Scientology tries to break PGP - and fails?
News Flash! According to an informed source, the so-called "church" of Scientology is trying to force Larry Wollersheim to give them his de-encryption code for PGP. Larry Wollersheim is the director of FACTNet, a Colorado BBS that specializes in distributing information about religious cults - especially the Church of Scientology. Scientologists raided FACTNet recently and seized its hardware and records recently, in a case that has spread news of the Scientology wars all over the Internet. Scientology has been in possession of Larry Wollersheim's computer records for quite a while now - at least three weeks, I believe. They have been scanning it for what they claim to be "copyright violations." Yet, their list of scanning criteria also includes a list of 34 names of their critics and enemies, including a famous Netizen named "Rogue Agent." Yet it seems that despite all their efforts to get what they want, they can't break PGP - so they have to force Wollersheim to reveal the key. Mr. Wollersheim has stated that he will go to jail before he reveals his encryption key. Please forward this note to all interested parties. Call this one: BIG WIN FOR PGP! For more information on Scientology's war against the Internet, read the many Web pages set up to cover the story. My own page, an "Introduction to Scientology," is: http://www.tiac.net/users/modemac/cos.html It includes a link to the FACTNet Web page, as well as Ron Newman's famous Web page: "The Church of Scientology vs. the Net."
News Flash!
According to an informed source, the so-called "church" of Scientology is trying to force Larry Wollersheim to give them his de-encryption code for PGP.
Larry Wollersheim is the director of FACTNet, a Colorado BBS that specializes in distributing information about religious cults - especially the Church of Scientology. Scientologists raided FACTNet recently and seized its hardware and records recently, in a case that has spread news of the Scientology wars all over the Internet.
Scientology has been in possession of Larry Wollersheim's computer records for quite a while now - at least three weeks, I believe. They have been scanning it for what they claim to be "copyright violations." Yet, their list of scanning criteria also includes a list of 34 names of their critics and enemies, including a famous Netizen named "Rogue Agent."
Yet it seems that despite all their efforts to get what they want, they can't break PGP - so they have to force Wollersheim to reveal the key.
Mr. Wollersheim has stated that he will go to jail before he reveals his encryption key.
Please forward this note to all interested parties.
Call this one: BIG WIN FOR PGP!
For more information on Scientology's war against the Internet, read the many Web pages set up to cover the story. My own page, an "Introduction to Scientology," is:
http://www.tiac.net/users/modemac/cos.html
It includes a link to the FACTNet Web page, as well as Ron Newman's famous Web page: "The Church of Scientology vs. the Net."
I took a look at the FACTNet web page. There is a file encrypted with PGP using the "-c" option. They are asking for people to help guess the Pass Phrase. Why would anyone bother if they had no clue that the file contained anything 'interesting'. If this is the file that the Co$ is trying to crack, then what the is being asked for is a pass phrase that can be handed to the Co$ that will pass the PGP valid key check and still not decrypt the data to anything usefull. If Larry Wollersheim does have the valid key. It would be a simpler process to know what fake key to use and work it backwards through the MD5 to arrive at an ascii string to produce the fake key. Too bad this wouldn't be plausable for the secret ring. Perhaps PGP needs an option to specify the key in Hex and make the process easy.
-----BEGIN PGP SIGNED MESSAGE----- On Fri, 8 Sep 1995, Tom Rollins wrote:
If Larry Wollersheim does have the valid key. It would be a simpler process to know what fake key to use and work it backwards through the MD5 to arrive at an ascii string to produce the fake key.
Too bad this wouldn't be plausable for the secret ring. Perhaps PGP needs an option to specify the key in Hex and make the process easy.
Here's another option. I just have no idea if it is possible, nor how it would be implemented! PGP could allow for an alternate secret key and a boilerplate document. This document would be "overlaid" or appended to the target file at encryption. When the safety is finally removed from the gun at your head (sorry for the drama) you hand over your alternate secret key. The encrypted file is wiped until it reaches a marker; the remainder of the file is displayed. If you are forced to turn over keys some day (and I think there is at least a reasonable likeihood of that) then They will have a much harder time arguing "But that's not what the file *really* said and, deep inside of me, I know it!". At that point, with a secure wipe going on while the "decryption" was taking place, you have done the best you could. I agree- a search warrent gives authorities the right to search your home (or disk)- not a guarantee that they'll find what they're looking for. =========================================================================== Henry W. Farkas | Me? Speak for IBM? Fat chance. hfarkas@ims.advantis.com |------------------------------------------------ hfarkas@vnet.ibm.com | http://newstand.ims.advantis.com/henry henry@nhcc.com | http://www.nhcc.com/~henry - --------------------------------------------------------------------------- PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52 B3 80 34 1C CE 38 EC 53 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers. - --------------------------------------------------------------------------- Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not fast, but it's not bad, and we're cheaper than the guy down the street!" =========================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Auto-signed with Bryce's Auto-PGP v1.0beta iQCVAwUBMFCbU6DthkLkvrK9AQExWwQAoXSQ+6rL2tLf61F1Zj7fX6gO4ZZOaASZ O5v0aDN1LXttmv+YUslMU8B1mpKexVk5FZDBMJ2MkonDssi5kcNNhUKc911x7zyh oLh1I8lA4RPKdrxY7AuRF+GQpOmHFpb6FK18Aq+EkiJX5mmKpCANY8tYqcpiZ4o7 GHt0DVuKhaE= =uQD0 -----END PGP SIGNATURE-----
participants (3)
-
Henry W. Farkas -
modemac@netcom.com -
trollins@hns.com