RE: PGP 9.0

From: metajunkie@gmail.com
Date: Fri Jan 06 2006 - 22:00:42 EST


The commercialization of PGP really wasn't all that silent, actually.
if you do a google search for pgp mcafee ca Zimmerman you'll dig up agood amount of info.http://www.google.com/search?hl=en&q=pgp+mcafee+ca+zimmerman
(you can read the facts there - or you can deal with my aging andfaulty memory below)
The product changed hands several times back around 2001 as I recall -and quasi-back again later. It was near the time that the RSAalgorithm's patent expired too (I got the "its just an algorithm"t-shirt from RSA ;)
I think pgp.com now owns "most" but not all of the product again. (Ithink McAfee or CA still owns the lower level stuff. I recall thinkingthat what pgp.com didn't get was akin to what we often used back inthe days when coal-burning 486's were the most expensive items on themarket: a command line interface)
However, last I heard. Phil Zimmerman (whom I supported back in the1980's through various PGP BBS campaigns) is no longer "in line" withthe future direction of that company. I'm not sure if there was areconciliation or not. Reading an open email he posted on the topic,at the time, I got the distinct feeling that privacy was at stake.
For what its worth... Whether it was his letter - or all the strangefumes that tended to float around in the air back in those days (frommy roommates of course), a bit of paranoia set in about futureversions of the product.
IMHO GNUPG seems to be more in line with Phil Zimmerman's earlyreadme.txt that came with the first versions of PGP that I used. Whenever conducting a pen-test for a customer (or vulnerability orrisk assessment for that matter)- I always hold an education session(if needed) regarding the use of encryption for the transmission ofthe final reports, and exchange keys before the first kick-offmeeting.
meta meta,
           metajunkie

----Original Message-----
From: kuffya@gmail.com [mailto:kuffya@gmail.com]
Sent: Friday, January 06, 2006 3:58 AM
To: pen-test@securityfocus.com
Subject: PGP 9.0
Hi list,
This topic is not really pen-test specific but I feel it is very oftenrelevant and I haven't seen it mentioned anywhere else. The questionis:
Whatever happened to the freeware version of PGP?? It seems that thelatest v9.0 is only offered as 'trial' from pgp.com. I searchedeverywhere (pgpi.org mit's site etc) but noone has a freewere versionanymore (for windows).
Of course, if you insist you can find in the depths of the web copiesof pgp version 8, for free, and perfectly legal. And there is alwaysGnuPG so the situation is not desperate yet. I was just wondering ifanyone has any info on the topic ; has the app silently gonecommercial?
Thanks
S.
--0101010101010101010101010101010100101010101010101010101010101010100101010101 Meta Junkie 101010101010010101010101010101010101010101010010101010101010101010101010100101



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:19 EDT