The future of PGP..

found this to feed the flow..

http://www.cnn.com/2002/TECH/ptech/0....ap/index.html

mmm

that link doesn't seem to be working. can you repost please?

Link is gone

I guess they archived or just deleted the article...

TW

PPirt

Anyone heard of the PPIRT security suite. For some reason it just does not impress me. Maybe it was the look of there page. BTW, I'm I the only one that thinks it is strange that after years and years of the feds trying to gid rid of PGP, that McCaffee buys the program....then takes it off the market?

From what I understood they were trying to sell it, but no one would buy it. I don't think that McAffee buying it in the first place ever stopped any of the other free/open versions of PGP from being distributed. Last I checked there were at least a half dozen various pgp/gpg programs available for free.

simple3

http://download.nai.com/products/med...omerLetter.pdf
(as of Feb 26 2002 NAI stopped all development efforts on their version of PGP and will only honor current licensed support).

Did NAI approach this whole scenario wrong? I wouldn't be sure, but selling something that is freely available for pretty much any platform makes it difficult to buy, even at the corporate level. Before they retired this software I was planning to use a Spyrus FIPS-3 usb token and the PGP-smart card token integrated suite (for their disk encryption) and use it to house the private keys to mount and unlock the drive... unfortunately this did not come through. Currently I use a version of the last freepgp versions that had the disk encryption and load it into a usb flashdrive key.

It would be sweet if someone would develop a usb flashdrive key with FIPS-3, and use an onboard entry keypad to decrypt/unlock the drive... think of a hybrid of SecureID and a USB flashdrive.

All in all I haven't seen a decent crypto package that would create a seamless environment for the user with Single-Sign On, password wallets, Windows Smart Card Logon all in one package. Of course it is all a matter of time.

gpg/pgp

actually GnuPG is a PGP equiliant and in recent/future versions it's soon to be even more powerful. PKC is a great tool to have in verifying users ID's (even just using nicknames when you are familliar with the user) to prove they actually sent the mail etc.

GnuPG rocks, and with mutt (my favorite) or a graphical email client such as Evolution (good too) use gpg and is supported well.

you should try them out :)

Re: gpg/pgp

Also if you just want to do web mail you can use hushmail which uses hushtools (implementing a branded flavor of PGP). You can do most PKI operations using their java interface.

https://www.hushtools.com/

No non-java applications though...why would a secure e-mail server be so hard? I want to keep mail on my PC, not out in cyberspace.

yikes, I never keep anything local...

You can't hack whats' offline!

true but i can't run my hard drive from Kansas to China in seconds either.. :) ;)

At CompUsa todasy I saw all this software for security. Norton Firewall, BlackIce, etc. Is all this stuff giving users a false sense of security or is there anything that is any good out there? PGP is good but not intuitive.

How do you like PGP's Tempest Viewer?

Anyway all it takes is someone to put a keyboard sniffer on the machine, either hardware or software and all their crypto is SOL.