Version 2.8b Online Help

Private Idaho Overview

Private Idaho makes private e-mail easier. It simplifies using PGP, various anonymous remailers and nym servers. You can send e-mail messages with it (if you have access to a SMTP mail server) or you can use it in conjunction with many Windows e-mail applications. You can also download and decrypt PGP e-mail messages if your Internet provider is using a POP3 mail server (most are).

PGP is fairly well known. Remailers and nym servers are getting increased exposure, but are still not widely used. If you use PGP, they are worth knowing and learning about. For a good introduction, refer to:

http://www.sendfakemail.com/~raph/remailer-list.html

What it doesn't do

Private Idaho isn't full featured e-mail software (and likely never will be). It doesn't support many options a package like Eudora or Pegasus does. It is meant to be a simple, easy to use tool for sending secure e-mail. (The latest version of Pegasus does have hooks for a PGP drop-in module and it appears as if Eudora will have similar capabilities in the future.)

Private Idaho isn't a "complete" PGP shell. It's designed to make sending private e-mail easier and incorporates the basic PGP features for doing so.

Why it's free

I'm a strong believer in privacy, especially electronic privacy. Electronic privacy on the Internet is extremely fragile and can easily be abused. That's why I wrote Private Idaho. To provide people with an easy to use tool that enhances their on-line privacy. Private Idaho is free because I want to make it available to as many people as possible. No strings attached (aside from those included in the GNU General Public License).

Sometimes I get asked if I'll accept donations to support continued development. In the past, I've declined, but after giving it some thought, if you want to support Private Idaho, please send a check to the Electronic Privacy Information Center (EPIC) and include a note that you're doing so because of Private Idaho. I personally feel this organization is doing some great things, standing up for a variety of rights that are critical to the continued growth and success of the Internet. Check out their Web page (http://www.epic.org), and I think you'll agree. And as a bonus, since they're a non-profit organization, your donation is tax deductible. Reduce your taxes and support strong crypto and electronic privacy. What a deal!

The source code is available & 32-bit versions

Due to a variety of projects and other directions, I've had to considerably cut back the amount of time I devote to Private Idaho. Because of this, I've decided to make the Visual Basic source code available under the terms of the GNU General Public License agreement. If you're a developer, you might be interested. Here's the details.

All the work I did on Private Idaho was centered around a 16-bit version that would run under Windows 3.x and Windows 95. Since releasing the sources to the public, several folks have released 32-bit versions.

What's new in 2.8

• Auto encrypt/decrypt of configuration files - If started with the command line PIDAHO.EXE C:\WINDOWS\PIDAHO.INI (or whatever the path of the INI file), PI will PGP decrypt the following files on startup, and decrypt them on exit: PIDAHO.INI, NYMS.TXT, ADDRESS.TXT, and PUBKEYS.OUT. Recommended for high security requirements.

• Support for auto-encrypt/decrypt of PGP's secring and pubring files. Conventionally encrypts the key rings on exit, and decrypts them when PI first runs. This prevents someone from examing your secret key ring to view your nym keys, or your public ring to see who you correspond with.

• Keys menu added - A new menu called Keys now supports key related commands.

• Generate key pair command added - Support for creating PGP key pairs is now available.

• Load passphrase at startup (in PGP Options) - Prompts for passphrase at start. Keeps in memory so you never need to enter in the DOS box during encrypt and decrypt operations.

• Update PUBKEYS.OUT command - Renamed from update public key to be more accurate in meaning.

• Submit key to server command - Submits the public key in the message box to the MIT server via an e-mail message.

• Get key from server command - Attempts to retreive a public key from the MIT server based on the user ID in the To: box.

• Update remailer info command - When connected to the Net, this command downloads the REMAILER.HTM file (a copy of Raph's Web page) and updates current remailer info. This eliminates the RMINO and CPMAILER files and the need to manually update them. If Mixmaster type remailers are selected in the Remailers menu, information is updated about them from Raph's MM page.

• Support for private remailers - Remailers that are in operation but are no longer displayed in Raph's pinging list may be listed in a text file named PRIVATE.TXT in the PI directory. Each line should contain only the remailer address. These remailers will be appended to remailers shown in Raph's list.

• Get remailer keys command - Connects to the remail key page and downloads the contents to the message box. Keys can be added with the Add key from message command.

• Remailer newsgroup header command - Adds a "Newsgroups" header in the message body to support news gateways such as mail2news@anon.lcs.mit.edu.

• X-headers command - Allows user defined headers to be inserted in a mail message.

• Append on send command - When checked, automatically appends remailer info (including encrypting to remailers if selected) to the message before sending. Eliminates the need to manually use the Append info command.

• Transfer options command - To transfer a message to an application, only scripting is supported now. The tabbed, message headers have been eliminated.

• nym.alias.net support - The nym.alias.net nym servers (newnym type) are now supported. An "Edit existing alias.net nym" command has been added once a nym has been created. Creation of this type of nyms works is identical in interface to the alpha nyms. Note: Advanced features such as multiple and probability-based reply blocks are currently not implemented.

• Delete nym command - This command deletes a nym from the NYMS.TXT file and optionally sends a delete message to the nym server.

• Attachment support - Users can now attach files to mail messages. These are encoded as Base 64 MIME compliant. Attachments may be encrypted or not. Note: Remailers and newsgroup postings do not support attachments.

• Add system info command - When you use the "Send feedback" command in the Help menu to report a problem, check this menu item first. It adds system and configuration information to the message to help me resolve problems.

• ViaCrypt support removed - Due to compatibility problems in getting PI to work with the 4.0 version of ViaCrypt, and a small user base, support has been removed. ViaCrypt users should simply put a copy of the DOS version of PGP in their PGP directory to continue to use PI.

• Windows online help removed - PIDAHO.HLP is no longer shipped. Users are encouraged to go to: http://www.eskimo.com/~joelm/pihelp.html and use a browser to access the help file. The file can be printed or saved locally if the user wants a copy on their hard drive for reference. The HTML file is distributed with Private Idaho.

• Anon.penet.fi support removed - As of September 1996, Anon.penet.fi is no longer operation. Because of this, support has been removed from PI.

• Font changes - Ugly FixedSys font has been replaced by MS San Serif.

• Under the hood - The IPP20.VBX file is no longer required. The following controls enhance PI's Internet connectivity and performance and should be placed in the C:\WINDOWS\SYSTEM directory: HTTP20.VBX, NETC20.VBX, POP20.VBX, SMTP20.VBX

System Requirements

Some users have reported success with Windows NT, but at this time, it is unsupported.

A Windows e-mail package

(Eudora, Pegasus, etc.) - optional

PGP

(Pretty Good Privacy - 2.6.2 is the latest MIT version, or use the latest "I" version out of the United States - if you're using the commercial ViaCrypt Windows version, see the section on Using ViaCrypt PGP.)

VBRUN300.DLL (Visual Basic runtime)

Most people seem to have a copy of this file. It isn't included with Private Idaho because of the size. If you need it, get it here. Then move it to the \WINDOWS\SYSTEM directory.

Where to Get Private Idaho

FTP - ftp.eskimo.com /u/j/joelm

World Wide Web - http://www.eskimo.com/~joelm/pi.html

Mirror sites include:

• ftp://ftp.rivertown.net/pub/win/privacy/

• ftp.cts.com/pub/jrcffmn
• ftp.ox.ac.uk/pub/crypto/pgp/pc
• ftp.nus.sg:/pub/zq/pidaho

Installation

• PIDAHO.EXE (the application)
• PIHELO.HTM (HTML help file)
• REMAILER.HTM (remailer info)
• MIXMASTE.HTM (Mixmaster remailer info)
• RMKEYS.TXT (recent remailer PGP keys)
• NYMKEYS.TXT (recent nym server PGP keys)
• USENET.TXT (list of mail to USENET newsgroup gateways)
• EMAIL.TXT (list of e-mail software settings)
• URLS.TXT (list of Web URLs)
• PIPGP.PIF (for easy shelling to DOS PGP)
• PIPGPX.PIF (shell and autoclose)

• CMDIALOG.VBX (common dialog control)
• HTTP20.VBX (HTTP server control)
• NETC20.VBX (Base64 encode/decode control)
• POP20.VBX (POP e-mail control)
• SMTP20.VBX (SMTP e-mail control)

If you're updating a previous previous of Private Idaho, Setup will only replace older files. You'll be prompted to replace each existing file.

If for some reason you have problems with the installation, you can manually copy the files.

When you run Private Idaho for the first time, it will prompt you for configuration information (to be saved in the PIDAHO.INI file). You will only need to go through this process once. The steps are fairly self-explanatory. PIDAHO.INI is written to the C:\WINDOWS directory.

Updating Remailer/USENET Info

The best source of information is Raph Levien's automatic pinging service. Raph publishes statistics on remailers, including their response time. Private Idaho uses this data. It's all contained in the REMAILER.HTM file. This is the HTML file found at: http://www.sendfakemail.com/~raph/remailer-list.html

You can update the contents of this file in realtime by choosing the Update remailer info command in the Remailers menu. If you have a Net connection, Private Idaho will attempt to make a connection to the Web server and download the current information to your hard drive. The date and time of the last update is shown beneath the remailer list. The previous version of the file is stored as REMAILER.OLD. If you have problems downloading a new version, rename REMAILER.OLD to REMAILER.HTM.

Note: Remailers that are in operation but are no longer displayed in Raph's pinging list may be listed in a text file named PRIVATE.TXT in the PI directory. Each line should contain only the remailer address. These remailers will be appended to remailers shown in Raph's list.

In addition, Private Idaho also updates the following Mixmaster-related files:

To get the latest Mixmaster infomation, make sure Mixmaster is checked in the Remailers menu. Then choose the Update remailer info command in the Remailers menu.

(File information comes from the following respective sources: http://kiwi.cs.berkeley.edu/mixmaster-list.html, http://kiwi.cs.berkeley.edu/pubring.mix, http://kiwi.cs.berkeley.edu/type2.list . In addition, http://www.jpunix.com is a good source of Mixmaster information.)

Note: If a remailer is listed without any statistics, there's a good chance it currently isn't running. Unless you know for sure, don't use it.

Automatic updates of USENET gateways currently aren't supported (you'll need to update the USENET.TXT file by hand). You can get the most current USENET gateway information (as well as additional remailer info such as PGP keys) by:

E-mailing mg5n+remailers@andrew.cmu.edu (no subject or text in the message body required)

or

http://students.cs.byu.edu/~don/mail2news.html

Connecting to the Internet

• you must be connected to your Internet provider through a Winsock stack
• your Internet provider must support a SMTP mail server for outgoing e-mail
• your Internet provider must support a POP3 mail server for incoming e-mail

Note: Older versions of Private Idaho required you to choose the Connect command from the File menu to establish a Net connection. This is no longer required.

Which mail servers you use depends on the information in the Options dialog box in the File menu. For example:

• E-mail address - joelm@eskimo.com
• Real name - Joel McNamara
• SMTP server name - mail.eskimo.com
• POP account name - joelm
• POP server name - mail.eskimo.com

Using Expert and User modes

You can switch between Expert and User mode in the File menu. That way, once you're experienced with Private Idaho, you can access the complete set of features.

Using an Address Book

Each line should contain a unique address. E-mail addresses appear in the To: combo list in the order they appear in the Addresses window.

Addresses are stored in the ADDRESS.TXT file in the Private Idaho directory.

Using OS/2 Delay

If you are running OS/2, you may (or may not) need to check this option. If you are running Windows (by itself), make sure this option is not checked.

Installing remailer and nym server PGP public keys

The file RMKEYS.TXT contains copies of remailer PGP keys. Use the "Import message" command in Private Idaho's File menu to read the file into the message area. Then use the "Add key from message" command in the PGP menu. All of the keys will be added to your key ring. If you already have some of these keys installed, PGP will skip them and only install new ones.

The file NYMKEYS.TXT contains copies of nym server PGP keys. Use the same procedure as listed above to install these keys.

You can also get a current list of remailer keys by using the Get remailer keys command in the Remailers menu. This makes a Net connection and downloads a list of current keys to the Message box.

Specifying e-mail information

To do so, you need to enter some setup information when Private Idaho is first run. This includes:

• Your e-mail address - i.e. joelm@eskimo.com
• Your real name - i.e. Joel McNamara
• Your SMTP server name - i.e. mail.eskimo.com
• Your POP3 account - i.e. joelm
• Your POP3 server name - i.e. mail.eskimo.com

Save Private Idaho settings

Auto-encrypt/decrypt of settings

If you start Private Idaho with the path containg PIDAHO.INI (i.e. C:\WINDOWS\PIDAHO.INI) as the command line, it will automatically decrypt the PIDAHO.INI, NYMS.TXT, ADDRESS.TXT, and PUBKEYS.OUT files on start-up (you'll be prompted to supply a passphrase) and encrypt them with your primary public key when you exit. Encryption/decryption is performed on the files using the primary public key you specified in Private Idaho. You can set a command line in either the Program Manager or Explorer.

If you enter an incorrect password during start-up, Private Idaho will exit (no three strikes you're out). This process may take awhile, depending on the size of your files.

Warning: It would be wise to back-up these files.

Security Alert: Since you're entering your secret key within a Windows program and not the DOS box, there's a chance the passphrase may be written to the Windows swap file. If you have a high threat model, be sure to wipe the swap file before you shut down your computer.

Auto-encrypt/decrypt of secret and public key rings

To auto-encrypt/decrypt:

1. In the PGP menu, choose the Options command.

2. Check the Auto encrypt/decrypt key rings box.

When Private Idaho exits, you'll be asked to enter a passphrase (this can be any passphrase you'd like). Private Idaho will then go the PGP directory specified in the Options dialog (this should be the same as the PGPPATH environmental variable in AUTOEXEC.BAT), and conventionally encrypt the SECRING.PGP and PUBRING.PGP files.

The next time Private Idaho runs, you'll be prompted for a passphrase to decrypt the files. Remember it. It may or may not be the same as your secret key passphrase.

To turn this option off, uncheck the box in the Options dialog and click OK.

Note: If you use other PGP shells, this option is likely not a good idea unless you manually decrypt the key rings before using with another shell.

Warning: If you forget the passphrase used to encrypt the key rings, you're going to be out of luck. That's a 128 bit IDEA key which will roughly take 5.4 x 10¹⁸ years to brute force based on 10⁶ encryptions per microsecond. Otherwise, be sure you've got a back-up of your key rings.

Security Alert: If you use the same passphrase as your secret key's to conventionally encrypt the files: Since you're entering your secret key within a Windows program and not the DOS box, there's a chance the passphrase may be written to the Windows swap file. If you have a high threat model, be sure to wipe the swap file before you shut down your computer.

Sending feedback

If you find a bug, be sure to check the "Add system info item" in the Help menu, then choose "Send feedback." This adds information about your system and Private Idaho configuration.

Due to a variety of other projects, I've had to drastically cut back on the amount of e-mail support I provide for Private Idaho. Bug reports will be logged and suggestions will be noted, but at this point, don't hold your breath waiting for an e-mail reply from me. If Private Idaho doesn't seem to work right, check the Troubleshooting section in the on-line documentation. I'll try to keep this current with common problems.

Another excellent source of information is the alt.security.pgp USENET newsgroup. There's quite a few Private Idaho users there, and often they'll answer posted questions.

Encrypting a message

2. Compose the message you want to encrypt in the message box.

3. Choose the "Encrypt message" command from the PGP menu.

Private Idaho will create a temporary file containing the message, shell out to PGP and encrypt the file with ASCII armor, copy the encrypted text to the message box, and delete the temporary file with the PGP wipe command (yes, wipe only performs a single pass at overwriting the data before deleting, if you need more security, try a shareware memory resident app called Real Delete).

Note: Clicking the cursor on To: will display a dialog box listing the contents of your PGP public key ring. Since most user IDs correspond to e-mail addresses, this is a quick way to enter an address.

Encrypting and signing a message

If Multiple User IDs are specified in the PGP Options dialog box, you'll be prompted for which key to use to sign the message.

Signing a message

If more than one user ID is specified in the PGP Options dialog box, you'll be prompted for which secret key to use to sign the message.

Important Note: Some e-mail packages (notably Eudora), hard code carriage return/line feeds when mail is sent and Word Wrap is turned on. This means if you sign and message, the signature will be invalid when the receiver gets it, because CR/LFs have been added. I've found most e-mail software is pretty smart these days, and will automatically wrap lines without CR/LFs. Consider turning Word Wrap off if you have this problem with clear signing.

Using multiple keys to sign a message

Private Idaho supports up to 8 PGP keys that can be used for clear signing a message. You need to enter the user ID of each key. To do this:

1. Choose "Options" from the PGP menu.

2. Click the "User IDs" button.

3. Enter the user ID from your secret key ring.

4. Click "OK."

Now check the "Prompt for user ID on signing" checkbox and click "OK."

When you choose the "Clear sign message" command from the PGP menu, a dialog box is displayed containing the user IDs of the keys. Select the key you wish to sign the message with.

Decrypting a message

2. Choose the "Decrypt message" command from the PGP menu. You will be prompted for your passphrase.

Private Idaho will create a temporary file containing the message, shell out to PGP and decrypt the file, copy the decrypted text to the message box, and delete the temporary file with the PGP wipe command.

Importing or exporting a message

The "Export message" command saves the contents of the message box to a text file on disk.

Using a header or signature (sig) in a message

Headers could be:

X-Anon-Password: <whatever>

X-Anon-To: <the addressee>

Such as those used with the anon.penet.fi remailer.

Signatures are text with your name, e-mail address, and other information.

Choose the Options command in the Edit menu to enter a header and signature. These are saved to the HEADER.TXT and SIG.TXT files in the Private Idaho directory.

Once entered, the header/signature can be inserted into the message text box with the Insert header and/or Insert signature commands in the Edit menu.

Note: A header with a password or a signature used in the wrong place can compromise the security of your e-mail. Please use these features carefully.

Using multiple keys

You can also manually enter full or partial user IDs, with each ID separated by a space.

Multiple user IDs will be inserted in the To: line. If the creator of the key has followed standard PGP conventions, these will be "mailable" e-mail addresses.

Using "encrypt to self"

This feature is handy for archiving encrypted messages you have sent. You will need to provide your secret passphrase in order to decrypt any messages "encrypted to self."

Using "eyes only"

If you use Private Idaho and get an "Eyes only" message, decrypted text will not be placed in the message box. After it is displayed in the PGP DOS box, an error message will appear stating a file could not be found and the decryption couldn't take place. This is normal.

Using conventional encryption

Using "obscurity"

When Obscurity is checked, Private Idaho will strip off the identifying PGP text headers when a message is encrypted. It will also add the headers before it calls PGP to decrypt ciphertext in the message text box.

Obviously, the sender and receiver of the e-mail are both going to need to be using Private Idaho and know they need to have "obscurity" turned on.

Note: The format of a PGP message is very distinctive to a trained observer. Don't count on the "obscurity" feature fooling a knowledgeable and suspicious person.

Using word wrap

You can also manually word wrap a plaintext message with the "Word wrap message" command in the Message menu.

Word wrap length is set in the Options dialog box in the Edit menu.

Using a file as input

You will be prompted to supply the filename to encrypt/decrypt. File are encrypted with ASCII armor (to allow easy attachment in mail), and tagged with an .ASC extension. The plaintext file is not deleted or wiped after encryption. The file will be encrypted with the key in the To: line. The Encrypt to self, Eyes only, and Obscurity options are not used, even though they may be checked.

This option is useful if you have a message over 32k (Private Idaho's maximum message box size).

Creating a new key pair

Adding a key to your public ring

Deleting a key from your public ring

1. Choose the "Delete key" command in the Keys menu.

2. Select which public key to delete from the user ID list.

PGP will remove this key from your key ring and update the PUBKEYS.OUT file.

Inserting a public key in message

1. Choosing the "Insert key in message" command in the Keys menu.

2. Selecting the public key (from a list of user IDs) you want to insert.

This extracts a key from your public key ring, and inserts it at the cursor in the message text box.

Updating Private Idaho's public key ring information

Choose the "Update PUBKEYS.OUT" command from the Keys menu.

The PUBKEYS.OUT file should always be in the same directory as Private Idaho.

You don't need to use this command if you add or delete keys from within Private Idaho.

Requesting a key from the MIT key server

1. Enter the user ID to search for in the To: box. This is typically an e-mail address. For example, joelm@eskimo.com

2. In the Keys menu, choose the Get key from server command.

Private Idaho will connect with the MIT key server at http://swissnet.ai.mit.edu and make a request to search for a key. If a key is located, it will be displayed in the Message box. If a key isn't in the data base, an error message is displayed.

After you have successfully downloaded a key, you can add it to your public key ring with the Add key from message command in the Keys menu.

Note: Be very specific with the search text. If you enter "john" on the To: line, the server will try to return all of the keys containing "john." Private Idaho won't be able to handle such a request.

Adding a key to the MIT key server

1. Insert the public key to submit in the Message box. You can extract a public key from your key ring with the Insert key in message command in the Keys menu.

2. In the Keys menu, choose the Add key to server command.

Private Idaho will send an e-mail message to the server, requesting the key to be added. You'll be notified by e-mail if the key is successfully added. If you aren't connected to the Net, transfer the message to your normal e-mail application for later sending.

Controlling the behavior of the PGP DOS box

When "Run PGP minimized" is checked, the iconized window is displayed at the bottom of the screen when PGP is run. When this option is not checked, the full-screen, Windows DOS box is displayed.

When "Auto-close PGP" is checked, the PGP DOS box is automatically closed when PGP finishes running. When the option is not checked, you must manually close the window when PGP is done running.

These features are useful for viewing PGP diagnostic messages.

Setting PGP options

The PGP path (which is extracted from the PGPPATH environment variable, which you should have set if you followed the PGP installation instructions) is the directory path where the PGP .EXE is located.

Your PGP user ID is just that. You can use the entire user ID (i.e. Joel McNamara <joelm@eskimo.com>) or a portion of it. You are prompted for this when Private Idaho starts.

The User IDs button supports up to 8 PGP secret key ring user IDs. When "Prompt for user ID on signing" is checked, a dialog box is displayed that prompts for the key to use in clear-signing the message.

There is also a temporary file name. This is the file Private Idaho uses when encrypting and decrypting text from the clipboard. PIDAHO is the default, and you should leave that setting unless you have any name conflicts (which you shouldn't). Temporary files are written and deleted/wiped from the PGP directory. Do not add a file extension to the temporary name.

You can specify a full path for the temp file (i.e. e:\temp\pidaho). This is provided for users who want the additional security of having their temp files written to a RAM disk. If a full path is specified, that directory is used.

You can specify to load your PGP passphrase at start-up (see below).

You can also specify to auto-encypt/decrypt your secret and public key rings for additional security.

If you want to use key rings that are located somewhere other than the default PGP directory, you can specify their location in PGP's CONFIG.TXT file. See the PGP documentation for details on this.

Loading your passphrase into memory at start-up

Security Alert: There are obvious risks with this feature (the passphrase potentially written to the Windows swap file, someone accessing your messages if you leave the machine unattended, etc.). You need to judge the trade-offs of security versus convenience.

Note: This feature is disabled if you choose to use multiple keys for signing and encrypting.

Using ViaCrypt PGP

If you're using ViaCrypt, place a copy of the DOS version of PGP in your ViaCrypt directory and use Private Idaho to interact with it.

Sending mail

To send a message, make sure the proper "to:" mail address is specified and either click the Send button above the message text or use the "Send message" command in the Message menu.

As Private Idaho communicates with the mail server, you'll see parts of the conversation displayed above the message box.

Mail sent directly from Private Idaho is currently limited to the size of the text box (roughly 32K). There are no limitations on attachment sizes.

If you use Private Idaho with a non-SMTP mail server or wish to use a full-featured e-mailer, you can use the Transfer commands in the Message menu to transfer a composed message back to your primary e-mailer for sending.

Sending attachments

To send an attachment:

1. Compose the message and enter the recpient's e-mail address on the To: line.

2. In the drop-down list box below the Attachment check box, select the whether not to encrypt the attachment, encrypt the attachment with the key belonging to the person on the To line:, or encrypt the attachment using PGP conventional encryption.

3. Check the attachment box. A file dialog will prompt you to select the file you'd like to attach. The file's name will appear next to the Attachment check box after it's been selected.

4. Send the message. The file will first be encrypted (if specified), then Base64 encoded.

If you decide not to attach a file to a message, uncheck the Attachment box.

Note: Private Idaho currently does not support sending uuencoded attachments. Sending attachments through anonymous remailers is also not supported.

Using X-Headers

When X-Headers is checked, the user-defined X-Headers are inserted into the message headers. When X-Headers isn't checked, no additional headers are inserted into the message.

Sending mail through a single remailer

• Cypherpunk - the largest category of remailers.
• Mixmaster - the most secure type of remailer.
• Eric - another type of remailer

I really don't want to get into the differences between the various types or make suggestions on which to use. See: http://www.sendfakemail.com/~raph/remailer-list.html for some good information sources on remailers.

1. Check which type of remailer to use in the Remailers menu.
2. Compose the message and specify who you want to send the mail to in the To: line.
3. Select a remailer from the Remailer: combo list.
4. Choose the "Append info to message" command from the Message menu.

If you are using a SMTP mail server, you can click the Send button or use the "Send message" command in the Message menu.

If you are using another e-mailer, the "Transfer to app" command in the Message menu moves the message to your e-mailer. The "Append and Send/Transfer" commands appends and sends/transfers in one menu selection.

Sending mail through multiple remailers

1. Follow the same steps as with a single remailer, but choose "chain" from the Remailer: combo list box.

2. Choose the "Append info to message" command from the Transfer menu.

3. A list of remailers is displayed. Select the ones you wish to chain. You can choose the order you wish to chain the remailers.

The appropriate remailer instructions are added to the contents of the message box.

Using the Append on send option

Encrypting mail to send through an anonymous mailer

2. Select the appropriate remailer(s) and choose the "Append info" command from the Message menu.

If you don't follow this order, you'll end up encrypting the remailer instructions. The remailers are smart, but not that smart.

Using Cypherpunk remailer advanced features

By checking one of the options, it filters the remailers in Remailer list box. For example, if you check the "Use latent time" option, only Cypherpunk remailers that support the latent time option will be displayed in the list box. If no options are checked, all Cypherpunk remailers are displayed.

Select advanced options, then select which remailers to use. (Each time an option is checked or unchecked, the list is reset, and the default value is "none.")

Encrypt to remailer(s)

When this option is checked, the text in the message box will be encrypted with the selected remailer(s)' key.

You must first add the remailer keys to your public key ring. See the installation instructions.

You can also chain remailers with this option. Each text block will be encrypted with the appropriate remailer's key. This was a fairly tedious task to do by hand, but Private Idaho completely automates the process.

Keep in mind this level of encryption is totally separate from you encrypting a message to an individual.

Replace subject

A dialog box will prompt you for the subject title.

Use latent time

A dialog box will prompt you for the amount of delay.

You can either specify a local time for the mail to be sent (in 24 hour clock format). For example, entering 18:00 would instruct the remailer to send the message at 6:00 PM, the local time of the remailer. (Don't add AM or PM.)

You can also specify a set number of hours and minutes after the mail is received. For example, entering +10:30, would delay sending the message 10 hours, 30 minutes after it was received by remailer. You can enter values of up to 24 hours.

If you are chaining remailers and use the latent time option, the same value will be used for all remailers. A future version will allow you to enter unique time values for each remailer.

Use cutmarks

When the "Use cutmarks" option is checked, the remailer will search for a line beginning with a certain character string. It will remove that line, and all subsequent lines. For example, if you specify the cutmarks to be "--", the line containing "-----------------------" and any lines after it, would be stripped from the message.

You specify the cutmarks string in a dialog box.

If you are chaining remailers, cutmarks will only be removed from the message received by the first remailer. This is because a message composed in Private Idaho will not have any sigs attached to it.

Note: Be careful of using cutmarks with encrypted messages. PGP encrypted messages start with "-----BEGIN PGP MESSAGE-----", so if you used "---" as the cutmark, your message would be removed.

Post to USENET

About Mixmaster remailers

Since the Mixmaster client uses export-controlled cryptography, it is not included with Private Idaho. Refer to http://www.obscura.com/~loki for information on how to get a copy of MIXMASTE.ZIP (the compressed version of Mixmaster and its support files).

Note: Although Lance and I have taken every reasonable precaution to assure that DOS Mixmaster was not exported, it appears that one or more persons unknown to us have exported the DOS version of Mixmaster (in violation of US law). We intend to continue to abide by the letter of US law in this matter, however I will list non-US ftp sites from which Mixmaster can be obtained as a public service:

ftp://utopia.hacktic.nl/pub/replay/pub/remailer/mixmaste.zip

To be able to send messages through Mixmaster remailers you need several files:

• MIXMASTE.EXE - the Mixmaster client
• MIXMASTE.CON - a support file
• PUBRING.MIX - the list of Mixmaster remailer keys
• TYPE2.LIS - the list of Mixmaster remailers
• MIXMSTR.TXT - statistics on Mixmaster remailers
• MIX.PIF - the PIF file for shelling to the DOS application

After you've installed these files, in the AUTOEXEC.BAT file add the following line:

SET MIXPATH=C:\PIDAHO

with the directory path specifying the Private Idaho directory. Reboot your computer and run Private Idaho.

Note: If you have problems getting Mixmaster to run correctly, set the working directory path in the MIX.PIF file to the the directory containing Mixmaster and Private Idaho.

Using Mixmaster remailers

Using Mixmaster remailers is no different than using Cypherpunk style remailers. Select "Mixmaster" from the Remailers menu, compose and address your message, select the remailer(s) from the drop-down list box to use, and choose "Append info" from the Message menu.

Private Idaho will shell out to the DOS version of Mixmaster, and prepare the message for sending.

You'll need to update information about Mixmaster remailers, just like Cypherpunk remailers. Specifically the PUBRING.MIX, TYPE2.LIS, and MIXMSTR.TXT files.

Updated Mixmaster information can be found at:

http://www.sendfakemail.com/~raph/remailer-list.html

and

http://www.jpunix.com

Notes: Mixmaster remailers chain differently than Type I Cypherpunk remailers. All of the remailer formatting information is encapsulated into a single message. This is unlike the Type I remailers, which you watch go through seperate formatting passes as each link in the chain is encrypted and formatted.

Because Mixmaster creates a fixed size message, text in the message box is currently limited to approximately 8 to 10k. This will be addressed in a future release.

Posting anonymously to a USENET newsgroup

1. Enter the name of the newsgroup you want to post to in the To: combo box (i.e. alt.2600).

2. Enter the subject and message.

3. If you are posting through the Anon.penet.fi or Eric remailers, you'll need to make sure the remailer is checked in the Newsgroup menu.

If you are using a Cypherpunk remailer, select the "Post to USENET" option in the "Advanced Cypherpunk" cascading menu. (You can also choose the Encrypt and Subject options to further enhance privacy.)

4. Select the remailer you want to send the message through.

5. Choose the "Append info to message" command from the "E-mail" menu.

6. If you'd like to chain your post, select which Cypherpunk style remailers to use and choose "Append info to message" again.

Note: I frequently get e-mail from people who are having difficulties posting to a USENET newsgroups. If you follow the instructions, this usually isn't a problem with Private Idaho. The most common reasons why people don't see there anonymous messages posted include:

• When test posting to alt.test or another high traffic newsgroup, sometimes articles seem to disappear into a black hole.

Try alt.anonymous for your tests.
• The speed of your Internet provider's newsfeed impacts when you will see your article. It may be hours or days before you actually see an article you posted. This depends on which server you posted the article to, and the amount of time it takes for the newsfeed to reach your Internet provider's news server.
• If you chain an article, a single remailer that is down will prevent the article from reaching its final destination.

Posting anonymously through a USENET gateway

1. Enter the name of the newsgroup you want to post to in the To: combo box (i.e. alt.2600). Note: Don't use someone's address. A gateway isn't a remailer.

2. Enter the subject and message.

3. Select the "E-mail gateway" option in the Newsgroups menu. If you select None, specific information needed to create a newsgroup posting will not be added.

4. Select a remailer (or "chain") from Remailer: combo box.

5. Choose the "Append info to message" command from the "E-mail" menu.

IMPORTANT NOTE: Sending a message to one of the USENET gateways will not anonymize the mail. You must send it through a remailer first. Please test by sending mail to someplace like alt.anonymous before doing it for real.

USENET gateways are getting increasingly harder to find. Many have shut down due to abuses. Others don't support all newsgroups. You may have to try several before finding one that works for you.

Wil Ussery has put together some pretty good FAQs on how to use Private Idaho to post anonymously to USENET newsgroups and how to use it with nym servers. Thanks Wil!

Using gateways that require a newsgroup header

To use these gateways with Private Idaho, compose your message, then:

1. Enter the gateway address on the To: line.

2. Make sure Replace subject is checked in the Advanced Cypherpunk remailer menu (Encrypt to remailers can optionally be checked for more security).

3. Check the Remailer newsgroup header item in the Newsgroups menu.

4. Specify the remailer to send the message through, and choose "Append info" from the Message menu. (Note: Do not select "chain." If you want to send the message through multiple remailers for additional security, it is a two step process. AFTER the message has been formatted, select "chain" in the remailer list and choose "Append info" again from the Message menu.)

You'll will be prompted for the subject and newsgroup name. Private Idaho will then enter these in the body of the message. If you're cross-posting to a series of newsgroups, seperate them with commas. This is better than sending many different individual messages.

Note: You don't need to go through these steps with gateways that are listed in Private Idaho's Newsgroup menu. See http://students.cs.byu.edu/~don/mail2news.html for a complete list of gateways that require a newsgroup header.

Transferring a message to your e-mail software

2. In the Private Idaho "E-mail" menu, choose the "Transfer to e-mail app" command. If you've specified multiple applications, a cascading menu with the application names is displayed. Select the application you'd like to transfer to.

This transfers the address information and message contents you entered in Private Idaho to your e-mail software.

If you don't have the new message window open or the cursor is somewhere other than the To: line, Private Idaho will happily try to paste the data in whatever e-mailer window is active.

Changing e-mail transfer settings

The information in the dialog is fairly self-explanatory. Make sure your e-mail application is running before you run Private Idaho. You may need to experiment with which window to transfer to. Use your common sense in selecting a window name from the list.

Private Idaho supports up to 4 applications to transfer messages to. Click the "Multiple" button at the bottom of the dialog. Then fill in the application's name, window name, and the script to use.

The script language has the following commands:

• to - to: header line
• from - from: header line
• subject - subject: header line
• cc - cc: header line
• bcc - bcc: header line
• msg - text in the message window
• tab - Tab
• +tab - Shift+Tab
• enter - Enter
• right - Right arrow
• left - Left arrow
• up - Up arrow
• down - Down arrow
• escape - Esc
• + - Shift
• ^ - Ctrl
• % - Alt

Each command (with the exception of the last entered command), should be followed by a comma.

Run your e-mail application and list the key sequences required to transfer the information. Usually, the cursor should always start on the first line/item of the new message window. However, if you like, you could write a script to execute a variety of menu commands to open a new message window.

For example, if you were using Free Agent, the following script would correctly transfer your e-mail from Private Idaho:

Adding your own e-mail software specifications

The file is a text file, with each line representing e-mail information. The file format is simple. A record consists of:

• line 1 - the name of the app to appear on the button (i.e. MS Mail)
• line 2 - the program name as it appears when you ALT+TAB (i.e. Microsoft Mail)
• line 3 - the script used to transfer the information from Private Idaho (see above)

Introduction to receiving PGP messages

While this makes accessing encrypted messages easy, there is one hitch. Private Idaho only processes PGP encrypted messages, and leaves all other messages on the server. This means you'll need to use a full-featured e-mail application such as Eudora or Pegasus to access any messages that aren't encrypted.

For people who periodicially log-on to their Internet provider to check mail, this isn't a problem. Simply run Private Idaho first to check for any PGP messages, then run your normal e-mail application to access the other messages.

For people who leave their e-mail application running in the background, this presents a sequencing problem. Currently, with Private Idaho, you can only manually check for PGP messages. There isn't a timer option to periodically check for messages at some set interval. Viewing this, it's very possible your regular e-mail application will download a PGP message before Private Idaho can.

The only solution to this problem would be to turn Private Idaho into a fully functional e-mail application, so you could send, receive, and manage your encrypted and regular mail. Unfortunately, I don't have the time to do this. However, if someone (or a group) is interested in taking this on as a project, I'd be glad to share the source code.

Scanning for PGP messages

The first time you scan for messages, you'll be prompted to supply your password to access the mail server. Private Idaho remembers this password for subsequent scanning, but "forgets" it when you exit the program.

Status about the scanning process is displayed above the message text box.

Showing PGP messages

Unread messages have an "n" to the left of the message.

There are several actions you can perform to a selected message with the command buttons at the bottom of the dialog box.

• Delete - flags the message to be deleted. A "d" will appear to the left of the message. Deleted messages can be accessed until they are permanently erased using the Compress PGP messages command in the Message menu.
• Undelete - flags the message to be undeleted, removing the "d." Use this command to mark any deleted messages undeleted before you compress the file.
• Save - copies the entire message to the main Private Idaho message text box. You can then copy or export the message if you want to save it to disk.
• Decrypt - decrypts the encrypted message and inserts the cleartext in the main Private Idaho message window. Double clicking a message performs the same action.
• Compress - compresses the file storing the PGP messages. Any messages marked for deletion will be permanently removed from the file.
• Options - displays a dialog box that indicates whether deleted messages will be left on the server.

What is a nym?

This is similar to setting up an old anon.penet.fi account, only much more secure. Instead of using a data base of users associated with account names (like penet.fi), the service works by rerouting through remailers and conventionally encrypting messages forwarded to you with PGP. There are currently two types of nym servers that Private Idaho supports. The first generation alpha type and the more secure newnym (alias.net) type.

Briefly, you supply the nym server with a chain of remailers (PGP encrypted being the most secure), you'd like to use to have any messages forwarded to you. You also provide a nym account name and a PGP passphrase to encrypt the forwarded message.

For example, if you used a nym server and selected "casper" as a nym, you could send anonymous e-mail or post anonymously to a USENET newsgroup and have people reply to casper@nymserver.com. When someone sends a message to that address, it is PGP encrypted, then sent through a series of remailers you specified. It is eventually forwarded to you through the remailers. You'd then use Private Idaho to decrypt the message.

Once you have an account, you can also send mail or post articles from the nym server. In such cases, your nym account name would appear in the From: line of the message/article.

Important

Unfortunately, due to quite a bit of abuse (spamming, mail-bombing, etc.), many nym servers have shut down. This is a case of a few individuals ruining a valuable privacy enabling tool for many Internet users. I really don't want to get on a soap-box, but when people start abusing free, privacy services, they will disappear faster than through any lawsuit or government regulation.

Adding new nym servers

For example, alpha.c2.org's entries looked like this:

$remailer{'alpha'} = '<alias@alpha.c2.org> alpha pgp';

alpha alias@alpha.c2.org +++*++**-+ 1:08:55 82.67%

Note: Nym server information relies on Raph's remailer list. If a new nym server comes on line, be sure to add its PGP key to your public ring before using Private Idaho to create a nym on it. The Add Keys button in the step-by-step creation dialog only adds keys of those nym servers listed in the NYMKEYS.TXT file.

Creating a nym account

Private Idaho will step you through the entire account request process, and when you're through, you can send the message to the nym server.

If you were successful, you'll receive an encrypted confirmation message back.

After you receive confirmation, send mail to your new nym account to test it. Remember, response time may vary.

Notes: Make sure "Encrypt to self" is unchecked before you create a new nym.

You must supply a "full nym" for Private Idaho to work correctly. If you're not feeling creative, just use the nym account name.

Adding an existing nym account

Note: You must include a full nym name. Don't leave this line blank.

Deleting a nym

The nym will be deleted from the NYMS.TXT file. A message will also be prepared to send to the nym server to remove the nym from the server itself. Send the message to the server to remove it.

Changing your nym reply block

1. Enter the final destination e-mail address in the To: text box.

2. Specify the new remailer or chain in the Remailer drop-down list.

3. From the Nym menu, choose the "Change reply block" command.

4. Select the nym you want to change.

If you are changing an alpha type nym:

• Enter your nym password in the Message text box after Password:. Make sure the reply block is correct.
• From the Nym menu, choose the "Encrypt nym message" command.

Send the encrypted message. If you want to be real secure, send it through a chained series of remailers.

Changing your nym password

If you want to change an alias.net (newnym) password, use the Change nym reply block command in the Nym menu.

Encrypting a nym message

Note: If you're preparing a newnym type message, you don't need to encrypt it. This is automatically done for you.

Preparing a nym message

After the message is prepared, send it through a series of remailers if you'd like a high level of security.

Showing nym server stats

As with remailer stats, if a nym server doesn't have any information associated with it, it may not be operational. Otherwise, don't use the nym server unless you're sure it's running.

Configuring an alias.net nym

Send e-mail to help@nym.alias.net for complete documentation.

Nym/USENET FAQ

There are several ways one can send messages to newsgroups. It doesn't neccessarily take 48 hours as mentioned in other FAQs. One can see messages show up in as short a time as 10-15 minutes. The latency between sending the message and seeing it show up in a newsgroup depends on the speed and number of remailers you're using.

The following will send an anon message via one remailer to alt.anonymous.messages with or without sending it through <send@nym.alias.net> :

CHECK: "Remailers/Cypherpunk"

CHECK: "Remailers/Advanced Cypherpunk/Encrypt to Remailer(s)"

CHECK: "Remailers/Advanced Cypherpunk/Replace subject" (you can also check "Use latent time", though it's not necessary) (In that menu leave "POST to Usenet" UN-checked)

CHECK: "Newsgroups/Remailer newsgroup header" (If you forget this one you won't get the "...newsgroup to post to" window after you "Append info".) (In that menu leave "E-mail gateway" UN-checked)

Scroll down the "To:" window and pick a mail-to-news remailer... (<mail2news@nym.alias.net> is quite reliable)

Pick one remailer from the remailer window. Always check Raph's remailer page for a fast remailer that is up.

One again if you don't choose a remailer, the E-mail address you're sending from will show--blowing your anonymity. It's the remailers that provide the anonymity--not the mail2news gateways. Also, if you pick "chain" at this point, you won't have a chance to put in the newsgroup the mail will be sent to.

Put whatever you want in the "Subject:" box, something only you can recognize in a newsgroup. You'll be prompted for this again later.

Create a test message and either encrypt it or leave it plain-text.

DO... "Message/Append info"

Enter the Subject/Header in the appropriate box that will pop up. <return>

Enter the newsgroup when it's box pops up. <return>

Before the message is encrypted, you should see the following before the DOS box closes.....

Example 1.

Request-Remailing-To: mail2news@nym.alias.net

## Subject: <whatever> Newsgroups: alt.anonymous.messages

At this point, I would suggest adding the following X-header just below the newsgroups line: X-No-Archive: Yes This will end up as the first line of your message.

After remailer encryption you'll end up with...

Example 2.

:: Encrypted: PGP

- -----BEGIN PGP MESSAGE----- 
Version: 2.6.2
(a bunch of remailer's encryption) 
- -----END PGP MESSAGE-----

Go online and hit the send button, or pick another remailer, or "chain" remailers, then send.

How fast you see your message arrive depends on the speed of the remailer(s)you've chosen to send through.

If you want to send an anon message to alt.anonymous.messages through your nym, complete the above procedure, but instead of sending it right away, add the following to the top of the encrypted message you've created above:: - ---------------------------< cut >------------------------------------- From: <your_nym@nym.alias.net> To: <remailer you have chosen> Subject: <whatever or nothing>

:: Encrypted: PGP - ---------------------------< cut >------------------------------------- Leave a <space> between "::/Encrypted: PGP" and the message.

Encrypt with <send@nym.alias.net> and sign with your nym.

You'll end up with an encrypted message to <send@nym.alias.net>

You can then send this through another remailer to <send@nym.alias.net> if you so desire; but, if you do send through another remailer, be sure to do the following:

Un-check "Remailers/Advanced Cypherpunk/Replace subject"

Un-check "Newsgroups/Remailer newsgroup header"

You can also use the "Nym/Create nym message..." command in PIdaho. If you do, remove the "Password:" header, unless of course, you're using <alias.cyberpass.net>; <nym.alias.net> doesn't need a password.

Nym notes

Your nym passphrase should be different than your everyday PGP passphrase. You are compromising your security if they are the same.

Make sure the nym passphrase does not have any spaces in it. The server will truncate the passphrase at the space.

If you don't get an encrypted reply back in a few days, it's likely someone else already has a nym account with the name you requested or one of the remailers specified in the reply chain is down. Try submitting a request with a different nym or changing the remailer chain. You can get a list of nyms by e-mailing used@ the nym server address.

If you have questions/comments about the Private Idaho interface to nym servers send e-mail to joelm@eskimo.com. If you have comments or questions about the nym server, send e-mail to admin@ the nym server address. You can get additional information about the nym server by sending mail to: help@ the nym server address.

Accessing a Web browser

The Worldwide Web is becoming an increasingly important means of distributing information around the world. There are a number of free, important electronic information sources and services that reside on the Web.

If you use a Web browser, Private Idaho can interact with your browser to provide links to sources where you can access tools and information to increase your electronic privacy.

Using the Web menu

The Web menu comes with a series of menu items I feel are important if you use Private Idaho. Each menu item corresponds to a Web link (or technically a URL - universal resource locator). When you select the menu item, Private Idaho will load (if necessary) and activate your Web browser. It will then pass commands on to your browser to go to that particular URL.

Private Idaho's default settings assume you use Netscape as a browser (located in c:/netscape/netscape.exe). If you don't use Netscape, or if you do and it's located in a different path, see the "Configuring Private Idaho for your Web browser" section below.

Obviously, you must be connected to the Internet for a browser to display a Web page.

If your browser is not running, Private Idaho will inform you and then load it. Once the browser is running, select the menu item again, so the information will be passed on the the browser.

Default menu items

Here are the default menu items that come with Private Idaho. I encourage you to spend some time exploring them, particularly the sites for the EFF, EPIC, and CPSR organizations. They contain a wealth of information on cryptography, privacy, and government issues.

Get the latest PGP (US residents) - accesses MIT's PGP distribution page. You must be a US resident to download PGP from this source.

Get the latest PGP (rest of world) - accesses a page of links with sites outside of the US where PGP can be downloaded.

Access the MIT key server - accesses a page where you can store your PGP public key in a database as well as search for other people's. This is a free central database that get's global use.

Read the official PGP FAQ - accesses the official PGP Frequently Asked Question list. Most of your questions can be answered here.

Get the short PGP FAQ - accesses a shorter version of the PGP FAQ, with information on the latest version, where to get PGP, and different types of shells to use.

Learn about crypto and privacy - accesses the privacy and cryptography section of the WWW Virtual Library. Excellent information on PGP, crypto, and electronic privacy issues.

Browse alt.security.pgp - accesses the USENET alt.security.pgp newsgroup. This is the place for breaking information, answers to easy and hard questions, and interesting political discussion.

Get remailer information - accesses remailer information you can use to update the RMINFO, CPMAILER, and Mixmaster files Private Idaho uses. Also provides links to other remailer information sources.

Go to EFF - accesses the Electronic Frontier Foundation's home page. An excellent source of information on electronic privacy issues.

Go to EPIC - accesses the Electronic Privacy Information Center's home page. An excellent source of information on electronic privacy issues.

Go to CPSR - accesses the Computer Professionals for Social Responsibility home page. An excellent source of information on electronic privacy issues.

Get the latest Private Idaho - accesses the central page for Private Idaho distribution. You can check for any updates and download them.

You can also add your own menu items and links. See the "Adding your own links to the Web menu" section below.

Configuring Private Idaho for your Web browser

As previously stated, Private Idaho's default Web browser configuration is Netscape. To configure to your own browser, choose the Options command from the Web menu.

This dialog box may look complex, but really isn't. First, a little background on what happens when you select a menu item from the Web menu.

Private Idaho interacts with a browser by sending a key sequence to it, much in the same way it works when you transfer information to your e-mail software. While some browsers like Netscape support DDE, I wanted to provide more flexibility for use with other browsers that didn't.

When you select a menu item, it looks to see if the browser is running by seeing if a window exists in the Windows task list. (If the browser isn't running, it will attempt to load it, and ask you to select the menu item again after the browser has loaded.)

If a window is present, it sends a series of keys that tells the browser to provide some form of input for specifying a URL. For example in Netscape, the CTRL+L key opens a dialog box for a URL to be entered. Next, Private Idaho sends the actual URL that corresponds to the menu item to the browser, plus a key sequence that tells it to go to the URL (in Netscape's case, the return/enter key).

With that in mind, here's information on the parameters in the Web Options dialog box.

Web browser path - Enter the full path of the Web browser you use, for example, c:\netscape\netscape.exe (which is the default). If you're using Windows 95 and have long file names, use the DOS file path. For example, C:\Program Files\Netscape\Navigator\Netscape.exe would be C:\Progra~1\Netscape\Naviga~2\Netscape.exe.

Browser window search string - This is the name of the window that Private Idaho will pass the key sequences to. Depending on the browser, you can just put its name here. (HINT: Run the browser then select the Transfer options command in Private Idaho's Message menu to get a list of all of the current window names. Use the name that corresponds to the browser.)

Here's where things can get a little tricky. Some browsers (such as Netscape) use a parent window and a child window. If you specify the parent window (named "Netscape") to pass the key sequences to, nothing will happen. This is because the child window (that's name contains the current URL) is active, and receives any key messages. The problem with browsers like this, is the window name constantly changes, so you never know which window to send the key sequence to.

The solution is to look for a command pattern that all child window names have. In Netscape's case, child windows names always start with "Netscape - [", so if you specify this as the Browser window search string, Private Idaho will always be able to activate the correct window.

You may need to do some experimenting with this, to find the correct search string to use. The window list in the E-mail, Transfer options dialog can help.

Key sequence to prompt for URL - This is a series of keyboard commands within the browser that allows the user to enter a URL. For example, typing CTRL+L in Netscape brings up a URL dialog box. You will need to enter the key sequence that is appropriate for your browser.

Certain keys must use special characters.

• For the Ctrl key use a ^
• For the Alt key use a %
• For a tab use {TAB}
• For a return/enter use ~
• For the Shift key use a +
• For keys to be held down at the same time, enclose then with ( )

Key sequence to get URL - This is the key sequence that will tell the browser to go to the URL. In Netscape, pressing the return/enter key after the URL has been entered closes the dialog box and goes to the URL. So, for this parameter you would use a ~

(The corresponding special keys shown above also apply to this parameter.)

All parameters are written to the PIDAHO.INI file when you click the OK button.

Note: The settings for Microsoft's Internet Explorer are:

• C:\Program Files\Microsoft Internet\IEXPLORE.EXE
• Microsoft Internet
• {TAB}{TAB}{TAB}
• ~

Adding your own links to the Web menu

All items that appear in the Web menu are stored in the URLS.TXT file. You can add to or modify the contents of the file with any text editor, following these rules:

• Each line represents a menu item. (UNIX folks, this is a DOS CR/LF terminated line.)
• A line containing a "-" is an unselectable menu divider.
• The menu item name is followed by a comma (,) and then the URL, for example:
Get the latest Private Idaho,http://www.eskimo.com/~joelm
• Don't use multiple commas in a menu item name, as Private Idaho parses the URL after the first comma.

Anonymously accessing a Web page

Community Connexion - http://www.c2.org (a privacy oriented Internet Service Provider) offers a free Web "anonymizing" service. It's relatively easy for someone to track what information you access on the Web. However by using the anonymizer with your browser, the owner of the Web page you accessed won't know your identity.

You should have a connection to the Internet, with your browser running and not minimized.

Enter a URL in Private Idaho's message box, select the text, and choose the "Anonymous jump to URL" command from the Web menu. This will load the URL into your browser and anonymously access the Web page.

Hint: You can store frequently accessed URLs in Private Idaho's address book.

The C2 Web anonymizer port may change in the future. You can reset the value by choosing the "Options" command in the Web menu.

Troubleshooting

• Verify that PGP is working correctly at the DOS prompt
• Make sure the AUTOEXEC.BAT file has the PGPPATH environment variable
• Make sure the AUTOEXEC.BAT file has the PGP and Private Idaho directories in the PATH environment variable (make sure the Private Idaho path setting occurs before Windows is called)

Due to a variety of other projects, I've had to drastically cut back on the amount of e-mail support I provide for Private Idaho. Bug reports will be logged and suggestions will be noted, but at this point, don't hold your breath waiting for an e-mail reply from me.

Specific problems:

PUBKEYS.OUT

When Private Idaho is first run, it creates a file called PUBKEYS.OUT and places it in the same directory as the application. This is a required text file that contains the contents of your public key ring. If for some reason the file isn't created, you can usually create it with the Update PUBKEYS.OUT command in Private Idaho's PGP menu. If this still doesn't work, it's possible your system hasn't defined the COMSPEC environment variable. At the DOS prompt, type SET. If the COMSPEC variable isn't displayed, add the following line to AUTOEXEC.BAT: COMSPEC=C:\COMMAND.COM (or where ever the COMMAND.COM file is located).

Another common problem is the PGP directory not being specified in the AUTOEXEC.BAT PATH statement. If it is, try modifying the values of the PIF files that comes with Private Idaho. By default, they point to PGP.EXE, but you might try changing their values to point to the fully qualified PGP path (such as C:\PGP26\PGP.EXE).

The PUBKEYS.OUT file is created by piping the information from the DOS pgp -kv command to a file. Some users running NDOS and 4DOS have reported compatibility problems with this piping procedure.

Some users using PGP language files other than English have reporteded PUBKEYS.OUT problems have been resolved when the English language file is used.

Finally, if nothing seems to work, you can manually create the file by going to the DOS prompt, connecting to Private Idaho directory, and typing:

pgp -kv >pubkeys.out

Move this file into the Private Idaho directory. This will at least get you running until you isolate the problem.

Mail Server and Winsock Connections

First, make sure the WINSOCK.DLL file is in either the \WINDOWS or \WINDOWS\SYSTEM directory. I've heard of some applications renaming the Winsock file.

If you have difficult connecting to a mail server, try using the IP address instead of the actual server name. Also, be sure your account name is correct.

If you still are having problems sending mail, try this test to see if there might be a problem interacting with your server. Temporarily set the SMTP server to mail.eskimo.com and try sending e-mail. If you are successful, there's likely some type of incompatibility with the mail server your ISP is running.

Note: The mail server address shown above is my ISP's. Please don't abuse it.

Some mail servers seem to choke on e-mail when the sender's address isn't enclosed in brackets. Try adding brackets to your address. i.e. <joelm@eskimo.com> versus joelm@eskimo.com

If you're still having problems with sending e-mail directly from Private Idaho or scanning for PGP messages, add the following line to the [Options] section of the PIDAHO.INI file:

This will create a log file in the directory containing Private Idaho that lists the entire SMTP and POP3 conversation between the mail server and Private Idaho. If you have problems, e-mail me a copy of the log file. It should help in trying to debug what's happening.

Scanning for PGP messages

If you have problems scanning for PGP messages, it's possible one of the files containing message information may have been corrupted. MSGIDX.PID is an index file. PGPMSG.PID contains the actual messages, and can be accessed with a text editor. Delete MSGIDX.PID and rename PGPMSG.PID (so you can still access the messages).

Windows NT

Users have successfully run Private Idaho under Windows NT, but others have reported problems I haven't been able to replicate. At this point (since I don't have an NT box), Windows NT is an unsupported platform. I am planning a 32-bit version, which I'm hoping will resolve any problems.

PGP doesn't use correct secret key

In certain circumstances, PGP will use the first key found in a secret key ring containing multiple keys. To avoid this, specify the key ID instead of the user ID. For example, 0x123456 instead of mrbill@snl.com. To view the key ID, use the -kv command. There is a hidden command in the About dialog box. If you click the mouse on the first line of text, a dialog box appears that allows you to enter PGP commands.

PGP and Mixmaster icons in Windows 95 taskbar

If the "Run PGP minimized" item in the PGP menu is checked, and you're running Windows 95, when you encrypt a message, the PGP icon will appear in the taskbar at the bottom of the screen. You must click on the icon for PGP to be run (this applies to running Mixmaster also). You can avoid this step by changing the PIF settings in the Win95 Explorer. For example, in the Explorer, select the PIPGP file and right click the mouse button to set properties. Go to the Misc tab. Under Background, make sure "Always suspend" is not checked. Perform the same steps with the PIPGPX and MIX PIF files.

USENET messages don't get posted

I frequently get e-mail from people who are having difficulties posting to USENET newsgroups. If you follow the instructions, this usually isn't a problem with Private Idaho. The most common reasons why people don't see there anonymous messages posted include:

• When test posting to alt.test or another high traffic newsgroup, sometimes articles seem to disappear into a black hole. Try posting to alt.anonymous as a test.
• The speed of your Internet provider's newsfeed impacts when you will see your article. It may be hours or days before you actually see an article you posted. This depends on which server you posted the article to, and the amount of time it takes for the newsfeed to reach your Internet provider's news server.
• A single remailer that is down will prevent the article from reaching its final destination. This is especially true with reply blocks used with nym accounts.
• A mail to USENET gateway may not be accepting articles to a specific newsgroup or from your domain (for example, the demon gateway does not accept articles from c2.org accounts).

Messages or Web links don't transfer correctly

The e-mail application or browser must not be minimized for a message or URL to transfer. If the application is maximized, it's likely the window name specified within Private Idaho is incorrect. With the e-mail application running, go to the Transfer Options command in the Message menu. Look for the correct window name of the application in the dropdown list box. This is a common problem with Eudora. QUALCOMM always seems to change its window name with each update. If you update to a new version of Eudora and transfer stops working, you'll need to update the window name in Private Idaho.

NYMS.TXT not formatted correctly and "File past end of input" in NYMS.TXT

All nyms must have three lines of information. The nym (mrree), the full nym (Mr. Ree), and the nym server (config@nym.alias.net). Each line should be followed by a carriage return. The full nym line must have some information on it, and not be left blank. If you modify the file by hand, too many lines, or two few lines, cause an error.

Temp file problems

Private Idaho uses "pidaho" as the default name for its temp file during encryption and decryption operations. If you place Private Idaho in a subdirectory named "pidaho" (for example,C:\PGP\PIDAHO) this can confuse DOS during file operations. Rename the directory or the temp file name to avoid this problem. Also, don't specify the full path name if you want the file to be written to the PGP directory. This is were it will be written to by default.

Mixmaster doesn't run correctly

First, make sure you have all of the files that Mixmaster needs to run. Then try setting the working directory in the MIX.PIF file to the directory path that contains Mixmaster and Private Idaho. Also, make sure MIXPATH is set in your AUTOEXEC.BAT file.

Nym servers only use Cypherpunk style remailers for reply blocks. If you try to specify Mixmaster type remailers, you will get errors.

The Private Idaho interface to Mixmaster is currently limited to plaintext messages approximately 10k in length.

Command line greater than 128 characters

DOS applications have a limit to the size of a command line that can be passed to them. When Private Idaho shells to DOS PGP, it passes commands that identify directory paths, user IDs, etc. In some cases, the command line may surpass the limit, and cause a PGP operation to fail. A dialog box notifies you of this. If this happens, try: (1) reducing the length of your PGP user ID (i.e. use <joelm@eskimo.com> instead of Joel McNamara <joelm@eskimo.com>, or (2) relocating Private Idaho to a directory with a shorter path name (i.e. C:\PGP versus C:\APPS\CRYPTO\WIN\PIDAHO).

Multiple .ASC files for attachments

When PGP encrypts a file and uses ASCII armor, it will split the file up into multiple files, each containing 720 lines. If you have a large attachment, you'll get numerous .ASC files. To force PGP not to split a file, in the PGP config.txt file, set the ArmorLines variable to 0.

Known issues

I haven't gotten around to fixing these yet. They'll hopefully make the next incremental release.

• If any of the Advanced Cypherpunk menu options are checked, Eric remailers will not be displayed in the remailer list.
• Mixmaster messages composed with PI currently appear to be limited to ~10k of plaintext.
• There still appear to be some parsing problems with e-mail addresses. If you're having difficulties, use addresses in the form of: joelm@eskimo.com instead of the fully expanded: Joel McNamara <joelm@eskimo.com>
• In the Show PGP messages dialog, a message must be selected before clicking Delete, Save, or Undelete.
• When scanning for PGP messages, Private Idaho will truncate any PGP message over ~32k. If you frequently receive large messages, be sure the "delete from server" option is turned off inside of PI.
• During nym creation, if no remailers are specified and Encrypt to remailers is checked in the Advanced Cypherpunks menu, PI will first encrypt the nym creation message with the user's public key.
• If you select Mixmaster type remailers, then select Cypherpunk type, the remailer list may not be formatted correctly. Select Cypherpunk from the Remailers menu again to correctly format.
• I've received a few reports of word wrap not behaving properly but haven't been able to confirm.

Command Summary

• Import message - reads a text file into the message area
• Export message - saves the contents of the message area to a text file
• Print message - sends the message to the printer
• Address book - displays the user-editable address book
• Expert/User - toggles the user interface between expert and user mode
• Options - sets e-mail and other information
• Save settings - saves program settings, which are restored on running
• Exit - just what it sounds like

• Cut - standard
• Copy - standard
• Paste - standard
• Clear all - clears headers and message box
• Clear message - clears any text in the message box
• Copy message - copies any text in the message box to the Clipboard
• Paste messages - pastes Clipboard text to the message box
• Insert header - inserts a predefined header in the message
• Insert signature - inserts a predefined signature in the message
• Options - sets header and signature

• Encrypt message - encrypts text in the message box
• Encrypt and sign message - encrypts and signs text in the message box
• Clear sign message - attaches a signature to text in the message box
• Decrypt message - decrypts PGP ciphertext in the message box
• Use multiple keys - encrypts message with multiple keys instead of To:
• Encrypt to self - also encrypts with your key for archiving
• Eyes only - only allows DOS box display
• Conventional encrypt - uses single versus public key encryption
• Obscurity - adds and deletes PGP headers from ciphertext
• File as input - uses a file as encrypt/decrypt source
• Word wrap message - word wraps the message before encryption
• Run PGP minimized - keeps the PGP DOS box minimized
• Auto-close PGP - automatically closes the PGP DOS box window
• Options - sets PGP path, your user ID, and temp file

• Create key pair - creates a new secret and public key
• Delete key - removes a key from your public key ring
• Add key from message - adds any keys in the message box to public ring
• Insert key in message - inserts a selected public key in the message
• Update PUBKEYS.OUT- updates PI's key ring file
• Submit key to server - submits a key in the message box to the MIT key server
• Get key from server - attempts to get a key from the MIT server based on the To: box

• Cypherpunk - displays Cypherpunk-style, Type I remailers
• Mixmaster - displays Type II remailers
• Eric - displays Eric-style remailers
• Update remailer info - establishes a Net connection and updates current remailer info
• Get remailer keys - establishes a Net connection and gets remailer keys

• Encrypt to remailer(s) - encrypts message with remailer PGP key
• Replace subject - uses a different subject line
• Use latent time - delays sending the message
• Use cutmarks - removes specified signature lines
• Post to USENET - displays remailers that support posting to newsgroups

• None - if you're not posting to a USENET newsgroup
• E-mail gateway - displays e-mail gateways to newsgroups
• Eric - fills in information for posting through Eric remailers
• Remailer newsgroup header - uses a newsgroup header for certain types of remailers

• Send - sends the message through a SMTP mail server
• Append info - adds remailer info to message
• Append on send - when checked, automatically remailer formats message when sent
• Reply - adds ">" to the message
• X-Headers - when checked allows user defineable mail headers to be inserted in a message
• Transfer to app - transfers the message to an e-mailer
• Transfer to - activated when multiple transfer apps are specified
• Append and transfer - adds remailer info and transfers
• Transfer options - options for specifying e-mailer
• Scan for PGP messages - scans your POP3 mailbox for PGP messages
• Show PGP messages - displays downloaded PGP messages
• Word wrap message - inserts carriage returns at the end of each line

• Create nym - steps you through creating a nym account
• Change nym password - provides a template for nym passowrd changing
• Change nym reply block - provides a template for changing a nym reply block
• Delete nym - deletes the nym from NYMS.TXT and the nym server
• Show nym server stats - provides current info on nym servers
• Edit existing alias.net.nym - configures an alias.net nym type account
• Prepare nym message - prepares a message for sending through the server
• Encrypt nym message - encrypts (mandatory) a message sent to the server

• Anonymous jump to URL - uses C2's "Anonymizer" for Web browsing
• Options - sets Web browser parameters

• About... - brief info
• Information... - where to get this file
• Step me through... - provides step by step instructions for common tasks
• Send feedback - prepares a feedback message to send

Credits and other things

Other things:

• There's more to this site than just Private Idaho, check it out...
• Practical limitation of text in the message box, approximately 32K.
• Total anonymous mailers to list for chaining, 30.
• The name Private Idaho comes from a catchy B-52s song. No deep social meaning, just had a nice ring to it.
• Why is Private Idaho always in beta? Because it's never finished.
• Real Cypherpunks write code and spread crypto... (and don't engage in petty flame wars)