Through the rabbit hole. Strong crypto

So, you don’t want people to read what you’re emailing, eh? Then try PGP - it stands for “Pretty Good Privacy” - and it’s more than pretty good. It offers unbreakable encryption for email and data files.

You can get either the free version or the more powerful commercial version which is available directly from the original author, Phil Zimmermann. Both versions are, in the jargon, strong crypto, meaning they can’t be cracked. Plus it’s open source and available for multiple operating systems. And oh yes, the code has been gone over carefully by crypto experts looking for holes or weaknesses and none have been found.

Let Zimmermann explain why he wrote PGP.

Years before developing PGP, I was active in geopolitical issues. In the 1980s in Boulder, Colorado, I worked nearly full-time as a military policy analyst with the Nuclear Weapons Freeze Campaign, while still keeping my day job as a software engineer.

The world was a different place then. Reagan was in the White House, Brezhnev was in the Kremlin, FEMA was telling cities to prepare evacuation plans, and millions of people feared the world was drifting inexorably toward Nuclear War. A million Americans marched for peace in Central Park.

It was in that political climate, in 1984, that I saw the need to develop what would become PGP, both for protecting human rights overseas, and for protecting grassroots political organizations at home.

If you have the commercial version, sending and receiving encrypted messages is easy and simple. the free versions take a little more doing.

For the curious, PGP and other public key crypto works because, in the words of a math PhD, “it’s easier to multiply than divide”. To create the crypto keys, PGP multiplies two huge prime numbers to create a humunguous composite number. To crack PGP you’d have to factor this composite number into the two prime numbers. Did I mention the composite number can be 600 digits long? Factoring this is beyond the range of any known algorithm or computer.

But the user doesn’t have to bother with any of this, PGP works effortlessly and the commercial version plugs into many mail readers.

But let’s take it one step further. Rather than send a PGP message that any mail sniffer can tell is a PGP message (even if it can’t decrypt it), how about sending your message hidden so it’s not apparent it even is a message.

This is called steganography. It allows you to hide a message in a graphics file. The graphics image will look exactly the same too. Except there’s now a message hidden in it.

Download the free S-Tools from StegoArchive and run it on the image file in this posting, and you’ll see what I mean, as there is a message hidden in it. (The message is not encrypted. To find it, click ST-BMP, Open GIF file, Reveal file, No encryption.)

Remember, “no matter how paranoid you are, the bastards are always doing more than you think they are.” <grin>

No Comments »

Shiite militias attacks US forces. Many dead on both sides.

While Bremer mouths tough guy platitudes

“This will not be tolerated by the coalition, this will not be tolerated by the Iraqi people,” Paul Bremer, the head of the U.S.-led administration in Iraq, said in a statement on the Defense Department’s Web site after the Najaf attack. Protesters “crossed the line and they have moved into violence.”

Hello? What silly statements. “Crossed the line?” That line was crossed months ago, and the resistance and violence continues to escalate. ”Will not be tolerated by the Iraqi people?” Huh? Iraqis are the ones doing it.

What planet is this guy on? His Fox News view of the world is making things worse, not better.

Let’s set the way-back machine to directly after the invasion ended. The resistance started out with a few people throwing stones and has steadily increased in breadth and intensity since. The NY Times says what’s happening now is “a coordinated Shiite militia uprising against the American-led occupation.”

All our macho posturing and gittin’ tough are accomplishing less than nothing. Because the US doesn’t really have a plan, does it?

Good morning Vietnam.

Al-Qaida has little to do with this home-grown insurgency in Iraq. Heck, they don’t have to do anything. Our heavy-handed blundering does it for them, driving people to their side. But understanding this, then taking appropriate actions, requires an understanding there is a world beyond Texas, something that eludes the current inhabitants of the White House.

No Comments »