GAK on the cheap

Adam Back aba at dcs.ex.ac.uk
Fri Oct 24 15:36:18 PDT 1997




Anonymous writes:
> GAK fans!
> 
> Here's a patch to PGP 2.6.2 to force it to encrypt all messages to the
> FBI key.
> 
> Patch crypto.c thusly:
> 
> 2339a2340
> >       ++i;            /* Count FBI key */
> 2368a2370,2372
> >       /* encrypt to FBI */
> >       keys_used = encryptkeyintofile(g, "<leaf at fbi.gov>", keybuf, keyfile,
> >                                       ckp_length, keys_used);
> 
> That's it.  Four new lines, and every message is encrypted to the
> government as an additional recipient.

Wow, anonymous, you're a genius!

> Don't let the FBI see this.  If so, we'll be <ominous voice> "one
> step from GAK".  Add a few SMTP filters and we're doomed.

Errr.. there is one problem anonymous, _deployment_.  How are you
going to deploy the above patch.  Who is going to use it?

Close to zero I suspect.

However there are simply loads of people using pgp5.0, and I'm sure
pgp5.5 will be the same in a while.

It's not the triviality of making something that can be used for GAK
that the argument is about.

The argument is about PGP Inc pre-deploying it in 5.0, 5.5 all ready
for the switch to be flicked.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`







More information about the cypherpunks-legacy mailing list