V.T. Eric Layton Posted September 3, 2013 Author Share Posted September 3, 2013 Three can keep a secret, if two of them are dead. ~Benjamin Franklin 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 3, 2013 Share Posted September 3, 2013 Well luckily PGP was developed 20 years ago so they can't just seize the work now. That said, they did try to prosecute him: Shortly after its release, PGP encryption found its way outside the United States, and in February 1993 Zimmermann became the formal target of a criminal investigation by the US Government for "munitions export without a license". Cryptosystems using keys larger than 40 bits were then considered munitions within the definition of the US export regulations; PGP has never used keys smaller than 128 bits so it qualified at that time. Penalties for violation, if found guilty, were substantial. After several years, the investigation of Zimmermann was closed without filing criminal charges against him or anyone else. Zimmermann challenged these regulations in an imaginative way. He published the entire source code of PGP in a hardback book,[13] via MIT Press, which was distributed and sold widely. Anybody wishing to build their own copy of PGP could buy the $60 book, cut off the covers, separate the pages, and scan them using an OCR program, creating a set of source code text files. One could then build the application using the freely available GNU Compiler Collection. PGP would thus be available anywhere in the world. The claimed principle was simple: export of munitions—guns, bombs, planes, and software—was (and remains) restricted; but the export of books is protected by the First Amendment. The question was never tested in court with respect to PGP. In cases addressing other encryption software, however, two federal appeals courts have established the rule that cryptographic software source code is speech protected by the First Amendment (the Ninth Circuit Court of Appeals in the Bernstein case and the Sixth Circuit Court of Appeals in the Junger case) http://en.wikipedia....l_investigation 2 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 3, 2013 Author Share Posted September 3, 2013 That's pretty cool. I never knew that. Quote Link to comment Share on other sites More sharing options...
goretsky Posted September 5, 2013 Share Posted September 5, 2013 (edited) [Edit for grammar. AG] Hello, Interestingly enough, if you look at the section above that in the Wikipedia article on PGP, it mentions how it was distributed on the Internet by an individual named Kelly Goen, who drove around from location to location, uploading the source code to sites on the then-nascent Internet before going to the next one. Even more interestingly enough, one of the places Kelly visited was McAfee Associates. I remember when he stopped by to use our Internet connection to do so. Regards, Aryeh Goretsky Edited September 7, 2013 by goretsky 3 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 5, 2013 Author Share Posted September 5, 2013 Very disturbing... N.S.A. Foils Much Internet Encryption PGP is still a good bet, though ...if you set it up and use it correctly. Quote Link to comment Share on other sites More sharing options...
goretsky Posted September 5, 2013 Share Posted September 5, 2013 Hello, The Washington Post article precedes the New York Times one by a few months. Given the lack of specifics about what might or might not be accessible to the NSA, it is probably not a good idea to solely rely on products like PGP. One thing to keep in mind is that intelligence agencies have a vested interest in people continuing to believe that the cryptosystems they are use are secure.... Regards, Aryeh Goretsky 2 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 5, 2013 Author Share Posted September 5, 2013 You're probably right, Aryeh. There's no hope. Privacy in this world is dead... DEAD, I tells ya'. There's only one way to have privacy nowadays... move waaaaay far away to some remote part of the world with no modern amenities, no phones, no electricity, no mail service, no prying government eyes. Live in a plywood shack with a good supply of books... Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 6, 2013 Share Posted September 6, 2013 The US government has betrayed the internet. We need to take it back NSA surveillance: A guide to staying secure by Bruce Schneir Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 6, 2013 Author Share Posted September 6, 2013 The NSA offering how-tos on encrypting emails and documents using OpenPGP... this can't be good. https://www.nsa.gov/ia/_files/factsheets/I73-FS-035-09.pdf (Note: this opens a .pdf document stored on the NSA's servers) EDWARD SNOWDEN: How To Make Sure The NSA Can't Read Your Email There still seems to be NO DEFINITIVE answer as to whether or not the NSA can crack PGP. I tend to lean toward Aryeh's attitude, though... don't put it past them. They have capabilities that the unwashed masses will never know of... EVER. And, as Aryeh suggests, it's in the NSA's bests interests to have the world think they're struggling to decypher our silly little encrypted emails. Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 6, 2013 Share Posted September 6, 2013 Well that pdf was created in 2009 but yeah dunno how I feel about that. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 6, 2013 Author Share Posted September 6, 2013 Yup... know what you mean, bro. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 6, 2013 Share Posted September 6, 2013 Did you happen to see my personal blog these days and the new addition to the pages listed at the top? Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 6, 2013 Author Share Posted September 6, 2013 Signing off? I don't agree with that method of protest, if that's what you're intending. I understand why a service provider like Lavabit would shut down, but we NEED MORE folks like you, Fran, raising H3LL, not less. Pictures worth many words. 2 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 6, 2013 Share Posted September 6, 2013 I agree with Eric, silence would almost be like giving in to the threat. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 6, 2013 Author Share Posted September 6, 2013 Feds Asked Yahoo For Data 12,444 Times In First Half Of Year In its "transparency report," Yahoo adds that it: "Has joined no program to volunteer user data to governments. Our legal department demands that government data requests be made through lawful means and for lawful purposes. We regularly push back against improper requests for user data, including fighting requests that are unclear, improper, overbroad or unlawful. In addition, we mounted a two-year legal challenge to the 2008 amendments to the Foreign Intelligence Surveillance Act, and recently won a motion requiring the U.S. Government to consider further declassifying court documents from that case." Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 7, 2013 Share Posted September 7, 2013 I may restore my old blog database, but right now I am worried. This is what I call 'chilling effects' of our government making Citizens feel like they can't have Freedom of Speech without danger to themselves. I may change my mind but right now, I feel stifled by our own government's attitude problem. I do still say some things here and there, but have made a statement with my blog. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 7, 2013 Author Share Posted September 7, 2013 RAISE H E L L ! I doubt Big Bro will be knocking on your door anytime soon. They have other things to keep them busy. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 7, 2013 Author Share Posted September 7, 2013 many folks are starting to wake up and rub the sleep from their stupefied eyes Maybe, but not enough yet, I don't think. In your everyday real life, take an informal poll from the folks you interact with on a daily basis. I did. I found that about 1 in 100 even is aware of these recent NSA and privacy related news stories. It's disheartening to talk to these ignorant sheeple. It really is. 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 10, 2013 Author Share Posted September 10, 2013 Am I just being paranoid? I had a disturbing thought a little while ago... I know that the big push by businesses and others to get us to dump all our data and apps into the cloud is mostly about the almighty $, as usual. However, here's the bad thought... wouldn't Big Bro just love to have all your stuff in the cloud where it's so easily accessible for them. They wouldn't have to worry a bit about trying to hack into your personal system that way. It would all be on that big cloud just sitting there waiting to be crawled by NSA bots and analysts. Hmm... interesting thought, huh? 1 Quote Link to comment Share on other sites More sharing options...
RichardKR Posted September 10, 2013 Share Posted September 10, 2013 More than an interesting thought, nearly a certainty in my paranoid mind. Many of you on this forum remember how excited we were when personal computers were finally becoming a reality. Most computer users today weren't around during this time and can't even imagine how exciting it was to have your own PERSONAL computer that you were in charge of and you customized to do what you wanted. When the Altair kit came out we realized that personal computing was on it's way. We read everything we could find about these miracle devices. I remember typing in pages of tiny print of computer code published in Byte or PC Magazine. We endured what would seem today as incredible obstacles without a complaint. Cassette storage! Vic 20, TRS80, and finally the IBM PC with open architecture and enormous floppy disk storage. What excitement. Anybody here ever go to a User Group? Bring a ton of equipment and take hours setting it up just to demo a new program or device. We were finally off the mainframe/workstation treadmill. What freedom! It was a time in the computer industry that will never be duplicated, ever. And now the call of the industry is to go to the "Cloud". Which is putting you back on the mainframe and making your PC a workstation that depends on a connection to the big computer in order to do anything. This depending on the faceless people in the white lab coats for our computing experience is unacceptable. It is LESS freedom, not more. Give up your freedom for a little convenience? Not for me thank you. Trust a corporation with your data? Insane. 4 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 11, 2013 Author Share Posted September 11, 2013 It is LESS freedom, not more. Give up your freedom for a little convenience? Not for me thank you. Trust a corporation with your data? Insane. Sadly, those of us who realize this are definitely in the minority. 2 Quote Link to comment Share on other sites More sharing options...
crp Posted September 11, 2013 Share Posted September 11, 2013 Am I just being paranoid? I had a disturbing thought a little while ago... I know that the big push by businesses and others to get us to dump all our data and apps into the cloud is mostly about the almighty $, as usual. However, here's the bad thought... wouldn't Big Bro just love to have all your stuff in the cloud where it's so easily accessible for them. They wouldn't have to worry a bit about trying to hack into your personal system that way. It would all be on that big cloud just sitting there waiting to be crawled by NSA bots and analysts. Hmm... interesting thought, huh? I think about with the online backup services. On the one hand, offsite backup that is supported by redundancies is terrific. on the other hand, they have all the data unless encrypted prior to backing up. Most services for businesses allow for AES encryption on the fly, but that leaves an opening. CrashPlanPro offers an option on the AES encryption - appending a passphrase to the initial encryption phase.Similar to TrueCrypt there is a downside - forget the passphrase and forget seeing your data again. 1 Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 11, 2013 Share Posted September 11, 2013 Sadly, cloud storage of any kind certainly makes things so much easier for them; corporations and governments. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 11, 2013 Share Posted September 11, 2013 I think about with the online backup services. On the one hand, offsite backup that is supported by redundancies is terrific. on the other hand, they have all the data unless encrypted prior to backing up. Most services for businesses allow for AES encryption on the fly, but that leaves an opening. CrashPlanPro offers an option on the AES encryption - appending a passphrase to the initial encryption phase. Similar to TrueCrypt there is a downside - forget the passphrase and forget seeing your data again. SpiderOak also is encrypted before it leaves your computer; it is encrypted end to end and stays encrypted with your key (that you hold ... again, you must remember it or lose your data) on their servers. Personally I would prefer that to any other ways available out there despite the remote possibility of losing the key. Quote Link to comment Share on other sites More sharing options...
abarbarian Posted September 13, 2013 Share Posted September 13, 2013 (edited) Hmm. I'm still reading up on this subject. Third time I have had a good read over the years and it is starting to make sense at last.Rather like watching a glass of beer clear slowly. I'll be posting soon and replying to em's. Tail end of a busy summer, be back to normal soon. http://blog.sanctum.geek.nz/series/linux-crypto/ I found this which has helped. Edited September 13, 2013 by abarbarian 2 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 13, 2013 Share Posted September 13, 2013 Speaking of... From Hak5's ThreatWire: The Black Budget leaked. Has the NSA broken your crypto?, Google and Microsoft want to make everything clear to the masses, and the SEA isn't spreading malware... most likely... . All that and more this time on Threat Wire! http://hak5.org/threatwire/0042 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 13, 2013 Author Share Posted September 13, 2013 http://blog.sanctum....s/linux-crypto/ I found this which has helped. Excellent! Bookmarked for extensive perusal soon. Thanks, E! Quote Link to comment Share on other sites More sharing options...
abarbarian Posted September 17, 2013 Share Posted September 17, 2013 Excellent! Bookmarked for extensive perusal soon. Thanks, E! I need to read through it again but I got the impression that it was a clear and easy to follow guide for what is quite a complex subject. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 17, 2013 Author Share Posted September 17, 2013 Nothing is complex once you understand it. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 17, 2013 Share Posted September 17, 2013 Nothing is complex once you understand it. Right Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.