cvhd@indyweb.net wrote:

I have never bought into any of the conspiranauts BS about PGP backdoors as long as PZ was involved with it but I will certainly assume it is to be a "given" with PGP in the hands of McAfee.

Has Phil Zimmermann responded to the months long criticism of PGP 5.0 for Business and PGP's acquisition by Network Associates? If not, what seems to be the most reasonable explanation for Phil not answering, to allay suspicions and sustain PGP's worldwide reputation? The explanations by others working with PGP, Inc. would surely be more credible if Phil expressed public support for their views. I still find it hard to accept that Phil would squander his personal reputation, and thereby the reputation of his invention, by refusing to provide a public accounting of what's happening with PGP Inc. And, no matter the legal and financial restrictions that might be contraining him. And no matter that PGP's competitors are probably encouraging some of the attacks. Security by obscurity, by indifference to public doubts, seems to be a surefire way to undermine Phil's years long struggle to distinguish himself from those less courageous than him who are pushing products less reliable than PGP has been believed to be until now. It's a haunting thought to consider that Phil may have been shown evidence by others that PGP is not as reliable as many have long believed, evidence that perhaps demonstrates what he knew all along. This is harsh suspicion and one that needs his response, if for no other reason to allay the fear that even prior versions of PGP are now suspect. PGP and Phil's personal reputation are at stake, not PGP, Inc., which is secondary. There are lots of folks whose freedom, if not lives, may be at risk due to his silence. Perhaps it's time for Phil to reaffirm that difficult choice between success and conviction, between making a killing and betraying others to do so. To remind those who think you can have both ways and get away with it is a cowardly fantasy too often hidden behind self-serving ethics. If Phil personally (not the PGP officer, not the distinguished scientist bullshit role, not the PGP employees) refuses to stand behind PGP as it has been known and trusted, then PGP and Phil should be denounced forever as a grand deception and treachery, even worse than the other crypto products eagerly shaped -- and openly proud of it -- to fit the specs of the paymaster snoops Phil himself once bravely challenged. I think Phil will come through now, as he has in the past, to distinguish himself and PGP (not Inc.) from the craven pack. If he doesn't, it's smart to give up using PGP in all its guises past and future.