Slashdot Mirror

← Back to Stories (view on slashdot.org)

PGP 8.0 Beta Released

Posted by timothy on from the pretty-okay-news dept.

James Evans writes "With a release date seemingly scheduled in December, the new PGP Corporation has today released PGP 8.0 Beta. It features Smart Card functionality, Unicode support, Novell Groupwise support, among other things. A Mac OS X Beta is out as well, also with a robust feature set. One word of caution however: On Friday, December 6th, 2002, the beta will expire, at which time access to encrypted data will be prevented."

10 of 122 comments (clear)

  1. There will be a free version by pope+nihil · · Score: 5, Informative

    Before everyone gets too riled up, take a look at their web page. They will be releasing a free version of PGP that will do e-mail, files, and instant messaging. This is a BETA and you shouldn't be using the beta after the final version is released.

  2. Do-do heads by cerenyx · · Score: 5, Informative

    I don't think you guys are reading the website correctly, or understanding what is going on. The release is a BETA one, i.e. it is for testing purposes only: access to encrypted data expires after two months possibly because in later BETAs and perhaps the final version, changes might be made that would render the encrypted data incompatible with the final version; and also because they do not want you to go on using the beta after the final version is released.

    Of course, to look at it from this perspective, it might be a ploy on their part so that people don't get away without paying by simply using the beta instead of paying for the final version: but coming from a closed-sourced, profit-making company, that seems like a typical, perhaps even rational thing that they might do.

    So whats the hullabaloo all about?

  3. Smart Card support with GnuPG? by unixmaster · · Score: 4, Informative

    Did a fast googling and found that its already supported :)
    See http://www.opensc.org/

    GnuPG is a better choice for *nix users because it can be used
    from KDE or in your console mail client mutt,pine etc :)

    --
    Never learn by your mistakes, if you do you may never dare to try again
  4. You will not lose your data by Pascal+of+S · · Score: 5, Informative
    Just to put a couple of items straight, after the Beta expires, your data WILL NOT BE LOST. That is, if you do what you should do and backup your keys. It is only the beta program that will not work anymore. PGP keys can be freely interchanged between versions, heck, even accross platforms if you are a bit careful.


    That is precisely what is meant by 'plan accordingly', it could have been worded more carefully though. This beta in not meant for the people who are freaking out in this discussion and say 'watch out, it's a lock in', 'they are trying to screw you!'. As with any beta, people experienced with the product are the prefered beta testers, and they have received the beta, which incidentally has been out since last Thursday, pretty well. There were some glitches upgrading from previous versions, but by what I hear it's pretty good.


    For those still interested, I recommend you grab copy and pound on it. After the beta expires you can decide to buy it if you like it or move your keys over to GnuPG and still have access to all your data and friends.

  5. Not so. by haeger · · Score: 4, Informative
    Are you drunk?
    There are PGP for a number of platforms.
    The international version (for ppl outside of US) are here.
    Download PGP

    .haeger

    --
    You are not entitled to your opinion. You are entitled to your informed opinion. -- Harlan Ellison
  6. Re:GPG vs PGP by DrXym · · Score: 5, Informative
    GPG is a command line tool. If you want to put a UI on it it involves the very sucky process of constructing a command line with the arguments for the action you wish to perform, invoking gpg and parsing the results. In short it is a big pain in the butt and error prone and is seriously hampering its adoption. If the gpg folks had any sense they would release an LGPL library version of it. The reasons for not releasing it as a lib (even a GPL one) in their faq are just plain wrong.


    PGP comes with some lovely UI tools and a library for developing more. Speaking from experience of the Win32 impl, the integration with the shell is extremely handy, with encrypt/decrypt/sign options in context menus for example. The PGPDisk utility was also awesome though it doesn't work on XP - hopefully 8.0 will fix that.

  7. Re:GPG vs PGP by Plug · · Score: 4, Informative

    An interface. And corporate support. (Some might say a lack of RMS is a good selling point in itself.)

    There are some wrappers for GPG, which is solely a command line utility. The Windows Privacy Tray is quite good.

    However, one of the terms of sale of PGP IIRC was that there would always be a 'freeware' edition available, and that is definitely the case with PGP 8.0. This will be the first release that correctly supports Windows XP.

  8. Re:PGPfone by Raetsel · · Score: 5, Informative

    PGPfone still exists. It's not only an IP telephony solution, one can also have two computers dial each other directly and have an encrypted conversation. It was for the severely paranoid; not originally intended as a way to bypass long distance charges, this was intended, first and foremost, for security.

    A quick Google search turns up this MIT site as the first hit, which has pointers to where the program can be found. They're still listing version 1.0 beta 2, not changed since July 11, 1996! (I never saw that much interest in it...) People know there are so many ways to compromise /eavesdrop on a conversation, and a computer (even a laptop) is a bulky way to make a phone call.

    (God, look at how much cellphone tech has changed in 6+ years!)

    The PGPi site lists a PGPfone version 2.1 (Windows and Mac), but notes that NAI has the rights to it:

    "PGPfone 2.x is a commercial product, but NAI has shown no interest in it, so it is probably O.K. to use it anyway."
    I imagine the PGP Corporation owns that now -- did they get everything PGP-related from NAI?

    I think you're right, though. There's OpenSSL -- heck, there's OpenSSH, too! Set up a heavily-encrypted tunnel, run your favorite VoIP program through that. Since you have to worry about your computer being trojan-free in either case (both software and hardware), you can use a program that's a lot more mature than PGPfone.

    --

    "...America's great minds of today, teaching America's great minds of tomorrow. Poor bastards." -- A Beautiful Min
  9. Re:GPG vs PGP by Zeinfeld · · Score: 5, Informative
    The PGPDisk utility was also awesome though it doesn't work on XP - hopefully 8.0 will fix that.

    XP Pro comes with integrated disk encryption. Come to that Outlook Express, Lotus and Netscape email have had encryption for 5 years now.

    The real problem with secure email is that none of the spec ever had a solution for locating encryption keys.

    One of the things we have been pushing lately is the idea that every ISP should set up an XKMS locate service to act as a key repository. The XKMS service would be linked to the DNS via a DNS SRV record.

    So that if you want to send a message to Alice@slashdot.org you first look up _XKMS_SOAP_HTTP._TCP.slashdot.org, that gives you an XKMS service locate.slashdot.org. You then send a message to locate.slashdot.org to locate a key for alice@slashdot.org via either S/MIME or PGP. The service returns the untrusted key which can be validated by a variety of means (e.g. a local XKMS validate service).

    Back in the mists of PKI time people thought that X.500 or LDAP would do this function. Problem being that X.500 has never been viable as a global infrastructure. Trying to propose a similar feature using LDAP ended up in the weeds because the LDAP mafia thought that we were trying to help them with the great conversion to replace DNS with LDAP...

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  10. I'm more worried about the EULA... by wirelessbuzzers · · Score: 5, Informative

    Paragraph 3:

    YOU HEREBY EXPRESSLY CONSENT TO PGP'S PROCESSING OF YOUR PERSONAL DATA (WHICH MAY BE COLLECTED BY PGP OR ITS DISTRIBUTORS)...

    Remind again me why I want that feature in my crypto software...

    And it's not open source anymore... so you can't really tell what they're sending...

    --
    I hereby place the above post in the public domain.