backdoors in commerical encryption software?
Results 1 to 9 of 9

Thread: backdoors in commerical encryption software?

  1. #1
    Member
    Join Date
    May 2002
    Posts
    44

    Question backdoors in commerical encryption software?

    i remember reading some where that back doors are left in some commercial encryption software so that the government can easily access encrypted files, saving them man hours and computers cracking the encrypted file to recover the plain text.

    is this true?

  2. #2
    Junior Member
    Join Date
    Jan 2002
    Posts
    19

    Re: backdoors in commerical encryption software?

    Originally posted here by -=[JEBUS]=-
    i remember reading some where that back doors are left in some commercial encryption software so that the government can easily access encrypted files, saving them man hours and computers cracking the encrypted file to recover the plain text.

    is this true?
    I have read of such things too. That's a big reason for the guideline "closed source=snake oil". I can't compile source, but the testimony of hundreds of people who can that PGP 6.5.8 is free of backdoors was good enough for me. The fact that all the code is available for review by those who can find such things is comforting in itself.
    http://freepages.computers.rootsweb.com/~irfaiad/

  3. #3
    I wouldn't put it past them to do it. But they have expert hackers generally that can do it really quick anyways.

  4. #4
    Junior Member
    Join Date
    Jul 2002
    Posts
    19
    I think in some of the encryption software they put backdoors... That's why they made such a big deal about PGP: there was no backdoor and they were affraid that terrorists would use it to send things they didn't want us to find.

    If I'm wrong here, please correct me.
    ~TOXIC-RAM

  5. #5
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    The government wants a back door in all encryption software. I am not sure of any that acually implement this yet, but that doesn't mean it doesn't exist. I don't remember where I read it, but I guess the government agreed to allow the exportation of encryption software if they had a way to easily break the encryption. Thats why even Windows 2000 has a seperate disk for 128bit encryption.....the disk can't be exported (legally).
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  6. #6
    Member
    Join Date
    May 2002
    Posts
    44
    looks like i'll stick to using pgp then :P

  7. #7
    Senior Member The Old Man's Avatar
    Join Date
    Aug 2001
    Posts
    364
    Do believe that PGP 7.0.3 is clean, PZ worked on it before he left for private consultation and the next iteration apparently went to (it appeared to me, anyway) NAI and was tweaked then released as PGP Personal Security with a firewall and some other cute little bells and whistles... Also, i didn't research this, but it appeared to me that before 128-bit was released the Ruskies had a deeper version anyway. Perhaps i'm wrong, but don't think so.

  8. #8
    Senior Member
    Join Date
    Dec 2001
    Posts
    243
    Wow I've never heard of the govt. installing backdoors in encryption software, but I did hear (as most people have) about them installing backdoors on our computers. Hmm, as I've stated in other posts, there go our first ammendment rights. Don't they need a warrant or does the law allow them to surpass the fifth ammendment.
    Search First Ask Second. www.google.com

  9. #9
    Senior Member
    Join Date
    Aug 2001
    Posts
    485
    Originally posted here by souleman
    The government wants a back door in all encryption software. I am not sure of any that acually implement this yet, but that doesn't mean it doesn't exist. I don't remember where I read it, but I guess the government agreed to allow the exportation of encryption software if they had a way to easily break the encryption. Thats why even Windows 2000 has a seperate disk for 128bit encryption.....the disk can't be exported (legally).
    The other factor that has caused the US to relax its controls on export of encryption software is competition from other parts of the world (especially Europe). Mind you, not sure I would trust any government not to try and implement a backdoor.
    At least with PGP, its open source, so you know what you are getting. Same thing for AES AFAIK.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides