RE: PGP 9.0

[<metajunkie () gmail com>]

The commercialization of PGP really wasn't all that silent, actually.

if you do a google search for pgp mcafee ca Zimmerman you'll dig up a
good amount of info.
http://www.google.com/search?hl=en&q=pgp+mcafee+ca+zimmerman

(you can read the facts there - or you can deal with my aging and
faulty memory below)

The product changed hands several times back around 2001 as I recall -
and quasi-back again later.  It was near the time that the RSA
algorithm's patent expired too (I got the "its just an algorithm"
t-shirt from RSA ;)

I think pgp.com now owns "most" but not all of the product again. (I
think McAfee or CA still owns the lower level stuff. I recall thinking
that what pgp.com didn't get was akin to what we often used back in
the days when coal-burning 486's were the most expensive items on the
market: a command line interface)

However, last I heard.  Phil Zimmerman (whom I supported back in the
1980's through various PGP BBS campaigns) is no longer "in line" with
the future direction of that company.  I'm not sure if there was a
reconciliation or not.  Reading an open email he posted on the topic,
at the time, I got the distinct feeling that privacy was at stake.

For what its worth... Whether it was his letter - or all the strange
fumes that tended to float around in the air back in those days (from
my roommates of course), a bit of paranoia set in about future
versions of the product.

IMHO GNUPG seems to be more in line with Phil Zimmerman's early
readme.txt that came with the first versions of PGP that I used. 
Whenever conducting a pen-test for a customer (or vulnerability or
risk assessment for that matter)- I always hold an education session
(if needed) regarding the use of encryption for the transmission of
the final reports, and exchange keys before the first kick-off
meeting.

meta meta,

           metajunkie


----Original Message-----

From: kuffya () gmail com [mailto:kuffya () gmail com]

Sent: Friday, January 06, 2006 3:58 AM

To: pen-test () securityfocus com

Subject: PGP 9.0

Hi list,

This topic is not really pen-test specific but I feel it is very often
relevant and I haven't seen it mentioned anywhere else. The question
is:

Whatever happened to the freeware version of PGP?? It seems that the
latest v9.0 is only offered as 'trial' from pgp.com. I searched
everywhere (pgpi.org mit's site etc) but noone has a freewere version
anymore (for windows).

Of course, if you insist you can find in the depths of the web copies
of pgp version 8, for free, and perfectly legal. And there is always
GnuPG so the situation is not desperate yet. I was just wondering if
anyone has any info on the topic ; has the app silently gone
commercial?

Thanks

S.

--
010101010101010101010101010101010
010101010101010101010101010101010
0101010101 Meta Junkie 101010101010
010101010101010101010101010101010
010101010101010101010101010100101