Private Idaho version 2.0 beta March 1, 1995) - Freeware copyright (c)1995, Joel McNamara (joelm@eskimo.com) What it does ------------ Private Idaho makes private e-mail easier. It simplifies using PGP and various anonymous remailers. It can be used with many Windows e-mail applications. PGP is fairly well known. Remailers are getting increased exposure, but are still not widely used. If you use PGP, they are worth knowing and learning about. For a good introduction, refer to: http://www.cs.berkeley.edu/~raph/remailer-list.html What it doesn't do ------------------ Private Idaho isn't e-mail software. It can't send the messages you create with it. Think of it as an e-mail premailing tool. Private Idaho doesn't automatically keep track of which remailers are active. You'll need to manually keep the text file updated to stay current. I update the files regularly, and they are available either from anonymous FTP at ftp.eskimo.com /joelm or http://www.eskimo.com/~joelm. (These files are updated based on information from Raph Levien's annonymous remailer "pinging" service. For full information, either finger remailer-list@kiwi.cs.berkeley.edu or via the Web use http://www.cs.berkeley.edu/~raph/remailer-list.html.) Private Idaho isn't a PGP shell. It is designed simply to make sending private e-mail easier. Don't expect sophisticated key management and access to all of PGP's features. Requirements ------------ Microsoft Windows 3.x Visual Basic runtime file (VBRUN300.DLL - not included) A Windows e-mail package (Eudora, MS Mail, Pegasus, etc.) PGP (Pretty Good Privacy - 2.6.2 is the latest MIT version) Installing Private Idaho: ------------------------- Copy the following files to the directory that contains your e-mail software: PIDAHO.EXE the application CPMAILER.TXT the remailer list RMINFO.TXT the remailer info list USENET.TXT the list of mail to USENET newsgroup gateways EMAIL.TXT the list of e-mail software settings PIDAHO.TXT this file Copy the following file to the directory (or disk) that contains PGP: PIPGP.PIF for easy shelling to DOS PGP PIPGPX.PIF shell and autoclose Copy the following file to the \WINDOWS\SYSTEM directory: CMDIALOG.VBX (You don't need to replace this file if it already exists). Add PIDAHO.EXE to a Windows program group of your choice. When you run Private Idaho for the first time, it will prompt you for configuration information (to be saved in the PIDAHO.INI file). You will only need to go through this process once. The steps are fairly self-explnatory. Before running Private Idaho for the first time, have your e-mail software running, with a blank, new message window open. You may need this to provide Private Idaho with configuration information. (If you're using an older version of Private Idaho and plan to install the new version in the same directory, delete the CPMAILER.TXT, USENET.TXT, and PIDAHO.INI files. The file format has changed in version 2.0.) Installing the remailer PGP public keys: ---------------------------------------- With Private Idaho you can easily send encrypted mail to certain remailers, using their public keys. The ciphertext is decrypted when received, and then sent on to the next destination. Obviously, you need copies of the remailer public keys on your public key ring. The file RMKEYS.ZIP contains text files with each each remailer's key. The INSTALL.BAT file will add all of these keys to your key ring. Just unzip the files and run the batch file (you need to have PGP installed correctly first.) Sorry, this is just an ugly DOS batch file. A more GUI-oriented version may end up in a future version of Private Idaho. To use an address book: ----------------------- When Private Idaho is first run, it prompts you if you want to use an address book. This is simply a text file, with each line containing an e-mail address (if you use Eudora, you can use the RCPDBASE.TXT file). These addresses appear in the To: combo list. You can also specify an address file later, by using the Options command in the File menu. If you change the file, you'll need to restrat Private Idaho for the names in the address book to appear in the To: line. To encrypt a message: --------------------- 1. Enter the e-mail address of the person you want to send the encrypted message to. (Since most people will use their e-mail address as part of their PGP user ID, Private Idaho will search through the public key ring looking for a match. If it finds a match, it will encrypt off of that key. If it can't find a match, user IDs in the public key ring are displayed, and you select one.) 2. Compose the message you want to encrypt in the message box. 3. Choose the "Encrypt message" command from the PGP menu. Private Idaho will create a temporary file containing the message, shell out to PGP and encrypt the file with ASCII armor, copy the encrypted text to the message box, and delete the temporary file with the PGP wipe command (yes, wipe only performs a single pass at overwriting the data before deleting, if you need more security, try a shareware memory resident app called Real Delete). To encrypt and sign a message: ------------------------------ Same as encrypting a message (only you choose the "Encrypt and sign message" command from the PGP menu). To sign a message: ------------------ Same steps as encrypting a message (only you choose the "Clear sign message" command from the PGP menu). This adds your signature to the text contained in the message box. The text is not encrypted. Important Note: Some e-mail packages (notably Eudora), hard code carriage return/line feeds when mail is sent and Word Wrap is turned on. This means if you sign and message, the signature will be invalid when the receiver gets it, because CR/LFs have been added. I've found most e-mail software is pretty smart these days, and will auto- matically wrap lines without CR/LFs. Consider turning Word Wrap off if you have this problem with clear signing. To decrypt a message: --------------------- 1. Paste the encrypted message you received to the message box. 2. Choose the "Decrypt message" command from the PGP menu. You will be prompted for your passphrase. Private Idaho will create a temporary file containing the message, shell out to PGP and decrypt the file, copy the decrypted text to the message box, and delete the temporary file with the PGP wipe command. To use "Encrypt to self": ------------------------- This option encrypts the message with your own key in addition to the key of the person you are sending the message to. PGP can encrypt a message with a multiple number of keys. This effectively makes the message decipherable by the person you are sending it to and yourself. This feature is handy for archiving encrypted messages you have sent. You will need to provide your secret passphrase in order to decrypt any messages "encrypted to self." To use "Obscurity": ------------------- When PGP encrypts text with ASCII armor on (almost required for sending e-mail), it adds a header that identifies the message as being PGP encrypted. This obviously clues anyone in to the fact that the message is encrypted. There are times when a user might not want a message to be obviously identified as encrypted. When Obscurity is checked, Private Idaho will strip off the identifying PGP headers when a message is encrypted. It will also add the headers before it calls PGP to decrypt ciphertext in the message text box. Obviously, the sender and receiver of the e-mail are both going to need to be using Private Idaho and know they need to have "obscurity" turned on. Don't use this feature for sending messages to people who don't know about it. PGP will not decrypt the ciphertext without the headers. To update Private Idaho's public keyring information: ----------------------------------------------------- When you first run Private Idaho, it copies information from your public keyring to a text file named PUBKEYS.OUT. If you add keys to your keyring, you need to update that file. To do so: 1. Choose the "Update public keyring" command from the PGP menu. To control the behavior of the PGP DOS box: ------------------------------------------- When encrypting and decrypting, Private Idaho needs to shell out to the DOS version of PGP. You can control the appearance of the DOS box and its behavior with the "Run PGP minimized" and "Auto-close PGP" commands. When "Run PGP minimized" is checked, the iconized window is displayed at the bottom of the screen when PGP is run. When this option is not checked, the full-screen, Windows DOS box is displayed. When "Auto-close PGP" is checked, the PGP DOS box is automatically closed when PGP finishes running. When the option is not checked, you must manually close the window when PGP is done running. These features are useful for viewing PGP diagnostic messages. NOTE: Even if "Run PGP minimized" is checked, when decrypting, the full window will always be displayed. To set PGP options: --------------------- 1. Choose the "Options..." command from the PGP menu. Not that many options to select really. Just the PGP path (which is extracted from the PGPPATH environment variable - which you should have set if you followed the PGP installation instructions) and your PGP user ID. You can use the entire user ID (i.e. Joel McNamara ) or a portion of it. You are prompted for this when Private Idaho starts. Both of these options are stored in the PIDAHO.INI file (which Private Idaho creates when you first run it). There is also a temporary file name. This is the file Private Idaho uses when encrypting and decrypting text from the clipboard. PIDAHO is the default, and you should leave that setting unless you have any name conflicts (which you shouldn't). Temporary files are written and deleted/wiped from the PGP directory. To send mail through one anonymous remailer: -------------------------------------------- You have a choice of different types of remailers to use. They include: Cypherpunk - the largest catagory of remailers. Eric - another type of remailer (i.e. "soda" - csua.berkeley.edu) Anon.penet.fi - Julf's remailer in Finland. Very popular on USENET newsgroups. You need to get a free account before using, which people will be able to reply back to your anonymous mail. I really don't want to get into the differences between the various types or make suggestions on which to use. See: http://www.cs.berkeley.edu/~raph/remailer-list.html for some good information sources on remailers. 1. Check which type of remailer to use in the Remailers menu. 2. Compose the message and specify who you want to send the mail to in the To: line. 3. Select a remailer from the Remailer: combo list. 3. Choose the "Append info to message" command from the Transfer menu. The appropriate remailer instructions are added to the contents of the message box. The remailer address is passed to Eudora when you choose the "Transfer to e-mail" command from the Transfer menu. The "Append and Transfer" command appends and transfers in one menu selection. You'll notice the words "latency" and "up time." Press the "?" button next to the remailer combo box for definitions. This information is useful for deciding which remailer to use. To chain a message (send it through multiple remailers): -------------------------------------------------------- This option currently only works with Cyperpunk-type remailers. 1. Follow the same steps as above, but choose "chain" from the Remailer: combo list box. 3. Choose the "Append info to message" command from the Transfer menu. 3. A list of remailers is displayed. Select the ones you wish to chain. You can choose the order you wish to chain the remailers. The appropriate remailer instructions are added to the contents of the message box. To encrypt mail and send it through an anonymous mailer: -------------------------------------------------------- 1. Encrypt the message first. 2. Select the appropriate remailer(s) and choose the "Append info to message" command from the Transfer menu. If you don't follow this order, you'll end up encrypting the remailer instructions. The remailers are smart, but not that smart. To use Cypherpunk remailer advanced features: --------------------------------------------- The Cypherpunk remailers offer some advanced features to enhance e-mail privacy. When the "Cypherpunk" option is checked in the Remailers menu, the "Advanced Cypherpunk" cascading menu item is available. By checking one of the options, it filters the remailers in Remailer list box. For example, if you check the "Use latent time" option, only Cypherpunk remailers that support the latent time option will be displayed in the list box. If no options are checked, all Cypherpunk remailers are displayed. Select advanced options, then select which remailers to use. (Each time an option is checked or unchecked, the list is reset, and the default value is "none.") Here is a brief summary of the different features: Encrypt to remailer(s) ---------------------- These remailers have their own public key. If you send mail encrypted with their key to them, they will automatically decrypt the mail and pass the decrypted message to the next destination. This is a fairly secure form of communication, since there is no plaintext transmitted to the remailer. When this option is checked, the text in the message box will be encrypted with the selected remailer(s)' key. You must first add the remailer keys to your public key ring. See the installation section at the beginning of this file. You can also chain remailers with this option. Each text block will be encrypted with the appropriate remailer's key. This was a fairly tedious task to do by hand, but Private Idaho completely automates the process. Keep in mind this level of encryption is totally seperate from you encrypting a message to an individual. Replace subject --------------- The "Replace subject" option removes the subject on the To: line, and adds a user-selected subject to final mail destination. This is useful if you really don't want someone to guess the contents of the mail by the subject line. A dialog box will prompt you for the subject title. Use latent time --------------- The "Use latent time" option instructs the remailer to delay sending the message after some set period of time. This is useful if you suspect traffic analysis is taking place (watching the flow of messages to and from you). A dialog box will prompt you for the amount of delay. You can either specify a local time for the mail to be sent (in 24 hour clock format). For example, entering 18:00 would instruct the remailer to send the message at 6:00 PM, the local time of the remailer. (Don't add AM or PM.) You can also specify a set number of hours and minutes after the mail is receieved. For example, entering +10:30, would delay sending the message 10 hours, 30 minutes after it was received by remailer. You can enter values of up to 24 hours. If you are chaining remailers and use the latent time option, the same value will be used for all remailers. A future version will allow you to enter unique time values for each remailer. Use cutmarks ------------ Some e-mail packages automatically attach a signature (sig) to the bottom of each sent message. This obviously reduces the anonymous nature of using a remailer. When the "Use cutmarks" option is checked, the remailer will search for a line beginning with a certain character string. It will remove that line, and all subsequent lines. For example, if you specify the cutmarks to be "--", the line containing "-----------------------" and any lines after it, would be stripped from the message. You specify the cutmarks string in a dialog box. If you are chaining remailers, cutmarks will only be removed from the message received by the first remailer. This is because a message composed in Private Idaho will not have any sigs attached to it. NOTE: Be careful of using cutmarks with encrypted messages. PGP encrypted messages start with "-----BEGIN PGP MESSAGE-----", so if you used "---" as the cutmark, your message would be removed. To post anonymously to a USENET newsgroup: ------------------------------------------ You can prepare a message for anonymous posting to a USENET newsgroup. 1. Enter the name of the newsgroup you want to post to in the To: combo box (i.e. alt.2600). 2. Enter the subject and message. 3. Select which type of remailer to use from the Remailers menu. Cypherpunk - if this remailer type is selected, the "E-mail gateway" option is available. A list of mail-to-USENET gateways is displayed for you to select. Eric - if this type of remailer is selected, the message is posted directly through the remailer. Anon.penet.fi - if you have an account on Anon.penet.fi, the message will be posted directly through the remailer. 4. Specify you want to post to a newsgroup by checking a menu item in the Newsgroup menu. If you select None, specific information needed to create a newsgroup posting will not be added. 5. Select a remailer (or "chain") from Remailer: combo box. 6. Choose the "Append info to message" command from the "Transfer" menu. IMPORTANT NOTE: Sending an e-mail message to one of the USENET gateways will not anonymize the mail. You must send it through a remailer first. Please test by sending mail to someplace like alt.test before doing it for real. Not all USENET gateways support all newsgroups. You may have to try several to find one that supports the groups you want to post to. To transfer a message to your e-mail software: ---------------------------------------------- 1. Make sure the e-mail software (Eudora, MS Mail, etc.) is running, a blank, new message in the e-mail software is in front, and the cursor is on the To: line. Do not minimize/iconize the e-mail application. 2. In the Private Idaho "Transfer" menu, choose the "Transfer to e-mail" command. This transfers the address information and message contents you entered in Private Idaho to your e-mail software. Technically, this is a pretty dumb operation. It does a series of Clipboard copies and pastes (with SendKeys) to the e-mailer. Poor man's DDE or OLE. If you don't have the new message window open or the cursor is somewhere other than the To: line, Private Idaho will happily try to paste the data in whatever e-mailer window is active. Changing e-mail transfer settings: ---------------------------------- The Options command in the Transfer menu contains the settings used to transfer a message from Private Idaho to the e-mail software you are using. This information must be correct for a valid transfer to take place. The information in the dialog is fairly self-explanatory. In version 2.0, a list box displaying all running applications and available windows to transfer to has been included. Make sure your e-mail application is running before you run Private Idaho. You may need to experiment with which window to transfer to. Use your common sense in selecting a window name from the list. Adding your own e-mail software specifications: ----------------------------------------------- The EMAIL.TXT file contains specifications for a variety of e-mail packages. Up to 12 e-mail apps will be displayed in the dialog box when you choose Options from the Transfer menu. The file is a text file, with each line representing e-mail information. The file format is simple. A record consists of: line 1 - the name of the app to appear on the button (i.e. MS Mail) line 2 - the program name as it appears when you ALT+TAB (Microsoft Mail) line 3 - the first header in a new message (i.e. To:) line 4 - the second header in a new message (i.e. CC:) line 5 - the third header in a new message (i.e. Subject:) line 6 - the fourth header in a new message (if nothing, leave blank) line 7 - the fifth header in a new message (if nothing, leave blank) Line 8 - the sixth header in a new message (if nothing, leave blank) Private Idaho reads 8 lines in at a time and associates it with a button. When you press the button, the information is added to the header section. You probably won't need to modify this file. Other stuff ------------- When Private Idaho runs for the first time, or when you choose the Update public keyring command from the PGP menu, the screen will go black, and depending on how slow your machine is, you may get a brief glimpse of the PGP DOS screen before the Windows app first appears. This ugliness occurs when Private Idaho shells out to PGP and redirects the contents of the public ring to a text file named PUBKEYS.OUT. Kind of cheesy, but effective since VB doesn't easily support redirected output from shelled DOS apps. Don't modify the remailers text file please. You can get the most current, usually on a weekly basis, from ftp.eskimo.com /joelm or http://www.eskimo.com/~joelm. Practical limitation of text in the message box, approximately 32K. Total anonymous mailers to list for chaining, 30. The name Private Idaho comes from a catchy B-52s song. No deep social meaning, just had a nice ring to it. Cypherpunks write code... Command summary ----------------- File Import message - reads a text file into the message area Export message - saves the contents of the message area to a text file Options - sets whether an address book is used Exit - just what it sounds like Edit Cut - standard Copy - standard Paste - standard Clear message - clears any text in the message box Copy message - copies any text in the message box to the Clipboard Paste messages - pastes Clipboard text to the message box PGP Encrypt message - encrypts text in the message box Encrypt and sign message - encrypts and signs text in the message box Clear sign message - attaches a signature to text in the message box Decrypt message - decrypts PGP ciphertext in the message box Encrypt to self - also encrypts with your key for archiving Obscurity - adds and deletes PGP headers from ciphertext Update public keyring - updates PI's keyring file Run PGP minimized - keeps the PGP DOS box minimized Auto-close PGP - automatically closes the PGP DOS box window Options - sets PGP path, your user ID, and temp file Remailers Cypherpunk - displays Cypherpunk-style remailers Eric - displays Eric-style remailers Anon.penet.fi - displays Penet-style remailers Advanced Cypherpunk - more Cypherpunk-remailer options Encrypt to remailer(s) - encrypts message with remailer PGP key Replace subject - uses a different subject line Use latent time - delays sending the message Use cutmarks - removes specified signature lines Newsgroups None - if you're not posting to a USENET newsgroup E-mail gateway - displays e-mail gateways to newsgroups Eric - fills in information for posting through Eric remailers Anon.penent.fi - fills in information for posting through Penet Transfer Append info to message - adds remailer info to message Transfer to e-mail - transfers the message to an e-mailer Append and transfer - adds remailer info and transfers Options - options for specifying e-mailer Help About... - brief info Information... - displays this file Future versions ----------------- Despite the many new features, there are still a few things left I'd eventually like Private Idaho to do: Advanced Cut-marks (such as using with newsgroups) Advanced Latent-time (specified time per each chained remailer) Advanced ## Headers (not just ## subject, but user-defined headers) "Real" app that doesn't require the VB runtime Release history ----------------- 1/5/95 1.0 release 1/12/95 1.1 release fixed path and .INI problems in load routine cosmetic changes to the interface 2/21/95 1.5b beta release - no longer Eudora exclusive added "encrypt to self" option added "obscurity" option added manual "update public key ring" command added key equivalents to some commands added user-specified temp file added e-mail configuration options added optional "address book" (no RCPDBASE) revised remailer list format for more info added "eric" and "penet" remailers revised mail/USENET gateway operation added "append & transfer" command some user interface changes revised this document 3/1/95 2.0b beta release significant added features jumped to 2.0! fixed AppActivate/Transfer to work with NT added message Import/Export commands optimized user ID check against public key added single/chained remailer encryption added remailer list filtering by type added "Advanced features" menu added "Insert" commands in Edit menu added transfer list box for selecting e-mailer modified CPMAILERS.TXT format added RMINFO.TXT file (Raph's) added ADDKEYS.BAT file (installs remailer keys) added min/max/auto-close states for PGP DOS box revised this document