TUCoPS :: Crypto :: mondo2k.txt

Mondo 2000 article on Senate bills S266 and S618 trying to include back doors in encrption software & PGP freeware that cam

                      From MONDO 2000 #5
     What if you saw Congress trying to pass some invasive, 
repressive laws? And what if, single handedly, you could nullify
these laws, forever?
     Would you do it?
     Senate bills S266 and S618 posed just those questions to
Philip Zimmerman, a Boulder software engineer. Because Philip
specializes in privacy protection for his clients, he was acutely
aware of the implications they posed. 
     MONDO readers will recognize these bills before Congress as
designed to fight "terrorism" and "violent crime." They both have
language, however, requiring government-accessible 'Back doors" in
all encryption software produced or sold in the United States. What
that means, in practical terms, is that the government could read
your private, encrypted messages and files at will. Or anyone else
with the necessary know-how. Sort of like requiring you to give
copies of your house keys to the cops. Theoretically, court
authority would be required, but the actual potential for abuse is
     So how did Philip choose to challenge the power structure's
brazen attempt to invade our privacy? Bid he complain to his
representatives in Washington? Organize a protest march? Send a
letter to the editor of The New York Times? Grouse volubly on the
BBSs? Nope-Philip Zimmerman took direct action. Taking several
months off from his regular paying customers, he wrote the
definitive encryption program for the masses.
     PGP-Pretty Good Privacy-it's called. It's a textbook example
of guerrilla activism based on the Rivest-Shamir-Adelman public key
cryptosystem. Currently, RSA-based systems are the most advanced
cryptographic technology available. Though it's extremely
sophisticated technically, it's quick and convenient to use. And,
barring some unlikely breakthrough in the mathematics of factoring
very large numbers, they are the ultimate in unbreakable codes. How
unbreakable? With PGP and your personal computer, you could create
a code that would take a Cray super computer centuries to break.
Now, that's Pretty Good Privacy! 
     The U.S. and other governments have paid millions to achieve
similar levels of encryption security. So how much will you have to
pay to get a copy of Pretty Good Privacy? Approximately nothing.
Philip decided the best way to counter legislative threats to
privacy was to give his program away. By releasing PGP as freeware,
he made sure it would have the widest possible distribution-too
wide for the FBI, MI5, MI6, DIA, NSA, KGB, or any other alphabet
agencies to suppress.
     PGP was released on June 5 (D-Day minus 1) onto scores of
networks and BBSs. Since then, it has been copied onto countless
systems in North America and around the world. Now, even if S266,
S618 or similar laws are passed, it's too late. The secret is out.
The PGP genie can never be put back in the bottle. With PGP, you
and your friends can have Mil Spec quality encryption for your
messages and records. Affordable privacy is at your command,
without back doors and without permission from Uncle Sam or anyone
     Being a techno-activist isn't all fun and games, however. As
mentioned, Philip Zimmerman took time away from his business to get
PGP out the door. The income lost during that period has been a
real financial hardship for him and his family. In addition, a
company called Public Key Partners (PKP) has threatened to sue
Philip. PKP controls licensing of the RSA algorithm he incorporated
into the PGP program. Whether he will be sued has not been
determined as of this writing. Nevertheless, that very real threat
hangs over Mr. Zimmerman's head.
     Though Philip hasn't asked to be rewarded for his labors, you
might consider sending an appropriate donation if you find PGP to
be of value to you. $50 sounds like a reasonable number, but you
might revise that up or down depending on how much you value your
     To get your own copy of Pretty Good Privacy from an anonymous
FTP site on Internet or elsewhere, you will need two files:
pgpl0.zip for the binary executable and the user documentation, and
pgp10scr.zip for the source files. These files are compressed, but
you can decompress them using the MS-DOS shareware archive utility,
PKUNZIP.EXE. Be sure to print out the "PGP User's Guide" in
pgp10.zip. (Remember to set mode to binary or image when doing an
FTP transfer.)
     In the U.S. or Canada, PGP files are available on Internet at
FTP sites uunet. uu. net in the /tmp directory and at host
gatekeeper. dec. com, directory /pub/micro/msdos/pgp. They are also
available in North America and overseas on Fidonet and innumerable
BBSs. One such BBS is in Boulder, Colorado at (303) 443-8292.
     If you would like to contact Philip Zimmerman, his address is:
Boulder Software Engineering,
3021 Eleventh St. Boulder, CO 80304;
phone: (303) 444-4541;
Internet:prz@sage. cgd. ucar.edu.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH