Truly Trulymail
Square Grouper
Good.
al
> www.trulymail.com
>
> Good.
Looks fairly interesting, but I'd like a lot more info on who they are....
Ari Silverstein
I have had one of My Boyz send them an email inviting them to tell us.
--
Good luck for good weather! Clean-up coordinator @ email =
arm...@aol.com to volunteer or additional information.
http://marykunzgoldman.com/2008/05/cheap-food-aisle-1.html
http://ja-jp.facebook.com/people/Ari-Silverstein/857050712
TrulyMail Support
I'm John from TrulyMail Support. What would you like to know about us?
The short version is that we are a Chilean company and we offer a
secure, powerful, easy-to-use, email client which includes
automatically encrypted messages between TrulyMail users (and optional
encryption between email users) along with many other features. Our
system is quite rich and you can read more about it here:
http://trulymail.com/Features.aspx
Ari Silverstein
Thanks for the info, John.
What is you and your companies background in delivering and
implementing encryption?
Who is "John", who are the investors, management and directors of
Trulymail?
--
“Looking Above and Beyond the Ramp: A Study of Buffalo Students’
Attitudes toward Alternative Modes of Transportation"
Dan Goodman
> > Looks fairly interesting, but I'd like a lot more info on who
> > they are....
>
> I'm John from TrulyMail Support. What would you like to know about
> us?
Is it freeware?
> The short version is that we are a Chilean company and we offer a
> secure, powerful, easy-to-use, email client which includes
> automatically encrypted messages between TrulyMail users (and
> optional encryption between email users) along with many other
> features. Our system is quite rich and you can read more about it
> here: http://trulymail.com/Features.aspx
--
Dan Goodman
"I have always depended on the kindness of stranglers."
Tennessee Williams, A Streetcar Named Expire
Journal dsgood.dreamwidth.org (livejournal.com, insanejournal.com)
occam
> TrulyMail Support wrote:
>
>>> Looks fairly interesting, but I'd like a lot more info on who
>>> they are....
>>
>> I'm John from TrulyMail Support. What would you like to know about
>> us?
>
> Is it freeware?
>
From its web page (my emphasis >> <<)
" What is TrulyMail?
TrulyMail is an email client (we think it is the best one around)
TrulyMail is a private messaging system (replace email messages with
TrulyMail messages and get the extra benefits of automatic encryption
and a lot more)
>>TrulyMail is FREE and runs on Windows XP and later <<
Download TrulyMail and see for yourself why it is "Truly better than
email™""
TrulyMail Support
> Is it freeware?
Yes, TrulyMail is free. In our upcoming TrulyMail 3.0 we will start
offering some services (for a small fee) which will make your
experience even better. The free version will continue and be even
better in TrulyMail 3.0.
Ari Silverstein
Thanks for the info, John.
What is you and your companies background in delivering and
implementing encryption?
Who is "John", who are the investors, management and directors of
Trulymail?
--
Talk about F-Cars - www.ferrarichat.com/forum/member.php?u=89702
TrulyMail Support
> Thanks for the info, John.
>
> What is you and your companies background in delivering and
> implementing encryption?
TrulyMail (the company) has been around a short time (two years). Our
products include the TrulyMail Client and related TrulyMail services
(encrypted, private messaging, for example). We have been offering
these products for about two years now.
> Who is "John", who are the investors, management and directors ofTrulymail?
I am John (though, I am not the only one here named John). The
identities of our investors is not public information. Is this
something that is important for you to know? If so, may I ask why?
Mr. B
> On Mon, 30 Aug 2010 21:50:58 -0700 (PDT), TrulyMail Support wrote:
>
>>> Looks fairly interesting, but I'd like a lot more info on who they
>>> are....
>>
>> I'm John from TrulyMail Support. What would you like to know about us?
>>
>> The short version is that we are a Chilean company and we offer a
>> secure, powerful, easy-to-use, email client which includes
>> automatically encrypted messages between TrulyMail users (and optional
>> encryption between email users) along with many other features. Our
>> system is quite rich and you can read more about it here:
>> http://trulymail.com/Features.aspx
1. Where is the source code? It would be nice if we could see what you mean
when you say "strong key encryption."
2. Why should we use this when we can already send encrypted email, and when
we have been doing so for a long time now? What exactly does your software
bring to the table, and why should we sacrifice compatibility with existing
cryptosystems?
-- B
Nomen Nescio
Some additional questions (you know how suspecious we are in this
group:-)).
1. Is the service free? I can't see anything about cost. If free,
do you intend to start charging in the future?
2. Your website is in English only. Seems strange for a company
located in Chile.
3. What is the encryption you are using?
TrulyMail Support
TrulyMail Support
> group:-)).
You are always welcome to ask. I will answer what I can.
> 1. Is the service free? I can't see anything about cost.
Yes, all existing TrulyMail services are free. Our TrulyMail Client is
also free.
> If free,
> do you intend to start charging in the future?
We will not charge for what we currently give away for free. However,
we will be offering additional services which will require a small fee
to use. Think of it like Skype: You get some services for free and
some you pay for.
> 2. Your website is in English only. Seems strange for a company
> located in Chile.
This is not a question.
> 3. What is the encryption you are using?
We use both synchronous and asynchronous encryption. We use 4096 bit
keys which we feel is strong enough for now.
Ari Silverstein
If you're dealing with security products, especially without open
source coding, /who/ you are and your background is extremely
important.
The fact that you ask this question is startling.
And informative.
Ari Silverstein
>> 2. Your website is in English only. Seems strange for a company
>> located in Chile.
>
> This is not a question.
And your answer is not an answer.
Clue: If you are going to be a serious player in encrypted
technologies, acting in seclusion and secrecy is going to run against
any hopes for respectability and credibility.
Only buffoons and morons will be your clientele.
--
9ec4c12949a4f31474f299058ce2b22a
TrulyMail Support
not working as I expected >>>
> 1. Where is the source code? It would be nice if we could see what you mean
> when you say "strong key encryption."
TrulyMail is not open-source (at least not at this time). Accordingly,
our source code is not available to the public. If you would like to
audit our source code, we would be happy to show you some key parts of
it if you are ever in Santiago.
For us, strong-key means 4096-bit keys. That's quite a bit higher than
what is offered by PGP and others.
> 2. Why should we use this when we can already send encrypted email, and when
> we have been doing so for a long time now?
If you have a system you like, keep using it. We feel there are plenty
of users who do not encrypt now who should and will, if we make it
easy enough for them.
> What exactly does your software
> bring to the table, and why should we sacrifice compatibility with existing
> cryptosystems?
While we think we bring a lot to the table (see our features page on
our website: http://trulymail.com/Features.aspx) we also understand
that there are users who prefer to stick to the systems they already
know.
You have a choice. We think we are a great choice but it all depends
on your needs.
Ari Silverstein
> <<< my apologies if this post gets repeated, the reply function was
> not working as I expected >>>
>
>> 1. Where is the source code? It would be nice if we could see what you mean
>> when you say "strong key encryption."
>
> TrulyMail is not open-source (at least not at this time). Accordingly,
> our source code is not available to the public. If you would like to
> audit our source code, we would be happy to show you some key parts of
> it if you are ever in Santiago.
*LOL*
What a crock.
> For us, strong-key means 4096-bit keys. That's quite a bit higher than
> what is offered by PGP and others.
If your implementation sucks, it doesn't matter if you have 400,096
megabit keys.
>> 2. Why should we use this when we can already send encrypted email, and when
>> we have been doing so for a long time now?
>
> If you have a system you like, keep using it. We feel there are plenty
> of users who do not encrypt now who should and will, if we make it
> easy enough for them.
> You have a choice. We think we are a great choice but it all depends
> on your needs.
I chose to pass.
Quickly, completely and what may be forever.
--
"You can't trust code that you did not totally create yourself"
Ken Thompson "Reflections on Trusting Trust"
TrulyMail Support
> On Tue, 31 Aug 2010 06:17:30 -0700 (PDT),TrulyMailSupport wrote:
> >> 2. Your website is in English only. Seems strange for a company
> >> located in Chile.
>
> > This is not a question.
>
> And your answer is not an answer.
>
> Clue: If you are going to be a serious player in encrypted
> technologies, acting in seclusion and secrecy is going to run against
> any hopes for respectability and credibility.
>
> Only buffoons and morons will be your clientele.
I had in no way intended to hide anything in my response. I think open
conversations are great. That said, one cannot answer a statement. I
could guess at what the real question is (are we really in Chile; why
is our website in English; is our use of English-only accidental;
etc.) but that would be me putting my questions into your mouth and
that just doesn't seem appropriate to me.
I do feel your response was a bit harsh but this is not a place to
critique communication style.
I will list what you might have intended to ask and if I get it right,
great. If not, I hope you will ask a clear question.
a) We are really in Chile.
b) We did choose English on purpose.
c) If we were targeting only Spanish speakers, then we would have
created everything in Spanish. However, we recognize that English is
the main international language and that is what we use here. English
is quite common here in Chile amongst the highly educated. Since we
are targeting the people of the world, English seems a more reasonable
language than Spanish.
There are plenty of companies based in countries where English is not
the official (Switzerland, Germany, etc.) who focus their
communications on English for the same reasons we do.
Now, if I may, why does it seem strange to you that our website is in
English? It helped you to learn more about us, did it not? If it did,
then it has served us well.
TrulyMail Support
> source coding, /who/ you are and your background is extremely
> important.
I guess it all depends on who we are targeting as our customer. For
John Q. Public to choose a system to keep his private messages
private, does he care about who made Thunderbird+GPG+Enigmail or who
made TrulyMail?
I believe he does not. I believe his primary concern is how to keep
his private communications private without spending a day getting
three pieces of software installed, setup, and configured to
interoperate. Of course, the easier path for him is to use TrulyMail,
click the Next button a few times, and have everything done
automatically.
You are clearly a very detail-oriented person. You want to know
everything about whatever topic you dig into. There is nothing wrong
with that. There are many open source systems out there which allow
you to go through the code line-by-line and you can see everything it
does.
We are not that kind of company. We are a 'bring secure, convenient
communications to the masses' kind of company.
Different fits for different people.
TrulyMail Support
> > it if you are ever in Santiago.
>
> *LOL*
>
> What a crock.
It is clear that you would be best served by an open-source solution.
If you believe everyone is best served by the same thing, you should
hear some horror stories of our users about trying to get encrypted
email to work when they used GPG and their broker used PGP. The short
version is that in the end, they gave up and used clear-text email -
far less than ideal.
> If your implementation sucks, it doesn't matter if you have 400,096
> megabit keys.
You're welcome to try to decrypt our messages. I'll buy you a nice
dinner if you can do it.
> I chose to pass.
You get to. Good luck to you, sir.
Nomen Nescio
> 2. Your website is in English only. Seems strange for a company
> located in Chile.
> This is not a question.
> And your answer is not an answer.
You just beat me in making this reply! If this was a reply from
a salesman to me, he would have just sealed the loss of the sale.
Mr. B
>> 3. What is the encryption you are using?
>
> We use both synchronous and asynchronous encryption. We use 4096 bit
> keys which we feel is strong enough for now.
Perhaps you could shed some light on which ciphers you use? The more I read
your posts, the more I think you are another snake-oil salesman.
-- B
Ari Silverstein
>> If you're dealing with security products, especially without open
>> source coding, /who/ you are and your background is extremely
>> important.
>
> I guess it all depends on who we are targeting as our customer. For
> John Q. Public to choose a system to keep his private messages
> private, does he care about who made Thunderbird+GPG+Enigmail or who
> made TrulyMail?
>
> I believe he does not. I believe his primary concern is how to keep
> his private communications private without spending a day getting
> three pieces of software installed, setup, and configured to
> interoperate. Of course, the easier path for him is to use TrulyMail,
> click the Next button a few times, and have everything done
> automatically.
Let me translate. You want newbies, dumbasses and those with no
education in anything cryptology to guy into your product.
OK, at least we have your marketing plan down.
> You are clearly a very detail-oriented person. You want to know
> everything about whatever topic you dig into. There is nothing wrong
> with that. There are many open source systems out there which allow
> you to go through the code line-by-line and you can see everything it
> does.
Hardly detail oriented. Examining open source code isn't my cop of tea
either.
But I do believe in peer review and your rather flippant attitude "see
you in Santiagoe" toward your code is utter bullshit.
But, hey, there is a large market for morons who will trust their
privacy with people like you so have at it. Expect to get zero
credibility from anyone has any teensy bit of workable knowledge
regarding encryption.
> We are not that kind of company. We are a 'bring secure, convenient
> communications to the masses' kind of company.
You're a bring the bucks to John kinda company who hides behind single
names and averts the honest intentions of prying eyes.
> Different fits for different people.
Most certainly but you can have your profits and your credibility as
well. For whatever reason, none of which I can think of that is either
honest or straightforward, Trulymail has decided to take the lowest of
low roads.
The only reasons you would do so are:
1) Trulymail is comprised of a set of waffling imbeciles.
2) You're crooked
You see, transparency is the lifeblood of professional cryptology. The
breast that feeds its reliability and innocence. You guys are as
valuable as a tit on a boy pig.
Now you are exposed which is a good thing for everyone including you.
Repent. Turn away from the Dark Side.
This "trust us, we're really good guys" is a bunch of hocus-pocus BS,
it demeans you and it demeans your products.
Remember Allende.
--
Ari's Fun Times!
http://tr.im/hrFG
Motto: Run, rabbit, Run!
Ari Silverstein
> On Aug 31, 8:44 pm, Ari Silverstein <AriSilverst...@yahoo.com> wrote:
>> On Tue, 31 Aug 2010 06:17:30 -0700 (PDT),TrulyMailSupport wrote:
>>>> 2. Your website is in English only. Seems strange for a company
>>>> located in Chile.
>>
>>> This is not a question.
>>
>> And your answer is not an answer.
>>
>> Clue: If you are going to be a serious player in encrypted
>> technologies, acting in seclusion and secrecy is going to run against
>> any hopes for respectability and credibility.
>>
>> Only buffoons and morons will be your clientele.
>
> I had in no way intended to hide anything in my response. I think open
> conversations are great. That said, one cannot answer a statement. I
> could guess at what the real question is (are we really in Chile; why
> is our website in English; is our use of English-only accidental;
> etc.) but that would be me putting my questions into your mouth and
> that just doesn't seem appropriate to me.
It's Usenet.
What is appropriate is this discussion. Or lack of one. You want to
dance around direct questions or offer flippant responses to
professional inquiry. Yes, that is tissue paper hanging from your
shoe.
> I do feel your response was a bit harsh but this is not a place to
> critique communication style.
Harsh it was an intended to be. I get my knickers in a wad anytime I
see people who want to play at privacy, make ostentatious claims about
their products and refuse to offer any reasonable details as to basis
for those claims. Call me old fashioned. Call me an asshole. I could
care less.
It's not me who is hiding behind a Harry Potter Invisibility Cloak and
shouting "No problems, trust me."
> I will list what you might have intended to ask and if I get it right,
> great. If not, I hope you will ask a clear question.
>
> a) We are really in Chile.
How do we know? Because you say so? Ain't flying.
> b) We did choose English on purpose.
> c) If we were targeting only Spanish speakers, then we would have
> created everything in Spanish. However, we recognize that English is
> the main international language and that is what we use here. English
> is quite common here in Chile amongst the highly educated. Since we
> are targeting the people of the world, English seems a more reasonable
> language than Spanish.
>
> There are plenty of companies based in countries where English is not
> the official (Switzerland, Germany, etc.) who focus their
> communications on English for the same reasons we do.
>
> Now, if I may, why does it seem strange to you that our website is in
> English? It helped you to learn more about us, did it not? If it did,
> then it has served us well.
Blitherings aside, it might as well be in Yiddish except of course
that Jews don't trust much of anyone.
Certainly not those with Harry Potter Syndrome.
Picking this issue (English v.s Yiddish) is a nice dodge but the
bottom line is this.
Maybe you will make money, maybe you won't. But until you come clean,
you will *never* have the credibility that an honest, open and
concerned cryptology company would desire.
I suggest that you could care less.
P.S. Don't even think about trying to sell to the US Gov't, DoD or any
of the intertwined military-intelligence agencies. They /really/ frown
on foreign nationals who play at such serious business.
--
9ec4c12949a4f31474f299058ce2b22a
Ari Silverstein
>>> ...we would be happy to show you some key parts of
>>> it if you are ever in Santiago.
>>
>> *LOL*
>>
>> What a crock.
>
> It is clear that you would be best served by an open-source solution.
> If you believe everyone is best served by the same thing, you should
> hear some horror stories of our users about trying to get encrypted
> email to work when they used GPG and their broker used PGP. The short
> version is that in the end, they gave up and used clear-text email -
> far less than ideal.
Oh I see so the alternative is to "trust you" and your Wizard of Oz
act behind your curtain?
Har.
You could be a honeypot, a NSA/CIA front company, a terrorist node and
a whole lot of other much nastier things than a clear text email
provider.
>> If your implementation sucks, it doesn't matter if you have 400,096
>> megabit keys.
>
> You're welcome to try to decrypt our messages. I'll buy you a nice
> dinner if you can do it.
I won't be in Santiago anytime soon. Offer rings as hollow as your
unknown implementation of this "encryption" you have.
>> I chose to pass.
>
> You get to. Good luck to you, sir.
None to you.
--
Just Say Now!
http://firedoglake.com/justsaynow
TrulyMail Support
> > On Tue, 31 Aug 2010 06:17:30 -0700 (PDT),TrulyMailSupport wrote:
> > 2. Your website is in English only. Seems strange for a company
> > located in Chile.
> > This is not a question.
> > And your answer is not an answer.
>
> You just beat me in making this reply! If this was a reply from
> a salesman to me, he would have just sealed the loss of the sale.
OK, please let me publicly apologize. It was never my intention to
snub anyone here. My point was simply that it is easier to answer
clear questions. Clearly I was inappropriate in my response and I hope
you will forgive me.
B℮ar Bottoms
> If you would like to
> audit our source code, we would be happy to show you some key parts of
> it if you are ever in Santiago.
I often fly down to South America.
How about next Tuesday?
--
B℮ar Bottoms
B℮ar Bottoms
> Don't even think about trying to sell to the US Gov't, DoD or any
> of the intertwined military-intelligence agencies. They /really/ frown
> on foreign nationals who play at such serious business.
We will see. I say, see you next Tuesday Silverstein. Who needs to sell to
the government? I have friends who will pay big for the right service.
--
B℮ar Bottoms
Mr. B
> OK, please let me publicly apologize. It was never my intention to
> snub anyone here. My point was simply that it is easier to answer
> clear questions. Clearly I was inappropriate in my response and I hope
> you will forgive me.
OK, here is a clear question for you, which you keep avoiding: which
ciphers does your software use?
-- B
Craig
> www.trulymail.com
>
> Good.
> Trustedbird is an email client based on Mozilla Thunderbird with
> several additional features:
>
> * Enhanced Security Services for S/MIME (RFC 2634)
> o Triple Wrapping: sign, encrypt, and sign again a message.
> o Signed Receipts
> o Security Labels
> * DSN (Delivery Status Notification) ⇒ the backend is now integrated
> in Mozilla Thunderbird 3.
> * SMTP PRIORITY extension
> * Secure Headers (for XIMFMAIL add-on)
> * SASL external (for XIMFMAIL add-on)
<http://www.trustedbird.org/tb/Documentation>
Better.
--
-Craig
TrulyMail Support
> > It is clear that you would be best served by an open-source solution.
> > If you believe everyone is best served by the same thing, you should
> > hear some horror stories of our users about trying to get encrypted
> > email to work when they used GPG and their broker used PGP. The short
> > version is that in the end, they gave up and used clear-text email -
> > far less than ideal.
>
> Oh I see so the alternative is to "trust you" and your Wizard of Oz
> act behind your curtain?
>
> Har.
>
> You could be a honeypot, a NSA/CIA front company, a terrorist node and
> a whole lot of other much nastier things than a clear text email
> provider.
Like my earlier post, clearly another apology is in order. My
intention was certainly not to offend (although, offending you is
likely impossible so I'll say my intetion was not to anger you). My
point was not that you can either trust us or go away. My point was
that any startup (I admit we are very new at only two years old) is
naturally protective of what they have. I know of firms who have had
Chinese hackers literally simply rebrand something which took a
significant amount of energy (and money) to produce. So, now there is
a competitor there with zero development costs (save the hacking
costs). That's tough (and a reminder to be cautious).
It is important to us that we don't end up down that road. Handing out
source code for everyone to see, rebrand, recompile, and redistribute
on a whim seems not to be the best way to ensure a company has a
future. That said, we do understand the need for others to see what we
are doing in order to be confident enough to trust out products.
We have chosen to err on the side of caution but if someone wants to
see, they are welcome.
My saying that we would expose key parts was not intended to convey
that we will keep some parts secret. The intention was that we will
expose whatever you want to see about the encryption, if you are
concerned about the encryption.
>
> >> If your implementation sucks, it doesn't matter if you have 400,096
> >> megabit keys.
>
While I, personally, don't have a background in cryptography, I do
understand software. Our software is built on components, like most
software today. Our TrulyMail client is built using Microsoft's .Net
and our encryption uses their cryptographic library using the Rijndael
algorithm (PROV_RSA_AES cryptographic service provider). We use a 4096-
bit key, as mentioned earlier.
Since we did not write the encryption algorithm, it didn't seem
relevant to give names and cryptographic backgrounds of everyone at
the company.
I don't believe you asked for my last name but if I misread your
question, here is the answer. My name is John Andre. I have two
decades experience in developing software using Microsoft technologies
for various companies around the world (including in the Chile, US,
Austria, Switzerland, and others).
I might be new to cryptography (and out of touch with the culture of
extreme openness) but I do understand the need for privacy in an easy-
to-use manner. I don't believe that only people who can configure
complex software have the right to privacy. I believe that everyone
deserves it and we're producing software to give that to them.
We're now getting into personal philosophies and that was clearly not
asked about so I will try to restrict this tangent.
Again, to summarize, I apologize for my erring on the side of secrecy.
TrulyMail was created because of the basic belief that freedom goes
hand in hand with privacy.
Now, feel free to rip into it.
TrulyMail Support
> On Tue, 31 Aug 2010 07:07:27 -0700 (PDT),TrulyMailSupport wrote:
> > If you would like to
> > audit our source code, we would be happy to show you some key parts of
> > it if you are ever in Santiago.
>
> I often fly down to South America.
>
> How about next Tuesday?
I'm not free on Tuesday but I'm free that Friday. Will that work for
you?
TrulyMail Support
For some reasons, some of my responses don't get listed here. Anyway,
let me answer again: We use the Rikndael cipher. I wrote more detail
in another response but if something is still unclear, please let me
know and I will clarify.
I'm really not a snake-oil salesmen and I'm happy to show you whatever
you need to see.
TrulyMail Support
Rijndael cipher is what my fat fingers were trying to type.
Mr. B
> Like my earlier post, clearly another apology is in order. My
> intention was certainly not to offend (although, offending you is
> likely impossible so I'll say my intetion was not to anger you). My
> point was not that you can either trust us or go away. My point was
> that any startup (I admit we are very new at only two years old) is
> naturally protective of what they have. I know of firms who have had
> Chinese hackers literally simply rebrand something which took a
> significant amount of energy (and money) to produce. So, now there is
> a competitor there with zero development costs (save the hacking
> costs). That's tough (and a reminder to be cautious).
>
> It is important to us that we don't end up down that road. Handing out
> source code for everyone to see, rebrand, recompile, and redistribute
> on a whim seems not to be the best way to ensure a company has a
> future. That said, we do understand the need for others to see what we
> are doing in order to be confident enough to trust out products.
Well, you could always ask the people at this company:
> While I, personally, don't have a background in cryptography, I do
> understand software. Our software is built on components, like most
> software today. Our TrulyMail client is built using Microsoft's .Net
> and our encryption uses their cryptographic library using the Rijndael
> algorithm (PROV_RSA_AES cryptographic service provider). We use a 4096-
> bit key, as mentioned earlier.
See, this is the kind of information we wanted. You are using RSA and AES
as your ciphers. You are using Microsoft's implementation of those ciphers.
That information goes a long way.
> Since we did not write the encryption algorithm, it didn't seem
> relevant to give names and cryptographic backgrounds of everyone at
> the company.
No, but it is still good to know. Even using someone else' implementation
of a cipher can be problematic, if you do not know what you are doing. I
have seen cases of poor random number generation leading to a break. I have
seen people fail to use block chaining, or select the wrong block chaining
mode. I have seen programs that do not properly verify public keys. The
list of mistakes people can make even when they use a very good cipher
implementation is long.
> I might be new to cryptography (and out of touch with the culture of
> extreme openness) but I do understand the need for privacy in an easy-
> to-use manner. I don't believe that only people who can configure
> complex software have the right to privacy. I believe that everyone
> deserves it and we're producing software to give that to them.
Except that configuring PGP is not a complicated process. I have seen
people with almost no technical background successfully use PGP to encrypt
their email.
On the flip side, I have seen attempts to simplify email encryption backfire
horribly. Hushmail is a good example of this: Hushmail was created with
the same goal you have, to bring email encryption to the masses and to make
it easier to deal with. Hushmail uses PGP. Yet when a steroids dealer
tried to use Hushmail, the DEA showed up in court with 12 DVDs of emails
that the dealer had sent and received, all decrypted, because Hushmail's
method of making cryptography easier wound up making it much less secure.
-- B
nemo_outis
news:c7958a6d-3b24-47ba...@t5g2000prd.googlegro
ups.com:
...
> OK, please let me publicly apologize. It was never my
> intention to snub anyone here. My point was simply that it
> is easier to answer clear questions. Clearly I was
> inappropriate in my response and I hope you will forgive
> me.
There is no need for you to apologize to anyone - you have been
entirely forthcoming about your company and its products.
Moreover, you have shown the patience of a saint and remained
courteous even when repsonding to insulting confrontational
boors such as Ari.
I wish you and your company every success.
Regards,
nemo_outis
news:8e4l7d...@mid.individual.net:
> Harsh it was an intended to be. I get my knickers in a wad
> anytime I see people who want to play at privacy, make
> ostentatious claims about their products and refuse to
> offer any reasonable details as to basis for those claims.
> Call me old fashioned. Call me an asshole. I could care
> less.
You are an old-fashioned asshole, Ari, an asshole with a very
long track record. You are a man who has accomplished nothing
and who instead belittles and harrasses anyone who has.
You could care less, you say? Wonderful, because that creates a
marvellous symmetry - no one else cares what *you* have to say
except your sockpuppets.
al
I really believe that most of us in this newsgroup, after reading all
posts, have enough information to "pass" for now.
A MUCH improved and far more informative website might change a few
minds, but this discussion may have sunk the ship....
Mister2u
and post your website there.They also ask somewhat pointed questions
as well.
Caesar Romano
Re: Truly Trulymail:
I agree completely.
--
Work is the curse of the drinking class.
B℮ar Bottoms
Are you crazy? Look what happened last time I was late.
http://www.prorev.com/BARRY%20SEAL.jpg
--
B℮ar Bottoms
Ari Silverstein
>>> It is clear that you would be best served by an open-source solution.
>>> If you believe everyone is best served by the same thing, you should
>>> hear some horror stories of our users about trying to get encrypted
>>> email to work when they used GPG and their broker used PGP. The short
>>> version is that in the end, they gave up and used clear-text email -
>>> far less than ideal.
>>
>> Oh I see so the alternative is to "trust you" and your Wizard of Oz
>> act behind your curtain?
>>
>> Har.
>>
>> You could be a honeypot, a NSA/CIA front company, a terrorist node and
>> a whole lot of other much nastier things than a clear text email
>> provider.
>
> Like my earlier post, clearly another apology is in order. My
> intention was certainly not to offend (although, offending you is
> likely impossible so I'll say my intetion was not to anger you). My
> point was not that you can either trust us or go away. My point was
> that any startup (I admit we are very new at only two years old) is
> naturally protective of what they have.
Bzzzzzzt, Wrong. There are so many open source startups with
transparency in development and code that I couldn't count them all in
a month.
>I know of firms who have had
> Chinese hackers literally simply rebrand something which took a
> significant amount of energy (and money) to produce. So, now there is
> a competitor there with zero development costs (save the hacking
> costs). That's tough (and a reminder to be cautious).
I know who you are talking about and it was their own fault that their
DB dev got leaked.
You can prattle on, divert and point to others while your hand is in
the proverbial cookie jar but nothing has changed.
You make unsubstantiated claims using smoke and mirrors tomfoolery
while playing with people's privacy. This "trust us, we're good guys"
is total bullshit and you are going to get the customers you seek.
Total nitwits with no clue that you are pushing out product with no
intention of backing your claims except for your own deceptions.
So be it. That's your business model. But fer the love of Christ,
don't foist this line on people around these parts who have been
exposing and devouring scammers and bottomfeeders for years.
Take your blood money and run.
> It is important to us that we don't end up down that road. Handing out
> source code for everyone to see, rebrand, recompile, and redistribute
> on a whim seems not to be the best way to ensure a company has a
> future.
Jeez, what a idiotic thing to say, it's baseless and completely
untrue.
Just out of morbid curiosity, how do you even manage to get yourself
motivated to post? It can't be fun for you any more after making a
fool of yourself so many times, can it? In fact the last two days
have been so horrible for you, you could reply to without embarrassing
yourself so much even you can't stand it. Pretty sad considering your
lack of self respect but fully inline with your ehical code toeard
open and transparent privacy (none) and the blitherings of your
misleading website..
Seriously. Why do you bother? You can't honestly believe anyone sees
you as anything but a clown any more, can you? Don't you have
anything you could be doing that would be a bit less of a nightmare
for you, like burning yourself with lit cigarettes or finger painting
with your own feces?
> That said, we do understand the need for others to see what we
> are doing in order to be confident enough to trust out products.
>
> We have chosen to err on the side of caution but if someone wants to
> see, they are welcome.
As long as they hump it to Santiago on their nickel to see a "bit of
your code". Of course.
Are you daft? You actually believe this is a legitimate possibility
for a software audit or do you believe we are so damned stupid that
this joke of an offer will be seen as anything other than what it is.
A joke.
> My saying that we would expose key parts was not intended to convey
> that we will keep some parts secret. The intention was that we will
> expose whatever you want to see about the encryption, if you are
> concerned about the encryption.
Backpedal much? What, no dinner now? "Trust you", you say?
Unfortunately, most Usenet readers will think this is a lie -- merely
because it almost always is. This will be a problem for you if you're
being honest. And if you're not being honest, your stupidity will be a
problem for you.
Either way, no one is going to take you up on this and you know it.
It's disingenuous but, at least, your consistent in that way.
>>>> If your implementation sucks, it doesn't matter if you have 400,096
>>>> megabit keys.
>>
>
> While I, personally, don't have a background in cryptography,
Well, slick, then you haven't got an ounce of credibility anymore.
> I do
> understand software. Our software is built on components, like most
> software today. Our TrulyMail client is built using Microsoft's .Net
> and our encryption uses their cryptographic library using the Rijndael
> algorithm (PROV_RSA_AES cryptographic service provider). We use a 4096-
> bit key, as mentioned earlier.
Guess what we do. Build sofwtaer on >NET frameworks in military server
environments under the strictest sets od cryotgraphic standadrss.
UH-huh, yeppers, and now you are Trulymail *support*?
Wow. Man, you blew it. You have a LONG way to go before you can even
SEE 'up'. Should have started out open and honest from the start, too
bad. Too sad. You might be attacked for trying to sell your own
product, but you get CRUCIFIED for being deceptive about it.
Hint: Just fess up now, be done with it.
> Since we did not write the encryption algorithm, it didn't seem
> relevant to give names and cryptographic backgrounds of everyone at
> the company.
What company? Who are you? No crypto background because you just rely
on Microsoft's implementations in a sort of "slap it in there and
alrighty that's great" approach?
Then if that approach is so wonderfully sound
<snigger>
why not state exactly that on your website?
About Us: Trulymail has no one with a cryptographic background, we
shove together components and sell them. Trust us. We trust
Microsoft."
Doesn't that have a nice ringy-dingy to it? I release it to you with
no claim to copyright. It's yours.
Use it. It's the truth.
> I don't believe you asked for my last name but if I misread your
> question, here is the answer. My name is John Andre. I have two
> decades experience in developing software using Microsoft technologies
> for various companies around the world (including in the Chile, US,
> Austria, Switzerland, and others).
OK then put that on your website too. See how easy this is?
Transparency. Honesty. You don't have to put up your picture in case
your ugly either.
> I might be new to cryptography (and out of touch with the culture of
> extreme openness) but I do understand the need for privacy in an easy-
> to-use manner. I don't believe that only people who can configure
> complex software have the right to privacy. I believe that everyone
> deserves it and we're producing software to give that to them.
So you say. No proof, no pudding. Sorry.
> We're now getting into personal philosophies and that was clearly not
> asked about so I will try to restrict this tangent.
>
> Again, to summarize, I apologize for my erring on the side of secrecy.
> TrulyMail was created because of the basic belief that freedom goes
> hand in hand with privacy.
>
> Now, feel free to rip into it.
All I do is stand back and let you hang yourself. And supply the tree
and the rope of course.
--
9ec4c12949a4f31474f299058ce2b22a
Ari Silverstein
Ari Silverstein
Well Bottoms there are times I would much prefer to deal with you,
Debbie and the Bear crew than some of the dunderheads we have to screw
around with in the USGov.
Not many times.
Maybe only once to be truthful.
--
http://www.dwacon.com/images/melgibson.jpg
Ari Silverstein
> Ari Silverstein <AriSilv...@yahoo.com> wrote in
> news:8e4l7d...@mid.individual.net:
>
>> Harsh it was an intended to be. I get my knickers in a wad
>> anytime I see people who want to play at privacy, make
>> ostentatious claims about their products and refuse to
>> offer any reasonable details as to basis for those claims.
>> Call me old fashioned. Call me an asshole. I could care
>> less.
>
> You are an old-fashioned asshole, Ari, an asshole with a very
> long track record. You are a man who has accomplished nothing
> and who instead belittles and harrasses anyone who has.
All of which you of all people know is bullshit, Mr. Anonymousie.
Except the asshole part that is.
May I bring to your attention (get out your swatter and prepare to run
away like the coward you are, Mr. Anonymousie), that we discussed your
personal, paid involvement in one Fed Railroad emergency warning
system product development?
Hmmmmmmmmm?
Adn what was your answer, you flagellating Canuck?
"I'm retired".
Fuck off, we went ahead without you and put into play what is soon to
become a very robust warning system that will, can and shall save
lives and much serious injury. Made a few shekels at it too.
> You could care less, you say? Wonderful, because that creates a
> marvellous symmetry - no one else cares what *you* have to say
> except your sockpuppets.
Proof?
This from an anonymousie poster who hasn't the balls to come out of
hiding?
Har.
Btw, don't push your luck. I know exactly who you are. We vet before
we offer, my fine Canuckie friend.
Now don't you have some macaroni and cheese and an estranged wife to
look after?
Hmmmmmmm?
*<VVBG>*
P.S. Your hypocrisy regarding this subject of open and transparent
privacy is glaring but driven by your perpetual need to embarrass
yourself in your attempts to discredit me, you, like Trulymail, toss
aside all your own ethics and well established stands on these
matters. How pathetic of you. How very, very petty and fragile you
have become.
*Xpost reestablished you cowardized little freak of nature.*
Steve Terry
news:8e4kfp...@mid.individual.net...
> On Tue, 31 Aug 2010 07:48:47 -0700 (PDT), TrulyMail Support wrote:
> This "trust us, we're really good guys" is a bunch of hocus-pocus BS,
> it demeans you and it demeans your products.
>
>
Steve Terry
--
"I would like to plead for my right to investigate natural phenomena
without having guns pointed at me.
I also ask for the right to be wrong without being hanged for it."
- Wilhelm Reich, November 1947
Joseph Ashwood
news:f2cb3a1e-8968-48b6...@g21g2000prn.googlegroups.com...
> My
> point was not that you can either trust us or go away.
Very bad idea. Cryptography is extremely difficult to get right. The real
reason that every reputable company at least publishes their formats (and
many publish source code) is to get more eyes finding the problems. The
availability of the design data doesn't prevent an attacker from doing the
analysis, but the good guys will simply ignore you. This is the opposite of
the most desirable situation. By opening the design you are more likely to
get good guys to look over your design and point out mistakes.
> While I, personally, don't have a background in cryptography,
Then you need at least another 10 years before you're ready to release a
product. Sorry, but that really is how long it takes to develop the
capability.
> encryption uses their cryptographic library using the Rijndael
> algorithm (PROV_RSA_AES cryptographic service provider). We use a 4096-
> bit key, as mentioned earlier.
That is promising, but a quick glance at your website,
http://trulymail.com/ForgotPassword.aspx is absolutely moronic. No key, no
password, no data should ever be recoverable under uncontrolled
circumstances, and the controlled circumstances need significant analysis.
From there on, anything else you say is completely irrelevant, your design
is a complete security failure. TrulyMail is completely snake-oil.
Joe
za kAT
http://www.wilderssecurity.com/showthread.php?t=273862
--
za...@pooh.the.cat - Sergeant Tech-Com, DN38416.
Assigned to protect you. You've been targeted for denigration!
nemo_outis
You are completely full of shit, Ari, as usual.
The OP sells commercial software, closed source. You know,
Ari, like Microsoft, Apple, Norton, Adobe and a zillion
others.
He is trying to flog a product that will give greater email
privacy to general users. Not perfect privacy, not ultimate
security, just useful day-to-day better privacy. Not like the
tiny, tiny handful of knowledgeable folks who use stuff like
PGP or GPG - ordinary users.
PGP and GPG, no matter how interesting they are, are a failure
- they have totally failed to convert ordinary email users
from the postcard model of email with everything wide open.
As for open-source in cryptography, it is mostly a snare and a
delusion. Not evem Truecrypt, the darling of the open-
sourcers, has ever had a thorough review by a skilled crypto
practitioner willing to put his name to his work. And I defy
you to name Truecrypt's developers!
Nobody, and I mean nobody, is going to do a thorough review of
the source code of a commercial produuct like TrulyMail, even
if it were available. Open-source for it is a total red
herring, the kind of thing only assholes like you fasten upon.
The OP for TrulyMail got it exactly right - use it or don't.
It's not targeted at assholes like you, Ari.
Regards,
nemo_outis
>> Are you crazy? Look what happened last time I was late.
>>
>> http://www.prorev.com/BARRY%20SEAL.jpg
If only we were so lucky that this happened to you, Ari.
Regards,
nemo_outis
Anonymous? Me?
Shit, Ari, you're such an incompetent arsehole that you still
can't read a header. That's me right up there at shaw.ca for
the whole world to see.
As for your "Btw, don't push your luck. I know exactly who you
are" Say what you will, do what you will, Ari. Do your worst,
clown - I need a laugh.
As for your railroad app becoming available "real soon now" it's
vaporware like everythng else in your miserable pathetic little
life, Ari.
Regards,
Ari Silverstein
> "Ari Silverstein" <AriSilv...@yahoo.com> wrote in message
> news:8e4kfp...@mid.individual.net...
>> On Tue, 31 Aug 2010 07:48:47 -0700 (PDT), TrulyMail Support wrote:
> <snip>
>> This "trust us, we're really good guys" is a bunch of hocus-pocus BS,
>> it demeans you and it demeans your products.
>>
>>
> I trust them, nobody from Santiago or Nigeria would lie to us.
>
> Steve Terry
Excellent point.
lol
Ari Silverstein
> You
SWAT!
Ari Silverstein
>> While I, personally, don't have a background in cryptography,
>
> Then you need at least another 10 years before you're ready to release a
> product. Sorry, but that really is how long it takes to develop the
> capability.
I can personally and positively agree with that statement. We had to
hire 30+ years worth of established, vetted talent to get things
right.
--
9ec4c12949a4f31474f299058ce2b22a
Ari Silverstein
http://preview.tinyurl.com/2b6vlhu
For who Joseph Atwood is.
--
http://tr.im/1fa6
TrulyMail Support
> TrulyMailSupport <supp...@trulymail.com> wrote innews:c7958a6d-3b24-47ba...@t5g2000prd.googlegro
Thank you for your support.
TrulyMail Support
> On Tue, 31 Aug 2010 19:48:31 GMT, "nemo_outis" <a...@xyz.com> wrote Re
> Re: TrulyTrulymail:
>
>
>
> >news:c7958a6d-3b24-47ba...@t5g2000prd.googlegro
> >ups.com:
>
> >...
> >> OK, please let me publicly apologize. It was never my
> >> intention to snub anyone here. My point was simply that it
> >> is easier to answer clear questions. Clearly I was
> >> inappropriate in my response and I hope you will forgive
> >> me.
>
> >There is no need for you to apologize to anyone - you have been
> >entirely forthcoming about your company and its products.
> >Moreover, you have shown the patience of a saint and remained
> >courteous even when repsonding to insulting confrontational
> >boors such as Ari.
>
> >I wish you and your company every success.
>
> >Regards,
>
> I agree completely.
> --
> Work is the curse of the drinking class.
And thank you for your support.
nemo_outis
news:Gohfo.36956$6o7....@newsfe21.iad:
> Very bad idea. Cryptography is extremely difficult to get
> right.
Ask for the source code for Bitlocker. Ask for the source
code for Utimaco Safeguard. Ask for the source code for
WinMagic. Ask for the source code for Bestcrypt. Ask for the
source code for Compusec. Ask for the source code of ...
It is common for encryption software to be proprietary and
closed source. In fact, ALL enterprise level encryption is
proprietary. Open source is no panacea as no less a luminary
than Cambridge's Ross Anderson has repeatedly pointed out.
And for an ordinary person, it is no better solution to "trust
the code reviewer" than to "trust the code writer." The
unqualified layman still has to operate on a **trust model**
Whether it's a reviewer or a writer - you're only
**displacing** where the trust gets placed. Hell, even if the
code were completely vetted a dishonest operator (of closed or
open source crypto software) could still subvert security - as
I have repeatedly shown right here!
Yes, crypto is hard to get right. And not one person in a
million has both the programming and crypto skills to do a
thorough review of any serious program's crypto code. Open
source's model of "many eyes" completely breaks down for
crypto, especially commercial crypto - ordinary folks can't do
it and skilled academics are not going to do free vetting of a
commercial program!
No skilled person has ever done a thorough review even of
Truecrypts' source code - a much higher-profile program than
TrulyMail will ever be (i.e., been willing to publish it under
his name. Not just a architecture once-over - thorough source
code vetting!). The ONLY open source crypto pogram that has
ever had a thorough code review by professionals is OpenSSL
and that was through the FIPS' closed-lab process for a long-
ago version.
Like it or lump it - black box crypto is here to stay.
Regards,
nemo_outis
Ari, there's an "existence proof" that they still got it
completely wrong - they hired you!
Regards,
PS For the terminally clueless - like you, Ari - the OP likely
was not the fellow who wrote the software. This may be
difficult for you and your sockpuppets to understand, Ari, since
you only hear the voices in your head, but some copmpanies have
more than one employee.
TrulyMail Support
Hmmm. You wouldn't be making the point that all Latin-American
countries are the same, are you? Are you implying that because
Columbia has so much instability that all Latin-American countries do?
Chile is known for its stability.
The offer remains open, should you change your mind.
Ari Silverstein
Love you too Mr. Anonymousie but here's a "Heads Up" for you. Camper's
Merc camp, which I was both a student and later a teacher, taught me
all I needed to know about survival.
Seal was a pawn. He was dead as soon as he exposed the underbelly of
Mena and his direct relationships with elder VP George Bush
(specifically Adm Dan Murphy). Unglesby's call "sealed" his fate.
There was no way they were going to let Seal get traced back to
Iran-Contra.
Bottoms, otoh, has survived this whole, sordid affair by providing
tons of disinformation. It was that and permanent banishment to
Louisiana that saved his life. Most everyone involved at Mena were
dead within months.
Here's a clue, something for you to do in your, ahem, "retirement".
Why not flop on down to the RCMPussies and ask them when they recently
finished their investigation of the Air India disaster, they did not
subpoena Frank's testimony? Eh?
Go figure that one out, you Assclown.
TrulyMail Support
> "Ari Silverstein" <AriSilverst...@yahoo.com> wrote in message
>
> news:8e4kfp...@mid.individual.net...> On Tue, 31 Aug 2010 07:48:47 -0700 (PDT),TrulyMailSupport wrote:
> <snip>
> > This "trust us, we're really good guys" is a bunch of hocus-pocus BS,
> > it demeans you and it demeans your products.
>
> I trust them, nobody from Santiago or Nigeria would lie to us.
>
> Steve Terry
> --
> "I would like to plead for my right to investigate natural phenomena
> without having guns pointed at me.
> I also ask for the right to be wrong without being hanged for it."
> - Wilhelm Reich, November 1947
Nigeria? Interesting that you put Chile in the same boat as a country
with so little stability.
Chile is known as being the most stable in the region. Before you
start claiming that the least broken bottle of set is still broken, I
would encourage you to do a little research on the subject of this
country.
nemo_outis
> On Tue, 31 Aug 2010 17:46:35 -0700, Joseph Ashwood wrote:
...
> http://preview.tinyurl.com/2b6vlhu
>
> For who Joseph Atwood is.
Ashwood is not Atwood, Ari. Learn to read.
Regards,
TrulyMail Support
> "TrulyMailSupport" <supp...@trulymail.com> wrote in message
>
> news:f2cb3a1e-8968-48b6...@g21g2000prn.googlegroups.com...
>
> > My
> > point was not that you can either trust us or go away.
>
> Very bad idea. Cryptography is extremely difficult to get right. The real
> reason that every reputable company at least publishes their formats (and
> many publish source code) is to get more eyes finding the problems. The
> availability of the design data doesn't prevent an attacker from doing the
> analysis, but the good guys will simply ignore you. This is the opposite of
> the most desirable situation. By opening the design you are more likely to
> get good guys to look over your design and point out mistakes.
>
> > While I, personally, don't have a background in cryptography,
>
> Then you need at least another 10 years before you're ready to release a
> product. Sorry, but that really is how long it takes to develop the
> capability.
>
> > encryption uses their cryptographic library using the Rijndael
> > algorithm (PROV_RSA_AES cryptographic service provider). We use a 4096-
> password, no data should ever be recoverable under uncontrolled
> circumstances, and the controlled circumstances need significant analysis.
>
> From there on, anything else you say is completely irrelevant, your design
> is a complete security failure.TrulyMailis completely snake-oil.
> Joe
The password that is recoverable is the password to download new
messages from the server. Those messages have all been encrypted by
the sender so if someone else gets your password, they still can't
read your messages.
It's like being able to recover your password to your email account.
Steve Terry
"nemo_outis" <a...@xyz.com> wrote in message
news:Xns9DE5824BF...@69.16.185.250...
> TrulyMail Support <sup...@trulymail.com> wrote in
> news:c7958a6d-3b24-47ba...@t5g2000prd.googlegro
> ups.com:
>
> ...
>> OK, please let me publicly apologize. It was never my
>> intention to snub anyone here. My point was simply that it
>> is easier to answer clear questions. Clearly I was
>> inappropriate in my response and I hope you will forgive
>> me.
>
> There is no need for you to apologize to anyone - you have been
> entirely forthcoming about your company and its products.
> Moreover, you have shown the patience of a saint and remained
> courteous even when repsonding to insulting confrontational
> boors such as Ari.
>
> I wish you and your company every success.
> Regards,
>
>
I'm still waiting for you to transfer the $100,000,000 you promised,
you said the money you removed was a clerical error and i need
to send you another $1000 to correct it, no problem it's on it's way
via the untraceable western union account number you sent me.
nemo_outis
> Love you too Mr. Anonymousie but here's a "Heads Up" for
> you. Camper's Merc camp, which I was both a student and
> later a teacher, taught me all I needed to know about
> survival.
>
> Seal was a pawn. He was dead as soon as he exposed the
> underbelly of Mena and his direct relationships with elder
> VP George Bush (specifically Adm Dan Murphy). Unglesby's
> call "sealed" his fate. There was no way they were going to
> let Seal get traced back to Iran-Contra.
>
> Bottoms, otoh, has survived this whole, sordid affair by
> providing tons of disinformation. It was that and permanent
> banishment to Louisiana that saved his life. Most everyone
> involved at Mena were dead within months.
>
> Here's a clue, something for you to do in your, ahem,
> "retirement". Why not flop on down to the RCMPussies and
> ask them when they recently finished their investigation of
> the Air India disaster, they did not subpoena Frank's
> testimony? Eh?
>
> Go figure that one out, you Assclown.
You're raving again, Ari. And you're flecking the monitor with
spittle and drooling on the keyboard
nemo_outis
news:i5kcvg$m1a$1...@news.eternal-september.org:
Oooh, another Ari sockpuppet. The voices in your head must get
hard to sort out, eh Ari?
Ari Silverstein
> As for open-source in cryptography, it is mostly a snare and a
> delusion.
It is available for peer review and potential source code evaluation
and you know it. Now let's get to the real, new, pissed off Nemo
anonymous...
> Not evem Truecrypt, the darling of the open-
> sourcers, has ever had a thorough review by a skilled crypto
> practitioner willing to put his name to his work. And I defy
> you to name Truecrypt's developers!
Here it is, you got a sudden hard on for the Truecrypt guys after
spending years claiming that they were Bowie's nazz. Why so?
Because they kicked you off their forum? They won't play by nemos
anonymousie rules?
I tell you what Truecrypt does. They put their financials out in the
open. Does Trulymail? Hmmmmmmmmmmm?
Let's summarize. Truecrypt is open source, used by you (or you lied)
and the developers have been named by Peter Fairbrother right here on
these forums. Missed that did you?
Xpost reinserted you cowardized freak of nature.
Tell me, when are you going to implement Trulymail since you are
defending it (hypocritically to your maximum hilt), hmmmmmmmm?
Bet you don't. I bet this entire tirade of yours is because of me and
your recent pushback from years of Truecrypt promotion.
Very high schoolish, "nemo", too bad you still have lingering memories
of failing to get a date to the proms. Take it out on someone else.
Both Truecrypt and I could fucking care less about your pentup
dementias..
Ari Silverstein
> Ari Silverstein <AriSilv...@yahoo.com> wrote in
> news:8e5pjc...@mid.individual.net:
>
>> On Tue, 31 Aug 2010 17:46:35 -0700, Joseph Ashwood wrote:
>>
>>>> While I, personally, don't have a background in
>>>> cryptography,
>>>
>>> Then you need at least another 10 years before you're
>>> ready to release a product. Sorry, but that really is how
>>> long it takes to develop the capability.
>>
>> I can personally and positively agree with that statement.
>> We had to hire 30+ years worth of established, vetted
>> talent to get things right.
>
> Ari, there's an "existence proof" that they still got it
> I'll remember that when I sign the payroll checks.
> completely wrong - they hired you!
I'll remember that when I authorize payroll tomorrow.
lol
>
> PS For the terminally clueless - like you, Ari - the OP likely
> was not the fellow who wrote the software. This may be
> difficult for you and your sockpuppets to understand, Ari, since
> you only hear the voices in your head, but some copmpanies have
> more than one employee.
Sure do. Like the ones you prostituted for all your life.
nemo_outis
You're still raving, Ari. And still drooling.
nemo_outis
You're still raving and still drooling, Ari. Better make sure
you have a waterporrof keyboard.
Ari Silverstein
Translation: "I haven't a clue how the world works and would much
rather sit in my little assclown house than pay any attention to it.
It's what I do best. Take orders, drool when commanded and look away."
nemo_outis
Ari, you have now exhausted what small interest you initally
provided. I have punished your trulculent boorishness to the
OP, and exposed your vapidity and ingnorance once again. My job
is done.
You are now dismissed - with prejudice.
Ari Silverstein
>>> I'm not free on Tuesday but I'm free that Friday. Will that work for
>>> you?
>>
>> Are you crazy? Look what happened last time I was late.
>>
>> http://www.prorev.com/BARRY%20SEAL.jpg
>>
>> --
>> B℮ar Bottoms
>
> Hmmm. You wouldn't be making the point that all Latin-American
> countries are the same, are you? Are you implying that because
> Columbia has so much instability that all Latin-American countries do?
> Chile is known for its stability.
There's stability in the world? Now that's a novel notion. We don't
have it in America and if you think Chile is stable, you're
delusional.
Political, economic...any stability is a fleeting moment away from
being snatched right out from under you. Stability is an
apparition...at best.
When your stability no longer serves the purposes of the powers of the
world, you'll return to the Ugarte-Pinochet days.
this I will give you unlike many countries, Chileans have a sense of
democratic pride and the balls to push that forward.
Ari Silverstein
> Ari Silverstein <AriSilv...@yahoo.com> wrote in
> news:8e5ju3...@mid.individual.net:
>
> Anonymous? Me?
>
> Shit, Ari, you're such an incompetent arsehole that you still
> can't read a header. That's me right up there at shaw.ca for
> the whole world to see.
Cool. My name is Ari Silverstein, and yours?
lol
> As for your railroad app becoming available "real soon now"
Not my app, keep your lies straight, Mr. Anonymoiusie. We performed
the POC as one of several companies that did so.
> it's
> vaporware like everythng else in your miserable pathetic little
> life, Ari.
>
> Regards,
Not what you said when I offered to employ you into the deal, nemo.
Not what you said at all.
At least you don't have the notion to lie out and out about or commo,
nemo. That I will give you.
Nothing else but that.
nemo_outis
>> Hmmm. You wouldn't be making the point that all
>> Latin-American countries are the same, are you? Are you
>> implying that because Columbia has so much instability
>> that all Latin-American countries do? Chile is known for
>> its stability.
>
> There's stability in the world? Now that's a novel notion.
> We don't have it in America and if you think Chile is
> stable, you're delusional.
>
> Political, economic...any stability is a fleeting moment
> away from being snatched right out from under you.
> Stability is an apparition...at best.
>
> When your stability no longer serves the purposes of the
> powers of the world, you'll return to the Ugarte-Pinochet
> days.
>
> this I will give you unlike many countries, Chileans have a
> sense of democratic pride and the balls to push that
> forward.
Ari, you're rambling and babbling again. Early onset
Alzheimer's?
nemo_outis
Ari, you have so many names, so many aliases, so many
sockpuppets that I've lost track. However, the feature that
unites them all is rambling incoherence coupled with unfocussed
hostility.
Back under the bridge, troll.
Gordon Burditt
>identities of our investors is not public information. Is this
>something that is important for you to know? If so, may I ask why?
If someone wants to keep his mail private, he probably has an idea
*WHO* he most wants to keep it private from. For example:
- his wife and her lawyer
- other companies competing with his company in the field he's working on.
- nations unfriendly to his nation.
- anyone who might want to hold him for ransom or assassinate him
- anyone who might want to trade on insider information for profit
Designers of cryptosystems can leave in trap doors so they can read
the traffic. Especially if it's not open-source, you have to trust
them not to do so. Or sometimes it's done so their servers are the
ones that do the encryption/decryption in the first place (as is the
case for digital cell phones, so the cell phone companies handle the
cleartext).
It would be extremely prudent to try to determine if your investors are,
for example:
- The NSA, KGB, and Mossad
- Al Queda and similar terrorist groups
- North Korea, Iraq, and Iran
- A Columbian drug cartel
- TransUnion, Equifax, and Experian
- Organized crime
before using their cryptosystem.
nemo_outis
news:2radnZPtks1AVeDR...@posted.internetamerica:
> If someone wants to keep his mail private, he probably has
> an idea *WHO* he most wants to keep it private from. For
> example:
>
> - his wife and her lawyer
> - other companies competing with his company in the field
> he's working on. - nations unfriendly to his nation.
> - anyone who might want to hold him for ransom or
> assassinate him - anyone who might want to trade on insider
> information for profit
Yes, a risk and consequence analysis, however informal and
unstructured, is a prudent idea. However, it's not likely
that any prudent man, even though untutored in the intricacies
of encryption, would entrust TrulyMail with really serious
matters where disclosre could have severely adverse
consequences. TrulyMail is plainly intended for more light-
duty matters of ordinary privacy.
Perhaps the best analogy is that if ordinary mail is
equivalent to a postcard that anyone can read, then TrulyMail
would provide protection equivalent to a letter enclosed in an
envelope. Better privacy, yes, but far from impregnable
security. Ordinary privacy, not bombproof spy-versus-spy
privacy.
> Designers of cryptosystems can leave in trap doors so they
> can read the traffic. Especially if it's not open-source,
> you have to trust them not to do so. Or sometimes it's
> done so their servers are the ones that do the
> encryption/decryption in the first place (as is the case
> for digital cell phones, so the cell phone companies handle
> the cleartext).
>
> It would be extremely prudent to try to determine if your
> investors are, for example:
>
> - The NSA, KGB, and Mossad
> - Al Queda and similar terrorist groups
> - North Korea, Iraq, and Iran
> - A Columbian drug cartel
> - TransUnion, Equifax, and Experian
> - Organized crime
>
> before using their cryptosystem.
A lovely idea. How the flying fuck would you suggest an
ordinary person - the kind of person that TrulyMail is clearly
intended for - would go about doing anything of the sort? Are
you seriously suggesting that Mossad or the NSA could not
disguise the true principals of such a company from the
investigations of all but an equally well-resourced agency?
Hogwash!
Have you considered how many "trust relationships" you have in
your life? from a contractor putting a roof on your house, to
the girl you dated and married, to the oncoming drivers in the
other lane every morning commute? Are you sure your
greengrocer isn't poisoning you? Have you vetted him? Do you
know his grandmother's maiden name?
Do you run a full background check of the airline pilot before
you board a flight or do you just "trust" in the mechanisms of
the airline to do this? And how thorough are they? - even if
they did a good job initially, perhaps the pilot has become
sucicidally depressed of late?
In short, there are a gazillion trust relationships you rely
upon every day of your life - trust relationships that could
portentially have far more adverse consequences than disclosed
email. Let's not obsess about cryptographic mechanisms - some
folks just want a little better privacy than open email.
Regards,
Ari Silverstein
> gor...@hammy.burditt.org (Gordon Burditt) wrote in
> news:2radnZPtks1AVeDR...@posted.internetamerica:
>
>> If someone wants to keep his mail private, he probably has
>> an idea *WHO* he most wants to keep it private from. For
>> example:
>>
>> - his wife and her lawyer
>> - other companies competing with his company in the field
>> he's working on. - nations unfriendly to his nation.
>> - anyone who might want to hold him for ransom or
>> assassinate him - anyone who might want to trade on insider
>> information for profit
>
> Yes, a risk and consequence analysis, however informal and
> unstructured, is a prudent idea. However, it's not likely
> that any prudent man, even though untutored in the intricacies
> of encryption, would entrust TrulyMail with really serious
> matters where disclosre could have severely adverse
> consequences. TrulyMail is plainly intended for more light-
> duty matters of ordinary privacy.
Untutored men have no prudence when examining the trust factor of
Trulymail. By definition. They are conned into believing Trulymail and
Trulymail alike products actually do what they exorbitantly claim to
do.
But you knew that. Why the falsehoods, the lies and the deceit from
you?
> Perhaps the best analogy is that if ordinary mail is
> equivalent to a postcard that anyone can read, then TrulyMail
> would provide protection equivalent to a letter enclosed in an
> envelope. Better privacy, yes, but far from impregnable
> security. Ordinary privacy, not bombproof spy-versus-spy
> privacy.
There is nothing, nothing at all, zero, nada, that corroborates this
proclamation of yours. Nothing from you, certainly nothing from closed
lipped, tightly concealed, "working in the shadows" Trulymail.
There were times on thse forums, outis, where you were so much more
truthful, foregoing and inquisitive. Why the falsehoods, the lies and
the deceit from you?
> How the flying fuck would you suggest an
> ordinary person - the kind of person that TrulyMail is clearly
> intended for - would go about doing anything of the sort? Are
> you seriously suggesting that Mossad or the NSA could not
> disguise the true principals of such a company from the
> investigations of all but an equally well-resourced agency?
> Hogwash!
No one suggests anything other than that. Which is not the point and,
again, you know that. Why the falsehoods, the lies and the deceit from
you?
It is incumbent on any crypto system provider to be all in or all out
if they are ethical and true purveyors of privacy. What might be
private to one person (a sentimental note to a friend) and private to
another (overthrow of a government) is inconsequential to the privacy
goals of the user. They buy Trulymail to be assured that regardless of
their messages *their commo is private*.
Trulymail fails this test in spades. MOF, there is no test for
Trulymail which is by many magnitudes a much greater indiscretion.
> In short, there are a gazillion trust relationships you rely
> upon every day of your life - trust relationships that could
> portentially have far more adverse consequences than disclosed
> email. Let's not obsess about cryptographic mechanisms - some
> folks just want a little better privacy than open email.
What a hypocritical oaf you are. you fashion arguments to meet your
personal agendas. In this case, it is to attack me.
Let's look at neom outis when he had a pair and not consumed with
emotional issues and insane rants.
"Ok, I've given you some high-level stuff to think about; now I'm
going to give you some specifics.
The first is regarding encryption. This is the main line of
defence in preserving computer security/privacy. There are a lot
of different approaches out there, some of which are suspect, and
some of which are downright snakeoil. For instance, Microsoft's
encrypting file system for NTFS (available as part of Windows
NT/2k/2k3/XP) is easy to implement incorrectly (e.g., leave key
on HD), has inherent flaws (e.g., is not OTFE) and many suspect
there are backdoors put in it for law enforcement."
http://preview.tinyurl.com/29php9v
And dozens more like this.
Yet you are willing to cut Trulymail a pass card because...well, hell,
because why? They have already admitted to having zero expertise in
implementing encryption yet you blither and blather on in their
defense?
Gee, maybe I should shutup and let you defend their snake oil.
Joseph Ashwood
news:408b2458-61cd-4985...@m35g2000prn.googlegroups.com...
> On Sep 1, 7:46 am, "Joseph Ashwood" <ashw...@msn.com> wrote:
>> From there on, anything else you say is completely irrelevant, your
>> design
>> is a complete security failure.TrulyMailis completely snake-oil.
> The password that is recoverable is the password to download new
> messages from the server.
So the recovered password is the password to read the messages. The
recovered password is the exact password that should not be recovered.
Its like offering the thieves the key your house.
Its still snake oil, and stating the exact problem will not change that.
Joe
Ari Silverstein
>>I am John (though, I am not the only one here named John). The
>>identities of our investors is not public information. Is this
>>something that is important for you to know? If so, may I ask why?
>
> If someone wants to keep his mail private, he probably has an idea
> *WHO* he most wants to keep it private from. For example:
>
> - his wife and her lawyer
> - other companies competing with his company in the field he's working on.
> - nations unfriendly to his nation.
> - anyone who might want to hold him for ransom or assassinate him
> - anyone who might want to trade on insider information for profit
Or you might say that they perceive different levels of capabilities
of their adversaries and adjust accordingly.
The Trulymail model has no verifiable privacy against any of your
adversaries mentioned. For all anyone knows, they could read emails,
contact your adversaries and sell their info.
Very lucrative, btw.
Ari Silverstein
> I believe this is a re-post.
Let's step back and examine where you are. I will add my own
experiences FYI.
You have two choices.
- Come clean on your website. You might as well since this entire
thread and your participation is forever available, archived and
easily retrieved by the most novice of privacy-seeking email users.
- Keep up what you are doing. OK, then you are who you are, a company
who sets profiteering well in advance of its customers privacy needs.
It's up to you.
In my case, I came to Usenet in 2003, put forth my product ideas, got
my ass handed to me, more times I can count. I used Usenet, hired
people from Usenet and learned a hell of a lot that I doubt I could
learn from any other venue. No pain, no gain. Considerable pain,
considerable gain.
Now you and your "company", if there actually is anyone else but "John
Andre", have to make your own choices.
Ari
TrulyMail Support
> So the recovered password is the password to read the messages.
No, it is not.
The password allows you to 'access' the encrypted message (hence the
metaphor of your email account's password - if I have that password I
still cannot read your encrypted messages). You still need your
private key, not your password, to decrypt it. We keep your password
on the server (to verify who you are) but we don't keep (or ever have)
your private key.
Mr. B
> Ari Silverstein <AriSilv...@yahoo.com> wrote in
> news:8e5iiq...@mid.individual.net:
>
> You are completely full of shit, Ari, as usual.
>
> The OP sells commercial software, closed source. You know,
> Ari, like Microsoft, Apple, Norton, Adobe and a zillion
> others.
>
> He is trying to flog a product that will give greater email
> privacy to general users. Not perfect privacy, not ultimate
> security, just useful day-to-day better privacy. Not like the
> tiny, tiny handful of knowledgeable folks who use stuff like
> PGP or GPG - ordinary users.
>
> PGP and GPG, no matter how interesting they are, are a failure
> - they have totally failed to convert ordinary email users
> from the postcard model of email with everything wide open.
In all likelihood, Trulymail will also be a failure. PGP did not fail
because it was too complicated to use, or too complicated to set up, it
failed because most users did not perceive the problem it solves as being a
problem. The general public still holds the belief that if they have
nothing to hide, then there is no problem with others having the ability to
inspect their email. Try having a conversation about the issue some time,
with a person who is completely unaware of cryptography, and you will be
lucky to even get to the topic of email encryption before that person loses
interest.
> As for open-source in cryptography, it is mostly a snare and a
> delusion. Not evem Truecrypt, the darling of the open-
> sourcers, has ever had a thorough review by a skilled crypto
> practitioner willing to put his name to his work. And I defy
> you to name Truecrypt's developers!
Yes, because proprietary cryptosystems have never been disastrous for their
users. Really, this would not be so bad if Trulymail was at least
compatible with existing cryptosystems like PGP or S/MIME. Perhaps it is,
but the details are scant; the only relevant detail I have seen so far is
that it uses RSA and AES. Even basic details like how keys are signed or
verified (or if they are signed/verified) are missing.
> Nobody, and I mean nobody, is going to do a thorough review of
> the source code of a commercial produuct like TrulyMail, even
> if it were available. Open-source for it is a total red
> herring, the kind of thing only assholes like you fasten upon.
>
> The OP for TrulyMail got it exactly right - use it or don't.
Hey, this discussion found its way to sci.crypt, so I assume that someone
wanted opinions on Trulymail's usefulness as a cryptosystem. Perhaps "Ari"
is a known troll (he is certainly combative), but that does not change the
reality that a certain degree of openness is necessary when it comes to
cryptography.
> It's not targeted at assholes like you, Ari.
Then who, in your opinion, is it targeting? I could target Joe Public with
ROT13, does that mean that I should not be criticized for doing so?
-- B
TrulyMail Support
> TrulyMailSupport <supp...@trulymail.com> wrote:
> >I'm John fromTrulyMailSupport. What would you like to know about us?
>
> "John", eh? Clearly you're named for the bathroom fixture and I suspect you
> to be filled with the same substance. Guess what, "John" It's time to flush your
> sorry ass. Just exactly which part of your "service" is free? No part, I
> suspect: It isn't surprising that your lame-ass web site never mentions what it
> might _cost_ but why would anyone care. What I'd _really_ like to know is what
> kind of weasel tries to peddle his wares in what clearly is a _freeware_ group.
> Truth is, I believe you and your "service" to be as phony as a three-dollar bill
> and just about as useful. My vote is that you go away; maybe just go ahead and
> die. The facts that you and your pal "al" are spamming the group with your phony
> dialog reveals all that any reasonable person needs to know about you and you
> "business" AWA your regard for your prospective clients. Pay for your
> advertising just as any legitimate business does. Better yet, get a real job.
> --
> HTH,
> Derald
I've been quite surprised by the amount of hate I read in this group.
I haven't used usenet in many years and I can see it has changed quite
a bit. Sadly, not for the better.
What part of 'free' do you not understand. Everything (our client, our
private messaging network, etc.) are all free. Do you see anyway to
pay us? If there is no way to pay us, then how could we be charging?
Of course, we don't charge. We will, but we will not charge for what
we currently give away for free.
You may consider this spamming but I was invited here. I answered the
questions as I felt appropriate and I had nothing but poison spit back
in my face.
You may disagree with how we do business. You may have technical or
philosophical complaints about us but we are still people. Where I
come from, name calling and mis-stating facts is something you only
see in politics - civilized people don't do these things. However, as
I said earlier, I was not invited to critique personalities.
TrulyMail Support
>
> -- B
Mr. B: Is there a way to contact you off-group?
Mr. B
I will contact you; is sup...@trulymail.com the correct email address to
use?
-- B
TrulyMail Support
> TrulyMailSupport wrote:
> > On Sep 1, 2:11 am, "Mr. B" <n...@supplied.com> wrote:
>
> >> -- B
>
> > Mr. B: Is there a way to contact you off-group?
>
> use?
>
> -- B
Yes.
Bear Bottoms
> On Tue, 31 Aug 2010 01:42:07 -0700 (PDT), TrulyMail Support wrote:
>
>> On Aug 31, 12:10 pm, Ari Silverstein <AriSilverst...@yahoo.com> wrote:
>>
>>> Thanks for the info, John.
>>>
>>> What is you and your companies background in delivering and
>>> implementing encryption?
>>
>> TrulyMail (the company) has been around a short time (two years). Our
>> products include the TrulyMail Client and related TrulyMail services
>> (encrypted, private messaging, for example). We have been offering
>> these products for about two years now.
>>
>>> Who is "John", who are the investors, management and directors
>>> ofTrulymail?
>>
>> I am John (though, I am not the only one here named John). The
>> identities of our investors is not public information. Is this
>> something that is important for you to know? If so, may I ask why?
>
> If you're dealing with security products, especially without open
> source coding, /who/ you are and your background is extremely
> important.
>
> The fact that you ask this question is startling.
>
> And informative.
I installed this program three weeks ago and nobody has hacked my email yet.
Can you read my email? No. Good program.
--
Bear Bottoms
Freeware website: http://bearware.info
Dave U. Random
nemo_outis
You still here? You were dismissed.
Ari Silverstein
>> nemo blathered like a loon: PGP and GPG, no matter how interesting
>> they are, are a failure - they have totally failed to convert
>> ordinary email users from the postcard model of email with
>> everything wide open.
> In all likelihood, Trulymail will also be a failure. PGP did not fail
> because it was too complicated to use, or too complicated to set up, it
> failed because most users did not perceive the problem it solves as being a
> problem. The general public still holds the belief that if they have
> nothing to hide, then there is no problem with others having the ability to
> inspect their email. Try having a conversation about the issue some time,
> with a person who is completely unaware of cryptography, and you will be
> lucky to even get to the topic of email encryption before that person loses
> interest.
nemo wants to blame PGP and label it a failure because it did not
majickally educate the masses that email is insecure?
*LARF*
No wonder nemo keeps dropping the Xposts to sci.crypt and
alt.comp.security (now reinstated from his doing so for the umpteenth
time in this thread).
PGP was Zimmerman's response to having his life compromised from
intercepted email and other commo from his pre-PGP, ongoing and
historically recorded human rights activism. He had no stated
intention whatsoever to "educate the world" regarding email
insecurities. He primarily developed PGP to solve his own problems and
those of his fellow activists. Once it was developed, he gave it away
for free.
If from the release of PGP people asked "why do I need this" as a
secondary or tertiary result, that was all fine a good. But it was not
the focus of his work anymore than the auto was conceived by Ford so
we can populate the Earth with backseat babies.
Does Trulymail purport to be offering their product as an education in
a box? No and neither did Zimmerman.
Bear Bottoms
@mid.individual.net:
> On Tue, 31 Aug 2010 17:13:29 +0100, B℮ar Bottoms wrote:
>
>> On Tue, 31 Aug 2010 11:25:32 -0400, Ari Silverstein wrote:
>>
>>> Don't even think about trying to sell to the US Gov't, DoD or any
>>> of the intertwined military-intelligence agencies. They /really/ frown
>>> on foreign nationals who play at such serious business.
>>
>> We will see. I say, see you next Tuesday Silverstein. Who needs to sell to
>> the government? I have friends who will pay big for the right service.
>
> Well Bottoms there are times I would much prefer to deal with you,
> Debbie and the Bear crew than some of the dunderheads we have to screw
> around with in the USGov.
>
> Not many times.
>
> Maybe only once to be truthful.
You responded to a forgery.
nemo_outis
news:f312ada478be39e8...@anonymitaet-im-inter.net
:
Oooh, a sockpuppet photo!
Ari Silverstein
The password on your server verifies nothing. It is simply a process
that resolves /someone/ has a password and, in turn, /someone/ has a
key. No identification is made of who that someone is. Hence, no
verification or authentication.
The terms identification, authentication, verification and ultimately
authorization are defined from the world of biometrics. Where these
processes can be invoked.
I can't fault you too much for this misuse of term. These terms have
been abused for years now by many companies who desire to overstate
the capabilities of their security systems.
Think of it this way. If I walk up to you and say "Hi, I'm Ari"
without something to verify my ID (Passport, secure credentials card,
etc.) you have nothing of value except a statement. Much like your
password matching on your server.
Ari Silverstein
nemo always plays the "sockpuppet" card when he's getting his ass
kicked off. lol
A quick Google would have placed Terry in the UK but, hey, when nemo
gets all fluffed up and spitting hairballs, why let truth get in the
way, eh?
Ari Silverstein
> I've been quite surprised by the amount of hate I read in this group.
Slick, no one cares enough about you or your overhyped snake oil to
hate you. Hate takes great effort.
Now hate what you represent and the deceit and continued bullshit you
are attempting to foist, you bet, hate the hell out of that.
> I haven't used usenet in many years and I can see it has changed quite
> a bit. Sadly, not for the better.
Hm, must be a different Usenet that I have experienced since 1998.
maybe you were more familiar with rec.food.cooking?
> You may consider this spamming but I was invited here. I answered the
> questions as I felt appropriate and I had nothing but poison spit back
> in my face.
Invited? Like in, "I'm having a party, come and have a good time?" lol
What did you expect? Cookies and milk and applause? That you would
waltz in here with your load of crap and receive accommodations and
medals.
You did say you were on Usenet before?
> You may disagree with how we do business. You may have technical or
> philosophical complaints about us but we are still people. Where I
> come from, name calling and mis-stating facts is something you only
> see in politics - civilized people don't do these things.
Do you drool? These are self-condemning statements, they exactly
describe what you have done. Mis-state facts. Whether you mis-state
them out of ignorance (demonstrated) or evil intent (strongly
suggested) makes no difference.
You, sir, by your own definition, are name calling us as uncivilized.
Did I ask if you drool?
> However, as
> I said earlier, I was not invited to critique personalities.
Invited or not, you got exactly what you deserved.
Which, btw, could have been great publicity, free, no charge, if you
hadn't jumped in here with your bag of Mxyzptlk tricks and Harry
Potter Invisible Cloak routines.
Instead, you got smashed, your product got trashed and both rightfully
so.
As Steve Gielda once said "Lies echo throughout the eternity of the
Internet."
--
"The way to run a country and keep the people from being too critical
of how you run it, is to busy giddy minds with foreign quarrels. ~King
Henry of England to Prince Hal