On Thu, 16 Dec 2004 19:38, Derek Smithies wrote:
> Now, how secure is speaking-freely? In fact, it is not that secure.
> Sure, it is encrypted etc, but the PC itself is not secure. Not secure.
> The police (or other interested parties) enter your house, disk image.
> They go away, and find the secret key etc.
How? The key-phrase is ( should be ) embedded in your brain and no-where else. 

> Or they find the password 
> written down on a bit of paper on top of the keyboard. Yes yes, this is a
> bit of an effort, but it is much much easier than using a cray computer
> for 120 years.
It has been rumoured, that given enough data, that the NSA can crack a 
RSA/PGP/GPG key in about 4 days. They have very powerful purpose-built 
machines specially for the purpose.

> Alternatively, they cannot be bothered getting a disk image. They ring
> up speaking-freely,
There is no organization which holds keys to ring up.

> and "execute a search warrant". In other words, they 
> get your password, and learn how to decrypt speaking-freely coms.
The only way they can get your pass-phrase is to ask you for it,
but that's a bit specious now that PGP has been cracked.

http://speak-freely.sourceforge.net/
and
http://www.speak-freely.org/

Although not exactly up to date and quite long, this link gives 
a nice overview of public key cryptography.
http://cryptome.org/crypto97-ne.htm

-- 
Sincerely etc.,
Christopher Sawtell

Reply via email to