Printable View
i remember reading some where that back doors are left in some commercial encryption software so that the government can easily access encrypted files, saving them man hours and computers cracking the encrypted file to recover the plain text.
is this true?
I have read of such things too. That's a big reason for the guideline "closed source=snake oil". I can't compile source, but the testimony of hundreds of people who can that PGP 6.5.8 is free of backdoors was good enough for me. The fact that all the code is available for review by those who can find such things is comforting in itself.Quote:
Originally posted here by -=[JEBUS]=-
i remember reading some where that back doors are left in some commercial encryption software so that the government can easily access encrypted files, saving them man hours and computers cracking the encrypted file to recover the plain text.
is this true?
http://freepages.computers.rootsweb.com/~irfaiad/
I wouldn't put it past them to do it. But they have expert hackers generally that can do it really quick anyways.
I think in some of the encryption software they put backdoors... That's why they made such a big deal about PGP: there was no backdoor and they were affraid that terrorists would use it to send things they didn't want us to find.
If I'm wrong here, please correct me.
The government wants a back door in all encryption software. I am not sure of any that acually implement this yet, but that doesn't mean it doesn't exist. I don't remember where I read it, but I guess the government agreed to allow the exportation of encryption software if they had a way to easily break the encryption. Thats why even Windows 2000 has a seperate disk for 128bit encryption.....the disk can't be exported (legally).
looks like i'll stick to using pgp then :P
Do believe that PGP 7.0.3 is clean, PZ worked on it before he left for private consultation and the next iteration apparently went to (it appeared to me, anyway) NAI and was tweaked then released as PGP Personal Security with a firewall and some other cute little bells and whistles... Also, i didn't research this, but it appeared to me that before 128-bit was released the Ruskies had a deeper version anyway. Perhaps i'm wrong, but don't think so. :D
Wow I've never heard of the govt. installing backdoors in encryption software, but I did hear (as most people have) about them installing backdoors on our computers. Hmm, as I've stated in other posts, there go our first ammendment rights. Don't they need a warrant or does the law allow them to surpass the fifth ammendment.
The other factor that has caused the US to relax its controls on export of encryption software is competition from other parts of the world (especially Europe). Mind you, not sure I would trust any government not to try and implement a backdoor.Quote:
Originally posted here by souleman
The government wants a back door in all encryption software. I am not sure of any that acually implement this yet, but that doesn't mean it doesn't exist. I don't remember where I read it, but I guess the government agreed to allow the exportation of encryption software if they had a way to easily break the encryption. Thats why even Windows 2000 has a seperate disk for 128bit encryption.....the disk can't be exported (legally).
At least with PGP, its open source, so you know what you are getting. Same thing for AES AFAIK.