Greetings Nick!
On Saturday, May 27, 2000 at 23:06:07 GMT -0700 (which was 11:06 PM
where you think I live) [EMAIL PROTECTED] typed:
p>>> Technically if you want to get down and say that, then I've always
p>>> heard that the older the version of pgp (ie. 2.x) are harder to
p>>> crack than the newer windows versions. I can't remember where I
p>>> heard that though, I've always believed it.
NA> There are arguments for and against Open Source Software as being more
NA> secure than Closed Source Software. The relevant arguments can be read
NA> here:
NA> http://www.securityfocus.com/commentary/19
NA> http://www.technocrat.net/955986079/index_html
NA> Personally, I believe Open Source Software has the "potential" to be more
NA> secure, but there is also value in security through obscurity. :o)
Although I've spent plenty of time on securityfocus.com I disagree,
security through obscurity is not very effective. Look at all the
shareware programs that get cracked because of that belief.
(Old Fravia used to talk about that)
<OPINION>
I wouldn't trust NAI at this point. But that is me personally. I
don't use anything by them at all. I miss the old MCafee SCAN.EXE
days!!!!!! now they are over the edge.</OPINION>
I read back in 1995-96 an article was in Extraordinary Science
Magazine published by the ITS and the article was written by JW
McGinnis (the magazine is OOP now) to download version 2.3 of pgp
because this whole whoopla was about to hit and the governments were
going to start messing with pgp. I've also head numerous articles by
hackers that said that the "older versions are the best." When asked
which version do I want, the answer was, the oldest version you can
get. The version that McGinnis was telling us to get was the source
code of 2.XX (the version without the windows support dll's) So when I
try to run that in The Bat it won't work. There are shells for it
although I am not crying about this, I'm only passing on information
that I understand. I trust McGinnis more than I trust someone I
haven't met--I've met McGinnis in San Francisco, Ca. And talked with
him, and he is one who has reasons specifically to encrypt secrets, I
haven't met some of the other well known people in the cryptography
field; some of which I assume are US planted disinformation websites.
There are MILLIONS if not BILLIONS of crypto sites on the web.
Cryptome in/out is another example of a place that i hang out reading
news. Then there is the Mitnick saga.. Is the FBI not still trying to
crack into his hard drives at this very moment? What version did he
use?
Obviously the password will be making a big difference in how soon the
FBI will be cracking it.
Although I am using a ckt (Cyber Knights Templar) version of pgp
(which allow a larger key) at the moment, I also have and use a much
older version and retain all the extra junk in my startup files for
that version. I use this ckt version mainly to stymie the Free Dial Up
account[s] possibility of reading mail. I'm not after keeping fbi
spooks out of my top secret physics experiments on cold fusion with
the ckt build. If I wanted that I would use the older pgp.
note: that if you get the ckt build, expect for a large key
to take more than an hour to compile--I fell asleep waiting
Somebody mentioned RSA vs. DH/DSS I trust the DH/DSS more than RSA
because I've heard that RSA has been cracked, or tampered with.
Problem is getting other people to use DH/DSS most people don't create
more than one key, or end up deleting keys like I do. "Whoops. Damn
you mean to tell me that the key will stay on the MIT server if I lost
my key?" -AHahahah LOL
G>> This is because the older versions have the open source code readily
G>> available for inspection to see if there has been any tampering via
G>> checksums, both the US and International versions. The new versions -
G>> well, the source code has not been available, as far as I can tell.
NA> I know source code is available for 6.5.1, and perhaps even 6.5.2, but
NA> beyond that I'm not sure. Again, I don't see the value in using something
NA> along the lines of 5.X vintage when Open Source exists for 6.5.1, and that
NA> is only _if_ OSS is important to you... because the latest freeware
NA> version is 6.5.3
Na , you just haven't searched. the sources are available. But most
people (myself included) wouldn't know what the hell we were looking
at. It's still Great fun to compile though!
--
... autoexec.bat: A Wise Yuppie with a new copy of the bat.
--- The Bat! 1.44 + 98Lite + Revenge of Mozilla II
--
--------------------------------------------------------------
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
<mailto:[EMAIL PROTECTED]>
To Unsubscribe from TBUDL, double click here and send the message:
<mailto:[EMAIL PROTECTED]>
--------------------------------------------------------------
You are subscribed as : archive@jab.org
