Annoy the NSA

I don’t know how familiar you might be with PGP. A brief history can be found here.

Essentially, PGP is bulletproof encryption for your web communications. It’s .gov strength message security for everyday folks. There was a big stink back in 1997 or so, when the NSA lobbied congress to ban it, and back then you used to have to go through all sorts of hoops to download it, including having to promise that you weren’t living in Afghanistan. Also, the creator of PGP was harassed by the government and threatened with jail time:

Shortly after its release, PGP found its way outside the US, and in February 1993 Zimmermann became the formal target of a criminal investigation by the US Government for “munitions export without a license”. Cryptosystems using keys larger than 40-bits were then considered munitions within the definition of the US export regulations; PGP has never used keys smaller than 128 bits so it qualified at that time. Penalties for violation, if found guilty, were substantial. The investigation of Zimmermann was eventually closed without filing criminal charges against him or anyone else.

The attempts by Congress to ban the product failed, and then some company bought the rights to what had (up to that point) been free and readily available (coincidence?).

In December, 1997 PGP Inc. was acquired by Network Associates, Inc. Zimmermann and the PGP team became NAI employees. NAI continued to pioneer export through software publishing, being the first company to have a legal export strategy by publishing source code. Under its aegis, the PGP team added disk encryption, desktop firewalls, intrusion detection, and IPsec VPNs to the PGP family. After the export regulation liberalizations of 2000 which no longer required publishing of source, NAI stopped releasing source code, over the PGP team’s objection. There was consternation amongst PGP users worldwide at this and, inevitably, some conspiracy theories as well.
In early 2001, Zimmermann left NAI. He served as Chief Cryptographer for Hush Communications, who provide an OpenPGP-based email service, Hushmail. He has also worked with Veridis and other companies.
In October, 2001, NAI announced that its PGP assets were for sale and that it was suspending further development of PGP. The only remaining asset kept was the PGP E-Business Server (the original PGP Commandline). In February 2002, NAI cancelled all support for PGP, with the exception of the re-named commandline product. NAI (now McAfee) continues to sell and support the product under the name McAfee E-Business Server.

Suddenly you had to pay for it, and then it was never ported to OS X (as far as I am aware) and it sort of fell off of my radar.

Recently, I discovered the GnuPG project.

There is an OS X port and a plug-in for Mail.app.

Here is a Windows tutorial. You should all be using it, especially you retired mil. guys who oppose the war, since you’re the Voice of Credibility on this Iraq thing, and you know that the Bushistas have it in for you. You know who you are.

My public key can be downloaded here. (right-click, “save as…” then Import into the GPG key manager.)

Just do it. I wanna see some encrypted emails before the end of the day.

Leave a Reply

Your email address will not be published. Required fields are marked *