Self Decrypting Archives

Jeff Herrin Jeff@AlternateImage.com
Thu Jun 19 23:09:02 2003


Nobody is actually clicking on anything. The file creation, the encryption,
the FTP transfers, the decryption is all done automatically by scripts that
are designed to specifically handle SDAs. I know they have the ability with
their commercial version of PGP to handle whatever I send them but their
system is specifically looking to read from an FTP folder and decrypt it as
an SDA.

Jeff Herrin
Alternate Image
----- Original Message ----- 
From: "David Shaw" <dshaw@jabberwocky.com>
To: <Gnupg-users@gnupg.org>
Sent: Thursday, June 19, 2003 4:58 PM
Subject: Re: Self Decrypting Archives


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, Jun 19, 2003 at 04:22:56PM -0400, Gates, Scott wrote:
>
> > So, SDA's have saved my bacon on more than one occasion.  I have
recently
> > started using GPG because it lets me call it remotely from an FTP script
on
> > the local host.  This way I can use JCL (batch to you DOS types) and run
my
> > file transfers from the master scheduler. This is fine when the
recipient
> > can receive encrypted e-mail attachments, or FTP.  But the few that need
> > LOTS of hand holding to open an e-mail attachment are the ones who give
me
> > the most headaches, and are also the ones who won't install software.
>
> But a SDA *is* "installing" something.  What do they think happens
> when they click on it?
>
> Try this:
>
> > If you really wanted to, you could even send your receiver a zip file
> > containing the "gpg" binary, plus the encrypted file, and a batch file
> > that contained something like "gpg theencryptedfile.gpg".  Poof:
> > instant SDA.  Of course, it's still insecure ;)
>
> It works, and the end result is a SDA.
>
> David
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3rc1 (GNU/Linux)
> Comment: Key available at http://www.jabberwocky.com/david/keys.asc
>
> iD8DBQE+8iPf4mZch0nhy8kRAvTIAJ9QGZG607c5SVRcbGwG+FK98/dNigCgh9Mv
> pgBYhqNgP4KDpWvJaQwO8SY=
> =Xn8x
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>