Newer versions of PGP ? - PGP

This is a discussion on Newer versions of PGP ? - PGP ; -----BEGIN PGP SIGNED MESSAGE----- Concidering the date, i guess not, but i have never heard of CKT-versions before ? ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/ Is this a hacked version with lots of backdoors ? Or is it some secret government-employed agent who has "re-compiled" ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Newer versions of PGP ?

  1. Newer versions of PGP ?

    -----BEGIN PGP SIGNED MESSAGE-----

    Concidering the date, i guess not, but i have never heard of CKT-versions
    before ?
    ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/

    Is this a hacked version with lots of backdoors ?
    Or is it some secret government-employed agent who has "re-compiled" it for
    ADK-purposes ??

    Torbjørn.

    -----BEGIN PGP SIGNATURE-----
    Version: 6.5.8ckt http://www.ipgpp.com/

    iQQVAwUBQXgKjYILKQsNQobVAQHFJB//dRhqOhNa1xbNgnMhIvKLypmwQAO+lc/M
    hNYF+S4Err6yUuaxNbJxH/VpYPGTTSN2XM07BXh+byHOSYEtSB25NGEw9Vf/NLW3
    p76uiS72VWZu+BXzEuDmzYUpJRcEpnkd0tFHgycU7Oun5NvMY0 WkigtzoZWl7eZW
    hjyS1GXszoKpECGdqDDRWb+ZOsR86XYkcJXn1279M6CDDoRxn0 04SAnkjyPT2Npw

    A0HEzvFTpYp/FtWRl92erBOy1YOi06dYQ1YyjIXcoIaUC6XhmPngYhWKn6/s+JPH
    44fm/MKeV1IQVr5vWdlmo5uAu4rCKum5cEKhyJBI7zUlgyqbH1kLNtv AUfmjxzKq
    sJSiwDzW5jAsWh/3u/8HZw0Xr9/pwTgv0iT2JFDk2aUMDf8x0HqJAA1AmkVXfYGe
    lOOuYs4TZFJte3KBMyKKDbDJxGl70uf8rKcJ9mlV/oKEapdG5Up+oXTfgV+um5oj

    1tsA/GMTj2xORyi4wxFBBDWISE7Ojs/xwramFV/aHTqG1EIKHHpNa6LZYZRQ2run
    KCFyqRtbwkKTCBpLtKCvfRt3EfKVtHCcyC4ihaae6AVT6c1CtK bCV8uk8ytsqXwA
    gPmcv4GNpuuEwarZK3RUxH2bStMuR7g307NjrweQH4ZOyxbJ0F 8E0BnP16PB8yu0
    kuZOUlvCp4EOd6NUWREa8Zx/1KTgsVYsp9QVwWh59IyxOwTUza+521c4jq+F7aZx

    k3vxhDdvTCkKm2PpdpRmdFfyvk8apxDQPIGIxla7BaTJpENg59 OHtmAhlNU+liOE
    tFGowqrwnfaH2rN3zJwxZ5giqSdxOHaQkw0ovuU/gHHGIbRZQVwVWQMp4QPvtu9B
    2F2nfAdcFr+gErynKEhANpcvxBBjP6//C+HNsV/Wy+KAGCcY64TaTpGPs85T/aJn
    jwGsMWx4oCwoVy6hhPDE3fpk11HI83ZuGHh5NDIL1oNg7v3sO4 meCVqjXEaMsBrG

    HShjJrIYChuCTaLQ4YSPaN8hpfHOGhy2+9yUAzzzdhTirUjqVJ CdvUy+xiAdy4S1
    oXPH7m9PIFbfbYSSF7yN9M/iqFDRx9fV8UMHpXZuCl31PIC6WUb+8JY3vElTpq1o
    vz47Si/kTFcITmGmNc8kgZ+/LqdcVgQOzEuQ9TOPH15aLsKjmJILwxZxUo4rP66u
    va4qH7+I0Jg023fUR+eEj3SytL245BKquDMExhCATXRbPPbMrK 1q+kKe8sLc6dHE

    W6WFz8Pyq1CYJEyxofxDFTw3PXbBRg1uM0dI80+auHgtijk0ag gDVi307Y6DnNUs
    dmMJ2tPvCYYCXJ9P7CvNqGp0U1/pnlYTO46L21gaBNvSixjSNt6Ovg==
    =NWKR
    -----END PGP SIGNATURE-----




  2. Re: Newer versions of PGP ?

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    "Torbjørn Morka" writes:

    >Concidering the date, i guess not, but i have never heard of CKT-versions
    >before ?
    >ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/


    >Is this a hacked version with lots of backdoors ?


    Hacked -- sure. As far as I know, there are no backdoors.

    >Or is it some secret government-employed agent who has "re-compiled" it for
    >ADK-purposes ??


    The CKT versions come from Imad Faiad, who enhanced the 6.5.8 code
    base. They are not approved by NAI, and presumably not by pgp.com.
    Some people use these versions. They have some added features
    compared to 6.5.8 (additional key types and bigger RSA keys, I
    think).

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.3.91 (SunOS)

    iD8DBQFBeCxevmGe70vHPUMRAoMLAJ9Md5btTm2qEplC2ar39I AcWrzb1QCfUjem
    U0LtVxNH29cpjaEv24aSzxk=
    =8BDw
    -----END PGP SIGNATURE-----

    --
    vote for regime change in Washington, Nov 02.


  3. Re: Newer versions of PGP ?

    "Torbjørn Morka" wrote in
    news:2MUdd.59383$Vf.2806844@news000.worldonline.dk :

    > Concidering the date, i guess not, but i have never heard of
    > CKT-versions before ?
    > ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/
    >
    > Is this a hacked version with lots of backdoors ?
    > Or is it some secret government-employed agent who has "re-compiled"
    > it for ADK-purposes ??


    As has been stated, these are personal builds of Imad that he made many
    source code changes to, and made freely available for others to use. I
    sincerely doubt that Imad would willingly do anything to weaken PGP in
    his builds. I do believe that he actually went to great pains to make it
    more usable and more secure.

    However, I also agree with his statements that you should not use such
    builds from third parties unless you personally review the source code
    and verify that there are not backdoors, etc. Additionally, I personally
    believe that such source code modifications may actually accidentally
    introduce a weakness that is not easily noticed in regular use or even
    source code review. And, although I really don't think it is at all
    likely, it is within the realm of possibility that Imad was a CIA agent
    assigned to weaken PGP in a way that paranoids would make sure to use it,
    to help the US government. :-)

    --
    Tom McCune
    My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

  4. Re: Newer versions of PGP ?

    Tom McCune wrote:
    | "Torbjørn Morka" wrote in
    | news:2MUdd.59383$Vf.2806844@news000.worldonline.dk :
    |
    || Concidering the date, i guess not, but i have never heard of
    || CKT-versions before ?
    || ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/
    ||
    || Is this a hacked version with lots of backdoors ?
    || Or is it some secret government-employed agent who has "re-compiled"
    || it for ADK-purposes ??
    |
    | As has been stated, these are personal builds of Imad that he made many
    | source code changes to, and made freely available for others to use. I
    | sincerely doubt that Imad would willingly do anything to weaken PGP in
    | his builds. I do believe that he actually went to great pains to make it
    | more usable and more secure.
    |
    | However, I also agree with his statements that you should not use such
    | builds from third parties unless you personally review the source code
    | and verify that there are not backdoors, etc. Additionally, I personally
    | believe that such source code modifications may actually accidentally
    | introduce a weakness that is not easily noticed in regular use or even
    | source code review. And, although I really don't think it is at all
    | likely, it is within the realm of possibility that Imad was a CIA agent
    | assigned to weaken PGP in a way that paranoids would make sure to use it,
    | to help the US government. :-)

    Just because a person is paranoid doesn't mean there not out to get him.

    You know, over the years enough things have come out about the U.S. gov't that
    the idea that both Imad and the new PGP company are in co-hoots with NSA or
    the CIA is *very* easy for me to believe.



+ Reply to Thread