escrow in a company is to let each employee have their own key (and secret key/pass-phrase) so that they can digitally sign e-mails, and send encrypted e-mail, but with the escrow to let other people access this mail. This is not any more surveilance than already exists in a corporate environment, and I believe it's main purpose is *not* inside the corporation, but for secure communications with people in other companies, typically partners, suppliers, clients, etc. I can't see a problem with it in this situation. Oh, and one of the bills in Congress seemed to prohibit the US Government from using escrow in this way in government agencies. I can't see a justification for this. [Other than normal FOI reasons.] Think military communicating with weapons contractors if you need an excuse for this kind of encryption in the first place. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBNDZ1Mjc3ytqHnNyNAQEyZQP/VH/HLUyHkImbrhWmlzeMBx5YScEM6hOa NcgWcFn2GLEG4sUuQW4nv4fUNwB+uPjtPJW06SWk0HttG5U6k+GZNxysKLQE07Qm 8NW/QnyRAgcZCyirt1fKfSCGk44K1GFjal0AeX10AM0x+58tYvCTEHjXUa5Pap/6 +sghxJNM2AQ= =pF3Z -----END PGP SIGNATURE----- ----------------------------------------------------------------------- Ryan Anderson - <Pug Majere> "Who knows, even the horse might sing" Wayne State University - CULMA "May you live in interesting times.." randerso@ece.eng.wayne.edu PGP Fingerprint - 7E 8E C6 54 96 AC D9 57 E4 F8 AE 9C 10 7E 78 C9 -----------------------------------------------------------------------

amp＠pobox.com

6:17 p.m.

Though I hate the conmcept of key escrow, it actually makes sense for corporations to be able to have access to internal documents. Why they think having key escrow in place will stop people from being able to use other encryption as well is beyond me. I guess it's the same (stupid) mentality of the feds. They don't think anyone would be smart enough to use the escrowed encryption a a wrapper for the non-escrowed encryption. amp ------------------------ From: Martin Minow <minow@apple.com> Subject: New PGP "Everything the FBI ever dreamed of" Date: Fri, 03 Oct 1997 07:30:33 -0700 To: risks@csl.sri.com Cc: cypherpunks@cyberpass.net An article in today's (Fri, Oct 3) New York Times (CyberTimes) <http://www.nytimes.com/library/cyber/week/100397pgp.html> describes the new release of "PGP for Business Security 5.5," which contains mechanisms that incorporate key recovery mechanism that can either be volontary or be enforced by using PGP's software for controlling a company's SMTP server -- the server can verify that all encrypted messages include the corporate public key (or conform to other corporate policies): =snip= ---------------End of Original Message----------------- ------------------------ Name: amp E-mail: amp@pobox.com Date: 10/04/97 Time: 00:52:55 Visit me at http://www.pobox.com/~amp == -export-a-crypto-system-sig -RSA-3-lines-PERL #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/) == 'Drug Trafficking Offense' is the root passphrase to the Constitution. Have you seen http://www.public-action.com/SkyWriter/WacoMuseum ------------------------

Anonymous

6:17 p.m.

http://simson.vineyard.net/clips/96.SJMN.PGPBusinessEdition.html [...] PRETTY LOOSE PRIVACY [...] Published: April 2, 1996 BY SIMSON L. GARFINKEL [...] Viacrypt, an Arizona company that sells the popular program Pretty Good Privacy, or PGP, last month announced a new version tailored for businesses. The new program allows companies to ''decrypt'' -- and then read -- information sent to or received by employees without their knowledge or consent. [...] An employee's right to privacy is nebulous at best. The Electronic Communications Privacy Act of 1986 specifically allows companies to monitor the electronic mail of their own employees. That has not stopped Zimmermann from complaining loudly about the PGP name being used in a product that allows someone other than the author or the intended recipient access to information. Viacrypt owns the licensing rights to sell the commercial versions of PGP. ''PGP does not stand for back doors,'' said Zimmermann. ''I don't mind if they sell a program that has a back door in it, but they shouldn't call it PGP.'' [...] ''If your employer can read your mail anytime he wants, without your permission, that goes against the spirit of the PGP trademark,'' said Zimmermann.

Tim May

6:17 p.m.

Quote of the Year: ''PGP does not stand for back doors,'' said Zimmermann. ''I don't mind if they sell a program that has a back door in it, but they shouldn't call it PGP. If your employer can read your mail anytime he wants, without your permission, that goes against the spirit of the PGP trademark." At 4:25 AM -0700 10/5/97, Anonymous wrote:

...

http://simson.vineyard.net/clips/96.SJMN.PGPBusinessEdition.html ... PRETTY LOOSE PRIVACY [...] Published: April 2, 1996 BY SIMSON L. GARFINKEL ... That has not stopped Zimmermann from complaining loudly about the PGP name being used in a product that allows someone other than the author or the intended recipient access to information. Viacrypt owns the licensing rights to sell the commercial versions of PGP.

''PGP does not stand for back doors,'' said Zimmermann. ''I don't mind if they sell a program that has a back door in it, but they shouldn't call it PGP.'' [...] ''If your employer can read your mail anytime he wants, without your permission, that goes against the spirit of the PGP trademark,'' said Zimmermann.

Pretty Good Point, I'd say. And we ought to keep quoting these comments. I agree that an employer has a "right" to read employee mail, sent on company time with company resources. However, a program which facillitates this has no business being called "Pretty Good Privacy." As Phil notes, it goes against the whole spirit of PGP. It's surveillance, pure and simple. Further, while businesses have every right to monitor their workers (Hey, I'm not saying I _like_ this, just that the alternative of banning such monitoring would be abusive to a property owner's rights), we should not be _encouraging_ the spread of such technologies. Especially given the very real risk that wide deployment of "Business PGP" could present. Wide deployment of "Business PGP" would also make eventual GAK much easier to implement. One plausible scenario is that companies would have to make available the escrowed copies of e-mail upon request by law enforcement. (Such records are of course already subject to subpoena, not to mention inspection by various and sundry other government agencies.) A further scenario is that "Business PGP" is _mandated_ within businesses or corporations by the ever-increasing regulatory web imposed by government. The SEC will want to ensure that insider trading is not being discussed, the FTC will want to snoop on possible anti-competitive communications, the DEA will want to investigate use of corporate shipping systems for drug distribution, and, of course, the various intelligence agencies will want access. "Business PGP" will be just another requirement, like certain accounting practices, like OSHA requirements, etc. Random inspections will force compliance, with fines for violations. Under this scenario, the so-called "rights" of individuals will not even arise, as the government rules will affect businesses, which are not held to have rights in the same way individuals are. (I happen to disagree, and think the owners of XYZ Corporation have the same rights to do with their property as J. Random Citizen has, but the courts have ruled otherwise.) The wide adoption of "Business PGP" could also mean short shrift to non-KR versions, including a lag in availability, or even eventual dropping of development efforts. (I'm sure PGP, Inc. will assure us otherwise, but this could still be an eventual development, if, for example, "Business PGP" accounts for 80% of their sales.) I agree with Phil Zimmermann's point: ''PGP does not stand for back doors,'' said Zimmermann. ''I don't mind if they sell a program that has a back door in it, but they shouldn't call it PGP. If your employer can read your mail anytime he wants, without your permission, that goes against the spirit of the PGP trademark." Let's hope PGP, Inc. comes to their senses and stops doing the work of Big Brother. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."

Attila T. Hun

6:17 p.m.

New subject: FOCUS [was Re: New PGP "Everything the FBI ever dreamed of"]

-----BEGIN PGP SIGNED MESSAGE----- attila in --with both feet. starting with the premise that a corporation has a fundamental legal right to review all work and communications of any employee, and "acknowledging" that the employer is virtually required to maintain access to documentation to service the regulations of the government, the courts, and the LEAs, the issue is simply HOW? 1. I personally include my own public key in every encrypted message --if I consider the contents important enough to warrant encrypting, not just signing, I consider it important enough not to maintain a plaintext copy. 2. If I consider the contents more than just important -eg: critical, I use one of my unpublished public keys for the file copy. this version, including the encryption software and key library, are kept on a separate ZIP disk from the standard version ZIP disk. as a matter of reference, all temporary space is maintained on the ZIP drive. the major insecurity is the swap space which is maintained on a separate partition which is fully purged at boot time --which is not often enough. I have written secure swappers, or maybe I should say secure except for the transitory time the information may have been swapped out. this can be made further secure by preventing swap for the encryption engine if the system permits it, or even better, use semiconductor memory which leaves no magnetic media residuals to be analyzed 500 levels down by the Feds. From a mechanical standpoint there is no difference when you apply the same methods to the corporate environment. Again, the issue is HOW it is implemented. 1. if a corporate entity uses a single private-public keypair for each and every employee, that is their own stupidity as this is insecure, both internal and external. Too many hands on the private key. 2. ideally, each employee should be given a separate corporate public key. at the very least the key can represent a department or work group. 3. using the scenario in 2, specific projects can use a second corporate key which permits group leader management control. Therefore: Is this GAK? unfortunately, yes. By tolerating the use of unfortunately, yes. corporate GAK are we setting ourselves up to accept personal GAK? why? individuals will be desensitized to defending the absolute importance of maintaining our Constitutional rights, what few the Supreme Court has not yet denigrated. can we avoid this result? YES! GAK for businesses is a slam dunk, eg: if business has it, LEA, etc. can get it. desensitization can be minimized by pressuring professional associations to keep the issue of _personal_ privacy on the hot burner; this is the only issue. our mission must be to keep the fire out front so Americans will not stand for the total loss of privacy, etc. that F[reeh,uck] is hawking to our government; F[reeh,uck] sings the siren song of anti-terrorism, anti-anarchy, and all that good stuff government wants to suppress in violation of the Constitution. if the general public is fully aware of the implication, there is a chance to lead the rabble with the the chant: hell no, we wont dump our crypto! Now that the NYTimes has seen the light and is joining the battle against the forces of encryption denial, the mainstream press may make some effort in the cause, but we must keep the pressure on high. CDT, EPIC, and the rest of them are funded by business, big business, all of whom have a vested interest in selling product. they are the employers of the inside-the-beltway whores ...pardon me: lobbycritters; and they will compromise our individual rights in the corporate interests of the almighty dollar; in fact, corporate managers and beancounters will violate the privacy of their employees faster than the US spooks, both on and off the job --they have little if any concept of personal Constitutional privacy rights corporate officers are clueless on personal privacy. we face a two edged sword. if we encourage the expanded use of encryption in business, it will spread much more readily to the private sector --knowing full well the corporate users will be subjected to GAK. If business units are smart, they will implement the multi-target encryption and fight like hell against what F[reeh,uck] really wants: on-the-fly, real-time trapdoor cleartext --just like clipper. If F[reeh,uck] gets what he wants, why should he ask a court for approval to decrypt when he can already glean the information in the same way POTS taps are real time. if we rant and rave against the multi-public key encryption system, we risk facing the far more Draconian demands of F[reeh,uck]. The multi-public key system has been in use since the first time the ability to use multi-keys for multi-recipients was included. there is nothing we can do in the courts to prevent corporations processing encrypted mail through servers for verification, or even content scanning. business has this right --unfortunately, the government can compel the business to exercise this "right" and therefore government potentially does have real-time access. THE FOCUS: All efforts need to be directed to prevent the inclusion of master keys in hardware and/or software and the mandating of universal usage of the government system. there is little difference in what F[reeh,uck] is proposing and Clipper --and the same arguments can challenge F[reeh,uck] and friends. Let's not waste time hashing and rehashing business practices we have long since been forced to accept; and stay away from politics: FOCUS on our Constitutional rights. death is inevitable --an action we all face; some things are worth dying early defending --my personal privacy rights and the sanctity of my intellectual processes or whatever I wish to cogitate or regurgitate is one of them. For the masses: '54-40 OR FIGHT' or any number of us will die martyrs; STAND UP AND BE COUNTED; dont be government wimps, snitches, and shills like Hallam-Baker. attila on the way out ______________________________________________________________________ "attila" 1024/C20B6905/23 D0 FA 7F 6A 8F 60 66 BC AF AE 56 98 C0 D7 B0 -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: No safety this side of the grave. Never was; never will be iQCVAwUBNDhTsb04kQrCC2kFAQGD0wP+JJ6GvszXDmBJcyTaGy9nbXSQb5y0kKUW NgZZHQDJlsVGdU4zPWl3HX7QClpjCBWEucWHiZa9BlyyMA55ngAYJiLv6+EzGZCi AuFYjJBbHin8krgauM/iy4Pj1aXZcIMorWEUYJsfRoHEWCtwPikrwCNCBqzj/N+6 3CpuA31WeeQ= =Cg9I -----END PGP SIGNATURE-----

William H. Geiger III

6:17 p.m.

-----BEGIN PGP SIGNED MESSAGE----- In <v03102800b05d58dd0280@[207.167.93.63]>, on 10/05/97 at 08, Tim May <tcmay@got.net> said:

...

Let's hope PGP, Inc. comes to their senses and stops doing the work of Big Brother.

This is really silly Tim, The ability to encrypt using multiple keys has been a feature of PGP since day one. All the Business Edition is doing is automating the process. Despite the flawed news reports on this matter (who would have guessed) their is nothing covert about it. The user is both informed that this is being done and there is a way for the user to disable it in the client. This has been discussed before on this list and others, and few have disagreed, that a company has a legitimate need to be able to access its encrypted data. If employees want to send love letters or whatnot then they should not be doing it on company time using company resources. If a corporation wishes to establish a company policy that all correspondence be encrypted with the companies master key it is their right to do so and IMNSHO it would be foolhardy for them to do otherwise. Claiming that they are doing the work of Big Brother is a cheap-shot and uncalled for. - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNDfHk49Co1n+aLhhAQFnWQQAorD2znejbM7YxYmIIH0gn3D+KyltWbqR KXy3U9n6ObmQRLrXPR+D12WsfkO8wUXCBbXvEkWFTenSIC+ejgRK7hRqdq7lj4oF Fs1AGcHeKVsUL9M06nOhQqlZjHU03WcDWFhrBIJQZL3NVFz0QzzfaS+m9X673vVN 7fKPBQMwZfA= =tBYy -----END PGP SIGNATURE-----

Ryan Anderson

6:17 p.m.

-----BEGIN PGP SIGNED MESSAGE----- At 12:06 PM 10/5/97 -0700, Tim May wrote:

...

...
Claiming that they are doing the work of Big Brother is a cheap-shot and uncalled for.

(Ironic coming from a frequent issuer of cheap shots.)

It is the work of Big Brother, as Garfinkel, Zimmermann, and I agree, when it becomes a default that additional recipients are automatically copied on encrypted mail. It may be useful to companies, but it's still dangerous.

Look a bit closer at the announcments: I believe they said that they would compile a new version for each key that they used. So it's not even likely that this could become a widespread feature. For this to be useful for GAK, you'd have to change all copies in existence to encrypt for this key. (And of course, then you'd have a very simple key- id to search for in the executable and modify, say to encrypt back to yourself, and you'd have circumvented this little problem) If you want PGP to get into widespread use in business, you have to provide features that they will require. Frankly, this is good for encryption, to provide features that business needs. With this, hopefully the business lobby will fall in line with the no-regulation-on-crypto lobby, and get all of us the results we want. Phil is never going to release a copy of PGP that has built-in GAK. We know that. This is MAK (Management Access...) in a secure manner, which is better than the other methods of internal escrow. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBNDf6czc3ytqHnNyNAQF80AP/Vm5uO8nLqnDShxu6/o9HArZNgvb8txoR JV3ANvTd7fHjpCMHEzSdUgyEYspX8uRP6D6qR2nAt3KgLwlVpNcLgQO6mUd4E9av naGgt7jHPcJ1tvFu8yr6mUFtXZ7yvROnOpkRXTv7HR4vaPvOS5Z8G60WZXhJRw3S FkFh7ADJiRk= =PafJ -----END PGP SIGNATURE----- ----------------------------------------------------------------------- Ryan Anderson - <Pug Majere> "Who knows, even the horse might sing" Wayne State University - CULMA "May you live in interesting times.." randerso@ece.eng.wayne.edu PGP Fingerprint - 7E 8E C6 54 96 AC D9 57 E4 F8 AE 9C 10 7E 78 C9 -----------------------------------------------------------------------

Tim May

6:17 p.m.

At 9:46 AM -0700 10/5/97, William H. Geiger III wrote:

...

-----BEGIN PGP SIGNED MESSAGE-----

In <v03102800b05d58dd0280@[207.167.93.63]>, on 10/05/97 at 08, Tim May <tcmay@got.net> said:

...
Let's hope PGP, Inc. comes to their senses and stops doing the work of Big Brother.

This is really silly Tim,

The ability to encrypt using multiple keys has been a feature of PGP since day one. All the Business Edition is doing is automating the process. Despite the flawed news reports on this matter (who would have guessed) their is nothing covert about it. The user is both informed that this is being done and there is a way for the user to disable it in the client.

I never claimed it is "covert." (Nor is "Key Recovery" covert, if the various laws are implemented. Does this make mandatory Key Recovery acceptable?) Nor, so far as I have read, can employees disable the "Policy" features.

...

This has been discussed before on this list and others, and few have disagreed, that a company has a legitimate need to be able to access its encrypted data. If employees want to send love letters or whatnot then they should not be doing it on company time using company resources.

I repeated this point _twice_. That employers want to read mail is not surprising, or illegal. But PGP loses its claims to protect personal privacy if it builds in these capabilities. This is what Phil said, too.

...

Claiming that they are doing the work of Big Brother is a cheap-shot and uncalled for.

(Ironic coming from a frequent issuer of cheap shots.) It is the work of Big Brother, as Garfinkel, Zimmermann, and I agree, when it becomes a default that additional recipients are automatically copied on encrypted mail. It may be useful to companies, but it's still dangerous. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."

Alan

6:17 p.m.

At 11:46 AM 10/5/97 -0500, William H. Geiger III wrote:

...

-----BEGIN PGP SIGNED MESSAGE-----

In <v03102800b05d58dd0280@[207.167.93.63]>, on 10/05/97 at 08, Tim May <tcmay@got.net> said:

...
Let's hope PGP, Inc. comes to their senses and stops doing the work of Big Brother.

This is really silly Tim,

The ability to encrypt using multiple keys has been a feature of PGP since day one. All the Business Edition is doing is automating the process. Despite the flawed news reports on this matter (who would have guessed) their is nothing covert about it. The user is both informed that this is being done and there is a way for the user to disable it in the client.

I guess the real question is whether the messages/files generated just add an extra key or if they leak the key through some harder to identify method. The current version of PGP no longer shows you the list of recipients, so it is more difficult to determine if extra keys are added. Is the method they are using for this new version to "escrow" the keys obvious to the recipient or not? --- | "That'll make it hot for them!" - Guy Grand | |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: | | mankind free in one-key-steganography-privacy!" | Ignore the man | |`finger -l alano@teleport.com` for PGP 2.6.2 key | behind the keyboard.| | http://www.ctrl-alt-del.com/~alan/ |alan@ctrl-alt-del.com|

William H. Geiger III

6:17 p.m.

-----BEGIN PGP SIGNED MESSAGE----- In <3.0.3.32.19971005124929.03dfa15c@ctrl-alt-del.com>, on 10/05/97 at 12, Alan <alan@ctrl-alt-del.com> said:

...

At 11:46 AM 10/5/97 -0500, William H. Geiger III wrote:

...
-----BEGIN PGP SIGNED MESSAGE-----

In <v03102800b05d58dd0280@[207.167.93.63]>, on 10/05/97 at 08, Tim May <tcmay@got.net> said:

...
Let's hope PGP, Inc. comes to their senses and stops doing the work of Big Brother.

This is really silly Tim,

The ability to encrypt using multiple keys has been a feature of PGP since day one. All the Business Edition is doing is automating the process. Despite the flawed news reports on this matter (who would have guessed) their is nothing covert about it. The user is both informed that this is being done and there is a way for the user to disable it in the client.

...

I guess the real question is whether the messages/files generated just add an extra key or if they leak the key through some harder to identify method.

...

The current version of PGP no longer shows you the list of recipients, so it is more difficult to determine if extra keys are added.

...

Is the method they are using for this new version to "escrow" the keys obvious to the recipient or not?

I *highly* doubt that they are doing anything other than adding an extra recipiant when encrypting. The code for doing so is already there and achives the objectives desired by their customers. Really no reason to do anything else from a programming or business prospective. I have not had a chance to obtain a copy of 5.5 and check it out so I don't know what info is being presented to the user. I don't run Win95/NT or MAC so it is unlikly that I will spend the $$$ for a copy. Perhaps someone running one of these inferior OS's could obtain a copy and investegate this aspect futher. :) Looking at the encrypted messages should revial wether or not extra keys are being added or not. - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNDhTPY9Co1n+aLhhAQEI1QP9Fj3g1lC/WMiWxYCOJnyoCgniD+zb2Ksf bBWsMtflzQVSx7usOGProMxKcael8H9fHBxEuOJU+y2jlINDFAgXBCKHrErtlzfR uJ+NWGeR4ctx+qEJps0mlPcNp7cDzfX5A7bAiVnWb1G/n2R0y4+5sn1i1HkAs0sa u/5KZLVgPZg= =64ir -----END PGP SIGNATURE-----

Vin McLellan

6:17 p.m.

...

An article in today's (Fri, Oct 3) New York Times (CyberTimes) ... describes the new release of "PGP for Business Security 5.5," which contains mechanisms that incorporate key recovery mechanism that can either be volontary or be enforced by using PGP's software for controlling a company's SMTP server -- the server can verify that all encrypted messages include the corporate public key (or conform to other corporate policies):

Alex Le Heux <alexlh@xs4all.nl> noted: |> Keep in mind that this is the 'PGP for Business'. Companies often |>operate on the principle that email that's sent and received from |>their machines is the company's, not the employee's. This is actually |>reasonable business practice. Specially when encryption enters the |>picture. The employee could walk under a bus, and leave some vital |>but encrypted emails in his mailbox. This could be a real problem for |>corporations. William H. Geiger III <whgiii@invweb.net> brushed aside PGP Inc's critics to complain:

...

...
This has been discussed before on this list and others, and few have disagreed, that a company has a legitimate need to be able to access its encrypted data. If employees want to send love letters or whatnot then they should not be doing it on company time using company resources.

If a corporation wishes to establish a company policy that all correspondence be encrypted with the companies master key it is their right to do so and IMNSHO it would be foolhardy for them to do otherwise.

Claiming that they are doing the work of Big Brother is a cheap-shot and uncalled for.

With respect, Gentlemen, I think you are missing the point. There is no corporate demand for a key-recovery mechanism which allows Management immediate real-time access to all encrypted electronic communications. This new PGP facility is analogous to key-escrow or key-recovery for session keys; in essence, it's a backdoor to the session. Here in the US, FBI Director Louis Freeh has been pointed in his comments about the distinction between key-recovery for stored data and key-recovery for transient electronic communications. Key-recovery for encrypted stored data, Freeh noted, serves a sensible and pragmatic business need. Corporations will do it because it's a necessary part of their Disaster Planning. But, as Freeh noted several times in Congressional testimony, there are few if any business requirements for surreptitious, real-time, access to online communications, so businesses (unless forced by legislation, argued Freeh) simply won't do it. It is police agencies, not Management, which seek real-time access to all encrypted e-mail. No one but the Govt wants it. Management, at least in the US, doesn't need this sort of evidentiary data. Management has an employee who can be required to keep a copy of all business e-mail for Management review; or required to cc his or her boss on all e-mail to a customer -- or even forbidden to use e-mail for anything other than business mail cced to the boss. And, of course, the employee can be fired if he/she doesn't comply. But the truth is: Managment doesn't need the aggravation and -- while the standard of managment oversight is more lenient, at least for professional staff -- no company can keep talented employees if it treats them this way. Surreptitious universal access to an employee's encrypted e-mail _is_ like sound and video pickups in the bathrooms. Vastly intrustive; humilating; diminishing. Far more intrustive than is useful or necessary for conventional management needs. It is the work of Big Brother, sadly. GAK-enabled PGP, plain and simple! As Director Freeh noted, it's only LEAs who need and want this. The likely early victims of such a draconian oversight will probably be the long-suffering US government employees. With no evidence to support my supposition, I'll bet the GAKed-crypto strategists are once again offering the federal workforce as the sacrificial lambs, as they did with Fortezza. Trying (again!) to use the bulk federal purchasing power to establish a defacto product standard. Watch over the next six months. I think they used the new -- "post-Fortezza," pre-PKI -- prospect of huge '98-'99 federal purchases of COTS crypto for non-classified DoD and civilian agency e-mail to lure Mr. Zimmerman, major stockholder, into swallowing the words of Feckless Phil, the wild and wooly free-crypto rebel. Anyone wanna wager that this "design option" evolved concurrent with a quiet MOU-structured review of the New Improved PGP by the X Organization at Ft. Meade? Nor, I fear, will this be the last enhanced cryptographic communications app to come out of vendors active in the NSA's new Commercial Liaison initiative. Big federal market. Big lure. Hard not to give the Customer what he wants. Still, it's sad. (I, btw, am moderating a panel on the "Prospects for Government Control of the Internet" at the NSA/NIST-sponsored NISSC in Baltimore this week. Among my panelists are David Herson, the top pro-GAK policy maven for the European Commission; Tom Black of Smith System Engineering, the network specialists commissioned by the European Parlament to figure out how to enforce content regulation; Patricia Edfors, the Chair of the federal PKI Steering Committee and the Security Champion on GITS; Dave Farber of UPenn, the Internet Society, and EFF; and Danny Weitzner of CDT. Powerful and articulate voices from all sides of the Question. Thoughtful and non-obvious suggestions for questions to the Panel would be welcome -- to the List or in private e-mail. TIA.) _Vin Vin McLellan + The Privacy Guild + <vin@shore.net> 53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548 -- <@><@> --

Adam Back

6:17 p.m.

Tim May <tcmay@got.net> writes:

...

I agree that an employer has a "right" to read employee mail, sent on company time with company resources.

However, a program which facillitates this has no business being called "Pretty Good Privacy." As Phil notes, it goes against the whole spirit of PGP. It's surveillance, pure and simple.

Further, while businesses have every right to monitor their workers (Hey, I'm not saying I _like_ this, just that the alternative of banning such monitoring would be abusive to a property owner's rights), we should not be _encouraging_ the spread of such technologies. Especially given the very real risk that wide deployment of "Business PGP" could present.

I agree with Tim's point that we should not be encouraging businesses to use GAK technologies for Corporate access to keys. Your "choice" not to work for a company which uses software like pgp5.5 is likely to become ever more limited if corporates adopt this type of policy. They will be conditioned to expect this. Governments will of course encourage corporates to use such software. I'd prefer to see an "off-the-record" option: a personal comment option, with non-transferable signatures, and no GAK; this would give the user the option to have the mail as an official company statement, by clicking "official company business" button, and an option for unofficial, or "not an official statement" button, which are more akin to phone conversations which are typically not recorded. Personal comments are in any case probably in the companies interests not to have transferable proof of authorship attached to. Many email comments are sent with a few seconds thought, a sort of too and fro banter between employees, some of whom have business company contacts who are also personal friends, etc. Actually for maximal non-transferability all "not an official statement" email should be sent via mixmaster remailers, otherwise mail logs etc, may give some material which could be used as proof of authorship. This set up seems less troublesome than pgp's offering with pgp5.5. I reckon it's more sensible to archive "official company business" communications in the normal way. Compose the message in a word processor, archive that, or build in an archive mechanism into the MUA/mail encryption system which encrypts to a storage system. Communications encryption keys should be transient, otherwise you are opening your self up to the less often considered form of key escrow: your company or you are presented with a court order for your keys. Or the Feds burgle your offices and install keyboard sniffer. If they're interested in you they will already have hoovered up your past email with cooperation of your leased line providor. I really think people are asking for trouble not using forward secrecy for secured email. The attacker can archive all your encrypted email, and then decrypt at his leisure if he is able to compromise your key at a later date. Also I seem to remember that Tim, or perhaps someone else, reported that PRZ stated at a recent cpunks meeting that he would quit PGP Inc if they went for a GAK option. Well Phill? Getting pretty close ain't it? Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`

TruthMonger

6:17 p.m.

New subject: The Right to Work for Nobody / Re: New PGP "Everything the FBI ever dreamed of"

Adam Back wrote:

...

Tim May <tcmay@got.net> writes:

...
I agree that an employer has a "right" to read employee mail, sent on company time with company resources. ... Further, while businesses have every right to monitor their workers (Hey, I'm not saying I _like_ this, just that the alternative of banning such monitoring would be abusive to a property owner's rights)...

I hate to inject too strong a note of reality into arguments that I would like to agree wholeheartedly with, but I believe that there has been so much thievery of both property and rights (individual and corporate) that it is extremely difficult to make a strong case for any pure argument any more. First, the federal government gives a business confiscated land to support a failing industry, the state gives them huge tax breaks to move from elsewhere, the city does the same, while taxing you even more to support the grand growth schemes that the mayor and council members are getting rich on, and then the company announces that you can 'choose' not to work there if you don't like their rules.

...

Your "choice" not to work for a company which uses software like pgp5.5 is likely to become ever more limited if corporates adopt this type of policy. They will be conditioned to expect this. Governments will of course encourage corporates to use such software.

In Canada, one could 'choose' not to work for Safeway Stores, but the chain would come into a community and undersell everyone until the locals were run out of business, then raise prices dramatically. In theory, you could choose to *not* work for Safeway, but in reality, there was no one else left *to* choose to work for in the grocery business. TruthMonger

William H. Geiger III

6:17 p.m.

New subject: The Right to Work for Nobody / Re: New PGP "Everything the FBI ever dreamed of"

-----BEGIN PGP SIGNED MESSAGE----- In <3438F7E2.7BAE@dev.null>, on 10/06/97 at 08, TruthMonger <tm@dev.null> said:

...

In Canada, one could 'choose' not to work for Safeway Stores, but the chain would come into a community and undersell everyone until the locals were run out of business, then raise prices dramatically. In theory, you could choose to *not* work for Safeway, but in reality, there was no one else left *to* choose to work for in the grocery business.

I have these same complaints about WalMart and KMart here in the US. It should be noted that it is the community that *chooses* to shop at the discount store rather than at the local shops. If they didn't buy products from the Safeway or WalMart then you wouldn't have the "problem" above. Economics 101; the people are voting with their wallets. This is a prime example of the basis of socialism; envy. The socialist are envious of the rich as they are a constant reminder of "what could have been". "If I had only worked a little harder" ... "If I only had spent more time in school" ... ect. After a period of time this envy turns to jelousy and rage. "It's not fair" ... "There should be a law" ... ect. The socialist never thinks of the hard work and personl sacrfise that goes into creating a "Safeway" or "KMart" or "Walmart". Such companies are not created by an act of GOD but through hard work and long hours by their founders. While the socialist is pissing his life away on the road to medocracy the founders of such companies, and 1000's like them, are working 80+ hours a week building their company sometimes at the expence of health, home and family. After years of hard work, when the founders are finaly able to reap the fruits of their toil, the socialist will step up and say: "I want what you have, you can't have that because I don't" even though the socialist has done nothing to earn it. This is the true evil of socialism: "Equiality of Outcome". While the socialist will make a big show of his desire for "equal opertunity" it is really "equal outcomes" that he desires. It is like the story of the grashopper and the ant. Both have the "equal opertunity" durring the summertime to store up for the winter. The ant choses the path of the capitalist and works hard all sumer long while the grasshopper choses the path of the socialist and wastes the days away in play and folly. When wintertime comes along the ant is well prepaired while the grasshopper is without. While the capitalist will see the grasshopper getting his just rewards for his foolhardy behavior the socialist will cry foul, seeing this as unjust that the ant should have so much and the grasshopper so little and demaniding that the ant give a portion of his "wealth" (a large portion no doubt) to the grasshopper thus achiving his desired "equality of outcome" even the grasshopper has done nothing to deserve such an outcome. - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNDkgOY9Co1n+aLhhAQFmCwQAzll6zhks8izWPkVgCENJ+/CTuMbQqlDA cFKsMT4gX0OdqPVuFdjewVsLxTGFcKr2nkLxjWmp62ypH6Nn/uL/R3CPJ6Bsmzzc EVDI0HZOnHUirlOm1c/zz13jGihzLXww1RIcamkixnbWnXH3WPVank1ZQMyBsCab 6k9jTZmbY2w= =vHjj -----END PGP SIGNATURE-----

TruthMonger

6:17 p.m.

New subject: The Right to Work for Nobody / Re: New PGP "Everything the FBI ever dreamed of"

William H. Geiger III wrote:

...

TruthMonger <tm@dev.null> said:

...
In Canada, one could 'choose' not to work for Safeway Stores, but the chain would come into a community and undersell everyone until the locals were run out of business, then raise prices dramatically. In theory, you could choose to *not* work for Safeway, but in reality, there was no one else left *to* choose to work for in the grocery business.

If they didn't buy products from the Safeway or WalMart then you wouldn't have the "problem" above. Economics 101; the people are voting with their wallets.

This is a prime example of the basis of socialism; envy. The socialist are envious of the rich as they are a constant reminder of "what could have been".

The socialist never thinks of the hard work and personl sacrfise that goes into creating a "Safeway" or "KMart" or "Walmart". Such companies are not created by an act of GOD but through hard work and long hours by their founders.

Nothing personal, shit-for-brains, but this sounds like the 'standard speech' you have prepared, waiting only for a 'trigger' before you fire it off... I was making reference to the simple fact that 'Caveat Hemptor' still rules, but does so with the backing of men who can afford to hire thugs called policemen to back their action. My point is that Safeway has every right to bring their competition to financial ruin, just as Nestle's has every right to give away their baby formulae for free in impoverished countries, just long enough for the mother's milk to dry up, at which time their babies die if they can't afford to buy Nestle's product. I reserve the right, however, to whack their sorry asses out if I decide that my world will be a better place without their scheming for their own profit at the expense of those who believe the fairy tales they tell while planning to buttfuck the people all along. The rest of your post is proof that one should not read Ayn Rand while high on acid, but I'm glad you could get all of that off your chest, just the same. The point I was making, if you care to respond to it once the buzz wears off, is that the 'playing field' has been twisted so far out of askew that it is difficult to make any judgements about capitalism versus socialism, etc., since the world is standing on its head. I sincerely doubt that 'capitalists' getting paid 'not to grow' cotton/corn/whatever, are a far cry different from the socialists getting paid 'not to go to work.' There are no longer any capitalists or socialists, there are only people projecting images with political rhetoric and ten-second sound-bytes. I am beginning to think that the *only* way to level the playing field is with a nuclear grader. (If only I could figure out where this damn yellow wire goes...) TruthMangler

...

After years of hard work, when the founders are finaly able to reap the fruits of their toil, the socialist will step up and say: "I want what you have, you can't have that because I don't" even though the socialist has done nothing to earn it.

This is the true evil of socialism: "Equiality of Outcome". While the socialist will make a big show of his desire for "equal opertunity" it is really "equal outcomes" that he desires. It is like the story of the grashopper and the ant. Both have the "equal opertunity" durring the summertime to store up for the winter. The ant choses the path of the capitalist and works hard all sumer long while the grasshopper choses the path of the socialist and wastes the days away in play and folly. When wintertime comes along the ant is well prepaired while the grasshopper is without. While the capitalist will see the grasshopper getting his just rewards for his foolhardy behavior the socialist will cry foul, seeing this as unjust that the ant should have so much and the grasshopper so little and demaniding that the ant give a portion of his "wealth" (a large portion no doubt) to the grasshopper thus achiving his desired "equality of outcome" even the grasshopper has done nothing to deserve such an outcome.

- -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNDkgOY9Co1n+aLhhAQFmCwQAzll6zhks8izWPkVgCENJ+/CTuMbQqlDA cFKsMT4gX0OdqPVuFdjewVsLxTGFcKr2nkLxjWmp62ypH6Nn/uL/R3CPJ6Bsmzzc EVDI0HZOnHUirlOm1c/zz13jGihzLXww1RIcamkixnbWnXH3WPVank1ZQMyBsCab 6k9jTZmbY2w= =vHjj -----END PGP SIGNATURE-----

7742

Age (days ago)

7742

Last active (days ago)

List overview

Download

15 comments

11 participants

participants (11)

Adam Back
Alan
amp＠pobox.com
Anonymous
Attila T. Hun
Martin Minow
Ryan Anderson
Tim May
TruthMonger
Vin McLellan
William H. Geiger III