The best way to celebrate the International Workers Day is work. Enjoy its fruit. ---------- Forwarded message ---------- Date: Thu, 1 May 2003 07:41:15 +0200 (CEST) Subject: [speak-freely] SpeakFreely ParanoidPatch - update From: Thomas Shaddack To: speak-freely@fourmilab.ch New changes in my higher-security SpeakFreely patch for Linux. Location: http://213.246.91.154/patches/speakfreely/ Purpose: To make it more difficult for any adversaries (hackers, spies, hostile governments, forensic experts, Thinkpol, ...) to recover keys used in SpeakFreely communication. Keep in mind that current technologies allow capturing the entire encrypted conversation, storing it for unlimited time, and decrypting it later, after seizing the machine used as the endpoint and recovering the key stored there. Particularly important for high-tech high-surveillance low-freedom countries. News: SpeakFreely version 7.6a/Linux fully supported. Maintenance of the patch for version 7.5 abandoned. Option for locking memory against being swapped; useful for both preventing leakage of the keys to swap file, and for increasing performance in high-swapping low-memory situations. Possibility to read encryption keys from stdin; another process then can do the key handshake with the other side, then run sfspeaker and sfmike and feed them with the negotiated session key - possibly with different key for each direction. -H option, a more usual alias to -U (--help is now supported too). A little change, but convenient. Patches for manpages, so the new options are described there. Name sfParanoidPatch assigned to the project. In the older version (1.0): Support for reading key from a file Overwriting the key value if specified as a parameter, making it invisible for 'ps -ef' Support for executing a command immediately after running sfmike, eg. for unmounting encrypted loop from where the key was read Support for running under a specified UID and GID and in chroot jail, if launched as root; provides additional security hardening. Enjoy! :) * * * To unsubscribe from this mailing list, send E-mail containing the word "unsubscribe" in the message body (*not* as the Subject) to speak-freely-request@fourmilab.ch