On Thu, 16 Dec 2004 19:38, Derek Smithies wrote: > Now, how secure is speaking-freely? In fact, it is not that secure. > Sure, it is encrypted etc, but the PC itself is not secure. Not secure. > The police (or other interested parties) enter your house, disk image. > They go away, and find the secret key etc. How? The key-phrase is ( should be ) embedded in your brain and no-where else.
> Or they find the password > written down on a bit of paper on top of the keyboard. Yes yes, this is a > bit of an effort, but it is much much easier than using a cray computer > for 120 years. It has been rumoured, that given enough data, that the NSA can crack a RSA/PGP/GPG key in about 4 days. They have very powerful purpose-built machines specially for the purpose. > Alternatively, they cannot be bothered getting a disk image. They ring > up speaking-freely, There is no organization which holds keys to ring up. > and "execute a search warrant". In other words, they > get your password, and learn how to decrypt speaking-freely coms. The only way they can get your pass-phrase is to ask you for it, but that's a bit specious now that PGP has been cracked. http://speak-freely.sourceforge.net/ and http://www.speak-freely.org/ Although not exactly up to date and quite long, this link gives a nice overview of public key cryptography. http://cryptome.org/crypto97-ne.htm -- Sincerely etc., Christopher Sawtell
