On Wed, 4 Oct 2000, Tom Vogt wrote:
>same problem here: how do you find out whether or not a message is
>encrypted?
Plaintext looks like plaintext. This isn't even a "real" problem,
once you look at the text produced by, eg, PGP, GPG, and whatever
else you allow on the system.
You don't even have to have a human look at it; a simple program
to count character distributions, character contacts, and line
lengths can identify something as being the legitimate output of
PGP, or whatever encryption program, with a margin of error so
flat it's only theoretical.
It would need to make a "profile" for PGP, another one for GPG,
etc -- then look at incoming messages to see if they match the
profile.
I mean, yeah, people could theoretically get stuff past it,
or it could theoretically bounce encrypted messages -- but
people can also theoretically guess a 128-bit encryption key
on the first try, and I wouldn't expect that to happen.
Ray
