To get the latest Mixmaster infomation, make sure Mixmaster is checked in the Remailers menu. Then choose the Update remailer info command in the Remailers menu.

(File information comes from the following respective sources: http://kiwi.cs.berkeley.edu/mixmaster-list.html, http://kiwi.cs.berkeley.edu/pubring.mix, http://kiwi.cs.berkeley.edu/type2.list . In addition, http://www.jpunix.com is a good source of Mixmaster information.)

Note: If a remailer is listed without any statistics, there's a good chance it currently isn't running. Unless you know for sure, don't use it.

Automatic updates of USENET gateways currently aren't supported (you'll need to update the USENET.TXT file by hand). You can get the most current USENET gateway information (as well as additional remailer info such as PGP keys) by:

E-mailing mg5n+remailers@andrew.cmu.edu (no subject or text in the message body required)
or
http://students.cs.byu.edu/~don/mail2news.html

Look at the file contents before you replace it. Copy the information you need and paste it to the updated file.

Connecting to the Internet

You can send and receive e-mail messages over the Internet directly from Private Idaho, as well as check a variety of remailer and key information sources. To do so:

• you must be connected to your Internet provider through a Winsock stack
• your Internet provider must support an SMTP mail server for outgoing e-mail
• your Internet provider must support an SMTP server or POP3 mail server for incoming e-mail

Once you are connected to the Internet, run Private Idaho. You now can send and receive mail and access remailer and key information sources.

Which mail servers you use depends on the information in the Options dialog box in the File menu. For example:

• E-mail address - joelm@eskimo.com
• Real name - Joel McNamara
• SMTP server name - mail.eskimo.com
• POP account name - joelm
• POP server name - mail.eskimo.com

Once you have filled in your e-mail address, if you press the AutoFill Details button Private Idaho will try to fill in the other information for you.

Note: If you have problems connecting, try using the IP numeric address instead of the server name.

Using Expert and User modes

When Private Idaho is initially installed, it asks you whether you are an experienced user. If you are, it instructs the user interface to display Expert mode. Expert mode contains all of the Private Idaho menu commands. If you're new to PGP and anonymous remailers, you should specify User mode. This mode only displays the most commonly used Private Idaho commands.

You can switch between Expert and User mode in the File menu. That way, once you're experienced with Private Idaho, you can access the complete set of features.

Using an Address Book

You can store commonly used e-mail addresses in a user-editable address book. Choose the "Address book" command from the File menu. This displays the Addresses text edit window where you can add e-mail addresses. These addresses appear in the To: combo list.

Each line should contain a unique address. E-mail addresses appear in the To: combo list in the order they appear in the Addresses window.

Addresses are stored in the ADDRESS.TXT file in the Private Idaho directory.

Using OS/2 Delay

Another option in the Options dialog box is the "Use OS/2 delay" checkbox. Some versions of OS/2 may run the shelled DOS PGP process and Private Idaho simultaneously, causing errors (for example, PGP isn't through encrypting a file, but Private Idaho decides to display it). If this box is checked, Private Idaho will pause and display a dialog box. When PGP has completed its processing, click the "Resume" button to continue.

If you are running OS/2, you may (or may not) need to check this option. If you are running Windows (by itself), make sure this option is not checked.

Installing remailer and nym server PGP public keys

With Private Idaho you can easily send encrypted mail to certain remailers, using their public keys. The ciphertext is decrypted when received, and then sent on to the next destination. In addition, if you use a nym server, messages sent to the server must first be encrypted with the server's key.

The file RMKEYS.TXT contains copies of remailer PGP keys. Use the "Import message" command in Private Idaho's File menu to read the file into the message area. Then use the "Add key from message" command in the PGP menu. All of the keys will be added to your key ring. If you already have some of these keys installed, PGP will skip them and only install new ones.

The file NYMKEYS.TXT contains copies of nym server PGP keys. Use the same procedure as listed above to install these keys.

You can also get a current list of remailer keys by using the Get remailer keys command in the Remailers menu. This makes a Net connection and downloads a list of current keys to the Message box.

Specifying e-mail information

If you use an Internet provider that supports sending e-mail through a SMTP (Simple Mail Transport Protocol) mail server, the most commonly used type, you can send messages directly from Private Idaho without using another e-mail application. If your Internet provider supports receiving messages through SMTP or POP3, you can have Private Idaho download your mail for you.

To do so, you need to enter some setup information when Private Idaho is first run. This includes:

• Your e-mail address - i.e. joelm@eskimo.com
• Your real name - i.e. Joel McNamara
• Your SMTP server name - i.e. mail.eskimo.com
• Your POP3 account - i.e. joelm
• Your POP3 server name - i.e. mail.eskimo.com

Once you have filled in your e-mail address, if you press the AutoFill Details button Private Idaho will try to fill in the other information for you.

You can get these settings from the current e-mail software you are running. These settings can be changed with the Options command in Private Idaho's File menu.

Save Private Idaho settings

The Save Settings command in the File menu writes all of your current settings (such as remailer type, whether to minimize PGP, encrypt to self, latent time setting, etc.) to the PIDAHO.INI file. These settings will be "remembered" the next time you run Private Idaho, with the various options activated. Private Idaho automatically saves the current settings when you exit.

Auto-encrypt/decrypt of settings

Private Idaho stores a variety of information in the PIDAHO.INI, NYMS.TXT, ADDRESS.TXT, and PUBKEYS.OUT files. Some people are concerned about the privacy aspects of leaving information about who they are communicating with or clues as to their nym identities on their hard drives.

If you start Private Idaho with the path containg PIDAHO.INI (i.e. C:\WINDOWS\PIDAHO.INI) as the command line, it will automatically decrypt the PIDAHO.INI, NYMS.TXT, ADDRESS.TXT, and PUBKEYS.OUT files on start-up (you'll be prompted to supply a passphrase) and encrypt them with your primary public key when you exit. Encryption/decryption is performed on the files using the primary public key you specified in Private Idaho. You can set a command line in either the Program Manager or Explorer.

If you enter an incorrect password during start-up, Private Idaho will exit (no three strikes you're out). This process may take awhile, depending on the size of your files.

Warning: It would be wise to back-up these files.

Security Alert: Since you're entering your secret key within a Windows program and not the DOS box, there's a chance the passphrase may be written to the Windows swap file. If you have a high threat model, be sure to wipe the swap file before you shut down your computer.

Auto-encrypt/decrypt of secret and public key rings

You can have Private Idaho automatically encrypt your public and secret key rings when you exit and decrypt them when you run Private Idaho. This is a useful feature if there's a chance your key rings might be compromised.

To auto-encrypt/decrypt:

1. Choose the File/Options menu.

2. Select the PGP tab.

3. Check the Auto encrypt/decrypt key rings box.

When Private Idaho exits, you'll be asked to enter a passphrase (this can be any passphrase you'd like). Private Idaho will then go the PGP directory specified in the Options dialog (this should be the same as the PGPPATH environmental variable in AUTOEXEC.BAT), and conventionally encrypt the SECRING.PGP and PUBRING.PGP files.

The next time Private Idaho runs, you'll be prompted for a passphrase to decrypt the files. Remember it. It may or may not be the same as your secret key passphrase.

To turn this option off, uncheck the box in the Options dialog and click OK.

Note: If you use other PGP shells, this option is likely not a good idea unless you manually decrypt the key rings before using with another shell.

Warning: If you forget the passphrase used to encrypt the key rings, you're going to be out of luck. That's a 128 bit IDEA key which will roughly take 5.4 x 10¹⁸ years to brute force based on 10⁶ encryptions per microsecond. Otherwise, be sure you've got a back-up of your key rings.

Security Alert: If you use the same passphrase as your secret key's to conventionally encrypt the files: Since you're entering your secret key within a Windows program and not the DOS box, there's a chance the passphrase may be written to the Windows swap file. If you have a high threat model, be sure to wipe the swap file before you shut down your computer.

Encrypting a message

1. Enter the e-mail address of the person you want to send the encrypted message to. (Since most people will use their e-mail address as part of their PGP user ID, Private Idaho will search through the public key ring looking for a match. If it finds a match, it will encrypt off of that key. If it can't find a match, user IDs in the public key ring are displayed, and you select one.)

2. Compose the message you want to encrypt in the message box.

3. Choose the "Encrypt message" command from the PGP menu.

Private Idaho will create a temporary file containing the message, shell out to PGP and encrypt the file with ASCII armor, copy the encrypted text to the message box, and delete the temporary file with the PGP wipe command (yes, wipe only performs a single pass at overwriting the data before deleting, if you need more security, try a shareware memory resident app called Real Delete).

Note: Clicking the cursor on To: will display a dialog box listing the contents of your PGP public key ring. Since most user IDs correspond to e-mail addresses, this is a quick way to enter an address.

Encrypting and signing a message

Same as encrypting a message (only you choose the "Encrypt and sign message" command from the PGP menu).

If Multiple User IDs are specified in the PGP Options dialog box, you'll be prompted for which key to use to sign the message.

Signing a message

Same steps as encrypting a message (only you choose the "Clear sign message" command from the PGP menu). This adds your signature to the text contained in the message box. The text is not encrypted.

If more than one user ID is specified in the PGP Options dialog box, you'll be prompted for which secret key to use to sign the message.

Important Note: Some e-mail packages (notably Eudora), hard code carriage return/line feeds when mail is sent and Word Wrap is turned on. This means if you sign and message, the signature will be invalid when the receiver gets it, because CR/LFs have been added. I've found most e-mail software is pretty smart these days, and will automatically wrap lines without CR/LFs. Consider turning Word Wrap off if you have this problem with clear signing.

Using multiple keys to sign a message

You might have several keys on your secret key ring, and want to select one of them to sign a message with. A good example might be if you have multiple nyms and want to associate a key with each nym.

Private Idaho supports up to 8 PGP keys that can be used for clear signing a message. You need to enter the user ID of each key. To do this:

1. Choose "Options" from the PGP menu.

2. Click the "User IDs" button.

3. Enter the user ID from your secret key ring.

4. Click "OK."

Now check the "Prompt for user ID on signing" checkbox and click "OK."

When you choose the "Clear sign message" command from the PGP menu, a dialog box is displayed containing the user IDs of the keys. Select the key you wish to sign the message with.

Decrypting a message

1. Paste the encrypted message you received to the message box.

2. Choose the "Decrypt message" command from the PGP menu. You will be prompted for your passphrase.

Private Idaho will create a temporary file containing the message, shell out to PGP and decrypt the file, copy the decrypted text to the message box, and delete the temporary file with the PGP wipe command.

Importing or saving a message

The "Import message" command in the File menu reads a text file from disk into the message box.

The "Save message" command saves the contents of the message box to a text file on disk.

Using a header or signature (sig) in a message

You can store frequently used headers and signatures and insert them directly into messages composed with Private Idaho.

Headers could be:

X-Anon-Password: <whatever>

X-Anon-To: <the addressee>

Such as those used with the anon.penet.fi remailer.

Signatures are text with your name, e-mail address, and other information.

Choose the Options command in the Edit menu to enter a header and signature. These are saved to the HEADER.TXT and SIG.TXT files in the Private Idaho directory.

Once entered, the header/signature can be inserted into the message text box with the Insert header and/or Insert signature commands in the Edit menu.

Note: A header with a password or a signature used in the wrong place can compromise the security of your e-mail. Please use these features carefully.

Using multiple keys

This option encrypts your message with multiple keys. When it is checked, a dialog box will prompt you to enter which keys to encrypt the message with. The List button will display a list of keys in your public ring. Use the List button to specify one key at a time.

You can also manually enter full or partial user IDs, with each ID separated by a space.

Multiple user IDs will be inserted in the To: line. If the creator of the key has followed standard PGP conventions, these will be "mailable" e-mail addresses.

Using "encrypt to self"

This option encrypts the message with your own key in addition to the key of the person you are sending the message to. PGP can encrypt a message with a multiple number of keys. This effectively makes the message decipherable by the person you are sending it to and yourself.

This feature is handy for archiving encrypted messages you have sent. You will need to provide your secret passphrase in order to decrypt any messages "encrypted to self."

Using "eyes only"

This option sets a flag in an encrypted message so when it is decrypted, the contents will only be displayed in the DOS box, and not saved to disk. Although there are ways to get around this, the idea is to use this option if you're concerned about someone you send an encrypted message to, leaving the decrypted text file somewhere that could be compromised.

If you use Private Idaho and get an "Eyes only" message, decrypted text will not be placed in the message box. After it is displayed in the PGP DOS box, an error message will appear stating a file could not be found and the decryption couldn't take place. This is normal.

Using conventional encryption

When "Conventional encrypt" is checked, Private Idaho instructs PGP to use conventional versus public key encryption on a file or a message. This encryption relies on a single passphrase to encrypt and decrypt the information.

Using "obscurity"

When PGP encrypts text with ASCII armor on (almost required for sending e-mail), it adds a header that identifies the message as being PGP encrypted. This obviously clues anyone in to the fact that the message is encrypted. There are times when a user might not want a message to be obviously identified as encrypted.

When Obscurity is checked, Private Idaho will strip off the identifying PGP text headers when a message is encrypted. It will also add the headers before it calls PGP to decrypt ciphertext in the message text box.

Obviously, the sender and receiver of the e-mail are both going to need to be using Private Idaho and know they need to have "obscurity" turned on.

Note: The format of a PGP message is very distinctive to a trained observer. Don't count on the "obscurity" feature fooling a knowledgeable and suspicious person.

Using a file as input

When "File as input" is checked, Private Idaho uses a file versus the contents of the message box as the source to encrypt or decrypt. You'll notice the encrypt/decrypt menu items display "file" instead of "message" when this option is checked.

You will be prompted to supply the filename to encrypt/decrypt. File are encrypted with ASCII armor (to allow easy attachment in mail), and tagged with an .ASC extension. The plaintext file is not deleted or wiped after encryption. The file will be encrypted with the key in the To: line. The Encrypt to self, Eyes only, and Obscurity options are not used, even though they may be checked.

This option is useful if you have a message over 32k (Private Idaho's maximum message box size).

Creating a new key pair

To create a new PGP public and secret key pair, choose the Create key pair command from the Keys menu. This launches PGP. Follow the steps to create a new key.

Adding a key to your public ring

If the message box contains someone's PGP public key that they mailed it to you, the "Add key from message" command in the Keys menu will add any key(s) in the message to your public ring and update the PUBKEYS.OUT file.

Deleting a key from your public ring

You can delete keys from your public key ring. To do so:

1. Choose the "Delete key" command in the Keys menu.

2. Select which public key to delete from the user ID list.

PGP will remove this key from your key ring and update the PUBKEYS.OUT file.

Inserting a public key in message

There are times when you'll likely want to send someone your public key so you can exchange messages. You can easily do this by:

1. Choosing the "Insert key in message" command in the Keys menu.

2. Selecting the public key (from a list of user IDs) you want to insert.

This extracts a key from your public key ring, and inserts it at the cursor in the message text box.

Updating Private Idaho's public key ring information

When you first run Private Idaho, it copies information from your public key ring to a text file named PUBKEYS.OUT. If you add or delete keys from PGP or another shell, you need to update the file. To do so:

Choose the "Update PUBKEYS.OUT" command from the Keys menu.

The PUBKEYS.OUT file should always be in the same directory as Private Idaho.

You don't need to use this command if you add or delete keys from within Private Idaho.

Requesting a key from the MIT key server

You can directly request a key from the MIT key server. This is useful if someone sends you an encrypted message but you don't have their key to reply with.

1. Enter the user ID to search for in the To: box. This is typically an e-mail address. For example, joelm@eskimo.com

2. In the Keys menu, choose the Get key from server command.

Private Idaho will connect with the MIT key server at http://swissnet.ai.mit.edu and make a request to search for a key. If a key is located, it will be displayed in the Message box. If a key isn't in the data base, an error message is displayed.

After you have successfully downloaded a key, you can add it to your public key ring with the Add key from message command in the Keys menu.

Note: Be very specific with the search text. If you enter "john" on the To: line, the server will try to return all of the keys containing "john." Private Idaho won't be able to handle such a request.

Adding a key to the MIT key server

You can add your public key to MIT key server. The MIT key server is a central repository for public keys where people can download your key to send you encrypted messages.

1. Insert the public key to submit in the Message box. You can extract a public key from your key ring with the Insert key in message command in the Keys menu.

2. In the Keys menu, choose the Add key to server command.

Private Idaho will send an e-mail message to the server, requesting the key to be added. You'll be notified by e-mail if the key is successfully added. If you aren't connected to the Net, transfer the message to your normal e-mail application for later sending.

Controlling the behavior of the PGP DOS box

When encrypting and decrypting, Private Idaho needs to shell out to the DOS version of PGP. You can control the appearance of the DOS box and its behavior with the "Run PGP minimized" and "Auto-close PGP" commands.

When "Run PGP minimized" is checked, the iconized window is displayed at the bottom of the screen when PGP is run. When this option is not checked, the full-screen, Windows DOS box is displayed.

When "Auto-close PGP" is checked, the PGP DOS box is automatically closed when PGP finishes running. When the option is not checked, you must manually close the window when PGP is done running.

These features are useful for viewing PGP diagnostic messages.

Setting PGP options

Choose the File/Options menu.

The PGP path (which is extracted from the PGPPATH environment variable, which you should have set if you followed the PGP installation instructions) is the directory path where the PGP.EXE is located.

Your PGP user ID is just that. You can use the entire user ID (i.e. Joel McNamara <joelm@eskimo.com>) or a portion of it.

The User IDs button supports up to 8 PGP secret key ring user IDs. When "Prompt for user ID on signing" is checked, a dialog box is displayed that prompts for the key to use in clear-signing the message.

There is also a temporary file name. This is the file Private Idaho uses when encrypting and decrypting text from the clipboard. pvtidaho is the default, and you should leave that setting unless you have any name conflicts (which you shouldn't). Temporary files are written and deleted/wiped from the PGP directory. Do not add a file extension to the temporary name.

You can specify a full path for the temp file (i.e. e:\temp\pidaho). This is provided for users who want the additional security of having their temp files written to a RAM disk. If a full path is specified, that directory is used.

You can specify to load your PGP passphrase at start-up (see below).

You can also specify to auto-encypt/decrypt your secret and public key rings for additional security.

If you want to use key rings that are located somewhere other than the default PGP directory, you can specify their location in PGP's CONFIG.TXT file. See the PGP documentation for details on this.

Loading your passphrase into memory at start-up

You can optionally enter your PGP passphrase when Private Idaho starts. In the PGP Options dialog, check the Load passphrase into memory at start-up box. The next time you use Private Idaho, a dialog will prompt you for your passphrase. The passphrase will automatically be used each time you decrypt and/or sign a message (you won't be prmpted for it in the DOS box).

Security Alert: There are obvious risks with this feature (the passphrase potentially written to the Windows swap file, someone accessing your messages if you leave the machine unattended, etc.). You need to judge the trade-offs of security versus convenience.

Note: This feature is disabled if you choose to use multiple keys for signing and encrypting.

Using ViaCrypt PGP

Previous versions of Private Idaho supported ViaCrypt's PGP for Windows version 2.7.1. Unfortunately, the latest 4.0 release has been changed significantly so Private Idaho can't support it. Because of this, and the relatively small number of users, Private Idaho no longer supports ViaCrypt.

If you're using ViaCrypt, place a copy of the DOS version of PGP in your ViaCrypt directory and use Private Idaho to interact with it.

Sending mail

If your Internet provider uses a SMTP mail server, you can send e-mail directly from Private Idaho. Before running Private Idaho, you should have a PPP or SLIP connection to your Internet provider.

To send a message, make sure the proper "to:" mail address is specified and click the "Queue mail" button above the message text.

When you have queued all the mail you want to send, click the "Send queued mail" button.

Mail sent directly from Private Idaho is currently limited to the size of the text box (roughly 32K). There are no limitations on attachment sizes.

Sending attachments

You can include attachments with e-mail messages you send directly from Private Idaho. Attachments are treated with PGP -a.

To send an attachment:

1. Compose the message and enter the recpient's e-mail address on the To: line.

2. In the drop-down list box below the Attachment check box, select the whether not to encrypt the attachment, encrypt the attachment with the key belonging to the person on the To line:, or encrypt the attachment using PGP conventional encryption.

3. Check the attachment box. A file dialog will prompt you to select the file you'd like to attach. The file's name will appear next to the Attachment check box after it's been selected.

4. Send the message.

If you decide not to attach a file to a message, uncheck the Attachment box.

Note: Sending attachments through anonymous remailers is not supported.

Using X-Headers

Some mail systems process messages based on special headers (frequently called X-Headers). This is optional information that accompanies the required To, From, Date, etc. headers. You can add your own defined headers to messages with the X-Headers command in the Message menu.

When X-Headers is checked, the user-defined X-Headers are inserted into the message headers. When X-Headers isn't checked, no additional headers are inserted into the message.

Sending mail through a single remailer

You have a choice of different types of remailers to use. They include:

• Cypherpunk - the largest category of remailers.
• Mixmaster - the most secure type of remailer.
• Eric - another type of remailer

Note: Anon.penet.fi is no longer in operation as of September 1996. If it appears again, Private Idaho will support it at that time.

I really don't want to get into the differences between the various types or make suggestions on which to use. See: http://www.cs.berkeley.edu/~raph/remailer-list.html for some good information sources on remailers.

1. Check which type of remailer to use in the Remailers menu.
2. Compose the message and specify who you want to send the mail to in the To: line.
3. Select a remailer from the Remailer: combo list.
4. Choose the "Append info to message" command from the Message menu.

The appropriate remailer instructions are added to the contents of the message box.

Sending mail through multiple remailers

This option currently only works with Cypherpunk and Mixmaster type remailers (although you could chain to anon.penet.fi as your final destination if its address is specified in the To: line).

1. Follow the same steps as with a single remailer, but choose "chain" from the Remailer: combo list box.

2. Choose the "Append info to message" command from the Message menu.

3. A list of remailers is displayed. Select the ones you wish to chain. You can choose the order you wish to chain the remailers.

The appropriate remailer instructions are added to the contents of the message box.

Using the Append on send option

If the Append on send item in the Message window is checked, the message is automatically formatted for sending through a remailer when you send the message directly from Private Idaho (you don't need to choose the Append info command). Keep in mind you still need to encrypt the message with the recipient's key, if you plan on sending an encrypted message.

Encrypting mail to send through an anonymous mailer

1. Encrypt the message first.

2. Select the appropriate remailer(s) and choose the "Append info" command from the Message menu.

If you don't follow this order, you'll end up encrypting the remailer instructions. The remailers are smart, but not that smart.

Using Cypherpunk remailer advanced features

The Cypherpunk remailers offer some advanced features to enhance e-mail privacy. When the "Cypherpunk" option is checked in the Remailers menu, the "Advanced Cypherpunk" cascading menu item is available.

By checking one of the options, it filters the remailers in Remailer list box. For example, if you check the "Use latent time" option, only Cypherpunk remailers that support the latent time option will be displayed in the list box. If no options are checked, all Cypherpunk remailers are displayed.

Select advanced options, then select which remailers to use. (Each time an option is checked or unchecked, the list is reset, and the default value is "none.")

Encrypt to remailer(s)

These remailers have PGP public keys. If you send mail encrypted with their key to them, they will automatically decrypt the mail and pass the decrypted message to the next destination. This is a fairly secure form of communication, since there is no plaintext transmitted to the remailer.

When this option is checked, the text in the message box will be encrypted with the selected remailer(s)' key.

You must first add the remailer keys to your public key ring. See the installation instructions.

You can also chain remailers with this option. Each text block will be encrypted with the appropriate remailer's key. This was a fairly tedious task to do by hand, but Private Idaho completely automates the process.

Keep in mind this level of encryption is totally separate from you encrypting a message to an individual.

Replace subject

The "Replace subject" option removes the subject on the Subject: line, and adds a user-selected subject to final mail destination. This is useful if you really don't want someone to guess the contents of the mail by the subject line.

A dialog box will prompt you for the subject title.

Use latent time

The "Use latent time" option instructs the remailer to delay sending the message after some set period of time. This is useful if you suspect traffic analysis is taking place (watching the flow of messages to and from you).

A dialog box will prompt you for the amount of delay.

You can either specify a local time for the mail to be sent (in 24 hour clock format). For example, entering 18:00 would instruct the remailer to send the message at 6:00 PM, the local time of the remailer. (Don't add AM or PM.)

You can also specify a set number of hours and minutes after the mail is received. For example, entering +10:30, would delay sending the message 10 hours, 30 minutes after it was received by remailer. You can enter values of up to 24 hours.

If you are chaining remailers and use the latent time option, the same value will be used for all remailers. A future version will allow you to enter unique time values for each remailer.

Use cutmarks

Some e-mail packages automatically attach a signature (sig) to the bottom of each sent message. This obviously reduces the anonymous nature of using a remailer.

When the "Use cutmarks" option is checked, the remailer will search for a line beginning with a certain character string. It will remove that line, and all subsequent lines. For example, if you specify the cutmarks to be "--", the line containing "-----------------------" and any lines after it, would be stripped from the message.

You specify the cutmarks string in a dialog box.

If you are chaining remailers, cutmarks will only be removed from the message received by the first remailer. This is because a message composed in Private Idaho will not have any sigs attached to it.

Note: Be careful of using cutmarks with encrypted messages. PGP encrypted messages start with "-----BEGIN PGP MESSAGE-----", so if you used "---" as the cutmark, your message would be removed.

Post to USENET

Some remailers can post anonymously to USENET newsgroups. When this option is selected, a list of remailers that support this feature is displayed in the remailer list. Read the Posting anonymously to a USENET newsgroup section for details.

About Mixmaster remailers

Mixmaster (or Type II) remailers offer a high level of security (see http://www.obscura.com/~loki for complete details). Up until now, Mixmaster has only been available to UNIX users. Mixmaster's author, Lance Cottrell, has recently released a DOS client version of the application that works with Private Idaho 2.7b (and later).

Since the Mixmaster client uses export-controlled cryptography, it is not included with Private Idaho. Refer to http://www.obscura.com/~loki for information on how to get a copy of MIXMASTE.ZIP (the compressed version of Mixmaster and its support files).

Note: Although Lance and I have taken every reasonable precaution to assure that DOS Mixmaster was not exported, it appears that one or more persons unknown to us have exported the DOS version of Mixmaster (in violation of US law). We intend to continue to abide by the letter of US law in this matter, however I will list non-US ftp sites from which Mixmaster can be obtained as a public service:

ftp://utopia.hacktic.nl/pub/replay/pub/remailer/mixmaste.zip

To be able to send messages through Mixmaster remailers you need several files:

• MIXMASTE.EXE - the Mixmaster client
• MIXMASTE.CON - a support file
• PUBRING.MIX - the list of Mixmaster remailer keys
• TYPE2.LIS - the list of Mixmaster remailers
• MIXMSTR.TXT - statistics on Mixmaster remailers
• MIX.PIF - the PIF file for shelling to the DOS application

These files are included in the MIXMASTE.ZIP file. Uncompress the files and move them to the directory containing Private Idaho.

After you've installed these files, in the AUTOEXEC.BAT file add the following line:

SET MIXPATH=C:\PIDAHO

with the directory path specifying the Private Idaho directory. Reboot your computer and run Private Idaho.

Note: If you have problems getting Mixmaster to run correctly, set the working directory path in the MIX.PIF file to the the directory containing Mixmaster and Private Idaho.

Using Mixmaster remailers

Using Mixmaster remailers is no different than using Cypherpunk style remailers. Select "Mixmaster" from the Remailers menu, compose and address your message, select the remailer(s) from the drop-down list box to use, and choose "Append info" from the Message menu.

Private Idaho will shell out to the DOS version of Mixmaster, and prepare the message for sending.

You'll need to update information about Mixmaster remailers, just like Cypherpunk remailers. Specifically the PUBRING.MIX, TYPE2.LIS, and MIXMSTR.TXT files.

Updated Mixmaster information can be found at:

http://www.cs.berkeley.edu/~raph/remailer-list.html

and

http://www.jpunix.com

Notes: Mixmaster remailers chain differently than Type I Cypherpunk remailers. All of the remailer formatting information is encapsulated into a single message. This is unlike the Type I remailers, which you watch go through seperate formatting passes as each link in the chain is encrypted and formatted.

Because Mixmaster creates a fixed size message, text in the message box is currently limited to approximately 8 to 10k. This will be addressed in a future release.

Posting anonymously to a USENET newsgroup

You can prepare a message for anonymous posting to a USENET newsgroup.

1. Enter the name of the newsgroup you want to post to in the To: combo box (i.e. alt.2600).

2. Enter the subject and message.

3. If you are posting through the Anon.penet.fi or Eric remailers, you'll need to make sure the remailer is checked in the Newsgroup menu.

If you are using a Cypherpunk remailer, select the "Post to USENET" option in the "Advanced Cypherpunk" cascading menu. (You can also choose the Encrypt and Subject options to further enhance privacy.)

4. Select the remailer you want to send the message through.

5. Choose the "Append info to message" command from the "E-mail" menu.

6. If you'd like to chain your post, select which Cypherpunk style remailers to use and choose "Append info to message" again.

Posting anonymously through a USENET gateway

USENET gateways are mail servers that support posting to USENET groups through e-mail messages. To post through a gateway with a Cypherpunk style remailer:

1. Enter the name of the newsgroup you want to post to in the To: combo box (i.e. alt.2600). Note: Don't use someone's address. A gateway isn't a remailer.

2. Enter the subject and message.

3. Select the "E-mail gateway" option in the Newsgroups menu. If you select None, specific information needed to create a newsgroup posting will not be added.

4. Select a remailer (or "chain") from Remailer: combo box.

5. Choose the "Append info to message" command from the "E-mail" menu.

IMPORTANT NOTE: Sending a message to one of the USENET gateways will not anonymize the mail. You must send it through a remailer first. Please test by sending mail to someplace like alt.anonymous before doing it for real.

USENET gateways are getting increasingly harder to find. Many have shut down due to abuses. Others don't support all newsgroups. You may have to try several before finding one that works for you.

Wil Ussery has put together some pretty good FAQs on how to use Private Idaho to post anonymously to USENET newsgroups and how to use it with nym servers. Thanks Wil!

Using gateways that require a newsgroup header

Some e-mail to USENET gateways require a "newsgroups" header (for example, mail2news@anon.lcs.mit.edu).

To use these gateways with Private Idaho, compose your message, then:

1. Enter the gateway address on the To: line.

2. Make sure Replace subject is checked in the Advanced Cypherpunk remailer menu (Encrypt to remailers can optionally be checked for more security).

3. Check the Remailer newsgroup header item in the Newsgroups menu.

4. Specify the remailer to send the message through, and choose "Append info" from the Message menu. (Note: Do not select "chain." If you want to send the message through multiple remailers for additional security, it is a two step process. AFTER the message has been formatted, select "chain" in the remailer list and choose "Append info" again from the Message menu.)

You'll will be prompted for the subject and newsgroup name. Private Idaho will then enter these in the body of the message. If you're cross-posting to a series of newsgroups, seperate them with commas. This is better than sending many different individual messages.

Note: You don't need to go through these steps with gateways that are listed in Private Idaho's Newsgroup menu. See http://students.cs.byu.edu/~don/mail2news.html for a complete list of gateways that require a newsgroup header.

Introduction to receiving PGP messages

If you are connected to the Internet, and your Internet provider uses a POP3 mail server (the most frequently used), Private Idaho can check your mailbox for any messages that have been encrypted with PGP. If a PGP message is in your mailbox, Private Idaho will download and store it on your hard drive. Messages are displayed with the Show PGP messages command and you can decrypt the message immediately or wait until later.

While this makes accessing encrypted messages easy, there is one hitch. Private Idaho only processes PGP encrypted messages, and leaves all other messages on the server. This means you'll need to use a full-featured e-mail application such as Eudora or Pegasus to access any messages that aren't encrypted.

For people who periodicially log-on to their Internet provider to check mail, this isn't a problem. Simply run Private Idaho first to check for any PGP messages, then run your normal e-mail application to access the other messages.

For people who leave their e-mail application running in the background, this presents a sequencing problem. Currently, with Private Idaho, you can only manually check for PGP messages. There isn't a timer option to periodically check for messages at some set interval. Viewing this, it's very possible your regular e-mail application will download a PGP message before Private Idaho can.

The only solution to this problem would be to turn Private Idaho into a fully functional e-mail application, so you could send, receive, and manage your encrypted and regular mail. Unfortunately, I don't have the time to do this. However, if someone (or a group) is interested in taking this on as a project, I'd be glad to share the source code.

Scanning for PGP messages

The Scan for PGP messages command in the Message menu connects to your POP3 mail server and scans the message headers for any PGP messages. If an encrypted message is found, it is downloaded, added to a file on your hard disk, and then deleted from the server.

The first time you scan for messages, you'll be prompted to supply your password to access the mail server. Private Idaho remembers this password for subsequent scanning, but "forgets" it when you exit the program.

Status about the scanning process is displayed above the message text box.

Showing PGP messages

The Show PGP messages command in the Message menu displays a list of all of the PGP messages that Private Idaho has downloaded. A list containing message status, who the message is from, when it was sent, and the message subject is displayed.

Unread messages have an "n" to the left of the message.

There are several actions you can perform to a selected message with the command buttons at the bottom of the dialog box.

• Delete - flags the message to be deleted. A "d" will appear to the left of the message. Deleted messages can be accessed until they are permanently erased using the Compress PGP messages command in the Message menu.
• Undelete - flags the message to be undeleted, removing the "d." Use this command to mark any deleted messages undeleted before you compress the file.
• Save - copies the entire message to the main Private Idaho message text box. You can then copy or export the message if you want to save it to disk.
• Decrypt - decrypts the encrypted message and inserts the cleartext in the main Private Idaho message window. Double clicking a message performs the same action.
• Compress - compresses the file storing the PGP messages. Any messages marked for deletion will be permanently removed from the file.
• Options - displays a dialog box that indicates whether deleted messages will be left on the server.

Note: The encrypted PGP messages are stored in a file named PGPMSG.PID. The MSGIDX.PID file is an index to the messages.

What is a nym?

Nym is simply another term for an alias or pseudonym. Various people offer a no-charge service that allows you to create a nym account (where e-mail can securely be forwarded to you).

This is similar to setting up an old anon.penet.fi account, only much more secure. Instead of using a data base of users associated with account names (like penet.fi), the service works by rerouting through remailers and conventionally encrypting messages forwarded to you with PGP. There are currently two types of nym servers that Private Idaho supports. The first generation alpha type and the more secure newnym (alias.net) type.

Briefly, you supply the nym server with a chain of remailers (PGP encrypted being the most secure), you'd like to use to have any messages forwarded to you. You also provide a nym account name and a PGP passphrase to encrypt the forwarded message.

For example, if you used a nym server and selected "casper" as a nym, you could send anonymous e-mail or post anonymously to a USENET newsgroup and have people reply to casper@nymserver.com. When someone sends a message to that address, it is PGP encrypted, then sent through a series of remailers you specified. It is eventually forwarded to you through the remailers. You'd then use Private Idaho to decrypt the message.

Once you have an account, you can also send mail or post articles from the nym server. In such cases, your nym account name would appear in the From: line of the message/article.

Important

Private Idaho made it easy to use nym servers. Most of the nym server code has been written by UNIX programmers, without a lot of thought given to making easy to use interfaces for novice to moderately skilled Net users.

Unfortunately, due to quite a bit of abuse (spamming, mail-bombing, etc.), many nym servers have shut down. This is a case of a few individuals ruining a valuable privacy enabling tool for many Internet users. I really don't want to get on a soap-box, but when people start abusing free, privacy services, they will disappear faster than through any lawsuit or government regulation.

Adding new nym servers

Private Idaho determines which nym servers and remailers are available from Raph's remailer info. This info is stored in the REMAILER.HTM file in the Private Idaho directory. Nym servers are either identified by "alpha" or "newnym" in their description.

For example, alpha.c2.org's entries looked like this:

$remailer{'alpha'} = '<alias@alpha.c2.org> alpha pgp';

and later in the file:

alpha alias@alpha.c2.org +++*++**-+ 1:08:55 82.67% 

If a new nym server comes online, and isn't in Raph's list yet, you can easily add it to the REMAILER.HTM file with a text editor. Just individually add lines that follow the above respective formats. Once you've modified the file, run Private Idaho. It will recognize the nym server when you create a new nym.

Note: Nym server information relies on Raph's remailer list. If a new nym server comes on line, be sure to add its PGP key to your public ring before using Private Idaho to create a nym on it. The Add Keys button in the step-by-step creation dialog only adds keys of those nym servers listed in the NYMKEYS.TXT file.

Creating a nym account

Creating a nym account was a bit complex, but Private Idaho has simplified the process. Just select "Create nym" from the Nym menu and follow the instructions in the dialog boxes. (If you don't already have the nym server's public key in your ring, Private Idaho will install it for you during the nym setup.)

Private Idaho will step you through the entire account request process, and when you're through, you can send the message to the nym server.

If you were successful, you'll receive an encrypted confirmation message back.

After you receive confirmation, send mail to your new nym account to test it. Remember, response time may vary.

Notes: Make sure "Encrypt to self" is unchecked before you create a new nym.

You must supply a "full nym" for Private Idaho to work correctly. If you're not feeling creative, just use the nym account name.

Adding an existing nym account

If you already have a nym account(s), you can add it to the NYMS.TXT file instead of using Private Idaho's step-by-step procedure. Just create a text file named NYMS.TXT and put it in the same directory as Private Idaho. The file format is simple. The first line is the nym account (followed by a carriage return), the second line is the full nym name (followed by a carriage return), the third line is the nym server (followed by a carriage return). The format looks like this:

Add as many nym accounts (following this format) as you have.

Note: You must include a full nym name. Don't leave this line blank.

Deleting a nym

To delete an unwanted nym, choose the Delete nym command from the Nym menu. A list of nyms are displayed.

The nym will be deleted from the NYMS.TXT file. A message will also be prepared to send to the nym server to remove the nym from the server itself. Send the message to the server to remove it.

Changing your nym reply block

You can change your nym account reply block with this menu item. You may need to do this if a remailer you originally specified in your reply block no longer is operating. To change your reply block.

1. Enter the final destination e-mail address in the To: text box.

2. Specify the new remailer or chain in the Remailer drop-down list.

3. From the Nym menu, choose the "Change reply block" command.

4. Select the nym you want to change.

If you are changing an alpha type nym:

• Enter your nym password in the Message text box after Password:. Make sure the reply block is correct.
• From the Nym menu, choose the "Encrypt nym message" command.

(These steps aren't required if you are changing a newnym type nym.)

Send the encrypted message. If you want to be real secure, send it through a chained series of remailers.

Changing your nym password

You can change your nym account password with this menu item. If you're changing an alpha type nym password, the command pastes a template in the message window. Simply enter your current password and a new password in the message. Encrypt the message and send to the nym server. If you don't provide a value for New-Password, the account will be deleted. You can also change mail routing with this command. First specify the remailer routing (put your e-mail address on the To: line, select a chain of remailers, and use the "Append info to message" menu item), then select Change nym password to append the password change information to the routing message.

If you want to change an alias.net (newnym) password, use the Change nym reply block command in the Nym menu.

Encrypting a nym message

All messages sent to nym servers must be encrypted with the nym server key. Any plaintext messages will not be processed and be deleted. As a reminder, whenever you prepare a message to send to the nym server, Private Idaho displays a red encryption reminder above the message window. After you encrypt the message, the message disappears (you can also click on the reminder message to make it disappear).

Note: If you're preparing a newnym type message, you don't need to encrypt it. This is automatically done for you.

Preparing a nym message

To send a message through a nym server, first compose your message in Private Idaho's message window. If you are sending e-mail, put the address on the To: line. If you are posting to a newsgroup, enter the USENET gateway on the To: line. Select the "Prepare nym message" item from the Nym menu. If you're using an alpha type nym server, fill in your nym password and the Subject: lines and select the "Encrypt nym message" menu item and send the message.

After the message is prepared, send it through a series of remailers if you'd like a high level of security.

Showing nym server stats

To check latency and uptime statistics for a nym server, choose the Show nym server stats command in the Nym menu.

As with remailer stats, if a nym server doesn't have any information associated with it, it may not be operational. Otherwise, don't use the nym server unless you're sure it's running.

Configuring an alias.net nym

Alias.net (newnym) type nym servers offer a variety of secure features. Use the "Edit existing alias.net nym" command in the Nym menu to configure a nym you've already created.

Send e-mail to help@nym.alias.net for complete documentation.

Nym notes

Private Idaho stores the nym and expanded nym of the last nym account created in the NYMS.TXT file. The password is not stored for security reasons.

Your nym passphrase should be different than your everyday PGP passphrase. You are compromising your security if they are the same.

Make sure the nym passphrase does not have any spaces in it. The server will truncate the passphrase at the space.

If you don't get an encrypted reply back in a few days, it's likely someone else already has a nym account with the name you requested or one of the remailers specified in the reply chain is down. Try submitting a request with a different nym or changing the remailer chain. You can get a list of nyms by e-mailing used@ the nym server address.

If you have questions/comments about the Private Idaho interface to nym servers send e-mail to joelm@eskimo.com. If you have comments or questions about the nym server, send e-mail to admin@ the nym server address. You can get additional information about the nym server by sending mail to: help@ the nym server address.

Accessing a Web browser

One of the main purposes of Private Idaho is to provide an easy environment that encourages people to use PGP and remailers with their e-mail. The more people that use these tools, the less likely it is governments will be able to take them away.

The Worldwide Web is becoming an increasingly important means of distributing information around the world. There are a number of free, important electronic information sources and services that reside on the Web.

If you use a Web browser, Private Idaho can interact with your browser to provide links to sources where you can access tools and information to increase your electronic privacy.

Using the Web menu

The Web menu comes with a series of menu items I feel are important if you use Private Idaho. Each menu item corresponds to a Web link (or technically a URL - universal resource locator). When you select the menu item, Private Idaho will load (if necessary) and activate your Web browser. It will then pass commands on to your browser to go to that particular URL.

Private Idaho's default settings assume you use Netscape as a browser (located in c:/netscape/netscape.exe). If you don't use Netscape, or if you do and it's located in a different path, see the "Configuring Private Idaho for your Web browser" section below.

Obviously, you must be connected to the Internet for a browser to display a Web page.

If your browser is not running, Private Idaho will inform you and then load it. Once the browser is running, select the menu item again, so the information will be passed on the the browser.

Default menu items

Here are the default menu items that come with Private Idaho. I encourage you to spend some time exploring them, particularly the sites for the EFF, EPIC, and CPSR organizations. They contain a wealth of information on cryptography, privacy, and government issues.

Get the latest PGP (US residents) - accesses MIT's PGP distribution page. You must be a US resident to download PGP from this source.

Get the latest PGP (rest of world) - accesses a page of links with sites outside of the US where PGP can be downloaded.

Access the MIT key server - accesses a page where you can store your PGP public key in a database as well as search for other people's. This is a free central database that get's global use.

Read the official PGP FAQ - accesses the official PGP Frequently Asked Question list. Most of your questions can be answered here.

Get the short PGP FAQ - accesses a shorter version of the PGP FAQ, with information on the latest version, where to get PGP, and different types of shells to use.

Learn about crypto and privacy - accesses the privacy and cryptography section of the WWW Virtual Library. Excellent information on PGP, crypto, and electronic privacy issues. >

Browse alt.security.pgp - accesses the USENET alt.security.pgp newsgroup. This is the place for breaking information, answers to easy and hard questions, and interesting political discussion.

Get remailer information - accesses remailer information you can use to update the RMINFO, CPMAILER, and Mixmaster files Private Idaho uses. Also provides links to other remailer information sources.

Go to EFF - accesses the Electronic Frontier Foundation's home page. An excellent source of information on electronic privacy issues.

Go to EPIC - accesses the Electronic Privacy Information Center's home page. An excellent source of information on electronic privacy issues.

Go to CPSR - accesses the Computer Professionals for Social Responsibility home page. An excellent source of information on electronic privacy issues.

Get the latest Private Idaho - accesses the central page for Private Idaho distribution. You can check for any updates and download them.

You can also add your own menu items and links. See the "Adding your own links to the Web menu" section below.

Configuring Private Idaho for your Web browser

As previously stated, Private Idaho's default Web browser configuration is Netscape. To configure to your own browser, choose the Options command from the Web menu.

This dialog box may look complex, but really isn't. First, a little background on what happens when you select a menu item from the Web menu.

Private Idaho interacts with a browser by sending a key sequence to it, much in the same way it works when you transfer information to your e-mail software. While some browsers like Netscape support DDE, I wanted to provide more flexibility for use with other browsers that didn't.

When you select a menu item, it looks to see if the browser is running by seeing if a window exists in the Windows task list. (If the browser isn't running, it will attempt to load it, and ask you to select the menu item again after the browser has loaded.)

If a window is present, it sends a series of keys that tells the browser to provide some form of input for specifying a URL. For example in Netscape, the CTRL+L key opens a dialog box for a URL to be entered. Next, Private Idaho sends the actual URL that corresponds to the menu item to the browser, plus a key sequence that tells it to go to the URL (in Netscape's case, the return/enter key).

With that in mind, here's information on the parameters in the Web Options dialog box.

Web browser path - Enter the full path of the Web browser you use, for example, c:\netscape\netscape.exe (which is the default). If you're using Windows 95 and have long file names, use the DOS file path. For example, C:\Program Files\Netscape\Navigator\Netscape.exe would be C:\Progra~1\Netscape\Naviga~2\Netscape.exe.

Browser window search string - This is the name of the window that Private Idaho will pass the key sequences to. Depending on the browser, you can just put its name here. (HINT: Run the browser then select the Transfer options command in Private Idaho's Message menu to get a list of all of the current window names. Use the name that corresponds to the browser.)

Here's where things can get a little tricky. Some browsers (such as Netscape) use a parent window and a child window. If you specify the parent window (named "Netscape") to pass the key sequences to, nothing will happen. This is because the child window (that's name contains the current URL) is active, and receives any key messages. The problem with browsers like this, is the window name constantly changes, so you never know which window to send the key sequence to.

The solution is to look for a command pattern that all child window names have. In Netscape's case, child windows names always start with "Netscape - [", so if you specify this as the Browser window search string, Private Idaho will always be able to activate the correct window.

You may need to do some experimenting with this, to find the correct search string to use. The window list in the E-mail, Transfer options dialog can help.

Key sequence to prompt for URL - This is a series of keyboard commands within the browser that allows the user to enter a URL. For example, typing CTRL+L in Netscape brings up a URL dialog box. You will need to enter the key sequence that is appropriate for your browser.

Certain keys must use special characters.

• For the Ctrl key use a ^
• For the Alt key use a %
• For a tab use {TAB}
• For a return/enter use ~
• For the Shift key use a +
• For keys to be held down at the same time, enclose then with ( )

For example, in Netscape a CTRL+L opens the URL dialog box so you'd enter ^l

Key sequence to get URL - This is the key sequence that will tell the browser to go to the URL. In Netscape, pressing the return/enter key after the URL has been entered closes the dialog box and goes to the URL. So, for this parameter you would use a ~

(The corresponding special keys shown above also apply to this parameter.)

All parameters are written to the PIDAHO.INI file when you click the OK button.

Note: The settings for Microsoft's Internet Explorer are:

• C:\Program Files\Microsoft Internet\IEXPLORE.EXE
• Microsoft Internet
• {TAB}{TAB}{TAB}
• ~

(You'll need to figure out the correct "short" path name based on your own machine.)

Adding your own links to the Web menu

All items that appear in the Web menu are stored in the URLS.TXT file. You can add to or modify the contents of the file with any text editor, following these rules:

• Each line represents a menu item. (UNIX folks, this is a DOS CR/LF terminated line.)
• A line containing a "-" is an unselectable menu divider.
• The menu item name is followed by a comma (,) and then the URL, for example:

  Get the latest Private Idaho,http://www.eskimo.com/~joelm

• Don't use multiple commas in a menu item name, as Private Idaho parses the URL after the first comma.

Anonymously accessing a Web page

NOTE: As of mid-November, 1996, this service was no longer being offered.

Community Connexion - http://www.c2.org (a privacy oriented Internet Service Provider) offers a free Web "anonymizing" service. It's relatively easy for someone to track what information you access on the Web. However by using the anonymizer with your browser, the owner of the Web page you accessed won't know your identity.

You should have a connection to the Internet, with your browser running and not minimized.

Enter a URL in Private Idaho's message box, select the text, and choose the "Anonymous jump to URL" command from the Web menu. This will load the URL into your browser and anonymously access the Web page.

Hint: You can store frequently accessed URLs in Private Idaho's address book.

The C2 Web anonymizer port may change in the future. You can change it in the General tab in the Options menu.

Troubleshooting

If you have problems running Private Idaho, try these things first:

• Verify that PGP is working correctly at the DOS prompt
• Make sure the AUTOEXEC.BAT file has the PGPPATH environment variable
• Make sure the AUTOEXEC.BAT file has the PGP and Private Idaho directories in the PATH environment variable (make sure the Private Idaho path setting occurs before Windows is called)

If Private Idaho still isn't working correctly, try moving the files in the Private Idaho directory to the directory containing PGP.

Specific problems:

PUBKEYS.OUT

When Private Idaho is first run, it creates a file called PUBKEYS.OUT and places it in the same directory as the application. This is a required text file that contains the contents of your public key ring. If for some reason the file isn't created, you can usually create it with the Update PUBKEYS.OUT command in Private Idaho's PGP menu. If this still doesn't work, it's possible your system hasn't defined the COMSPEC environment variable. At the DOS prompt, type SET. If the COMSPEC variable isn't displayed, add the following line to AUTOEXEC.BAT: COMSPEC=C:\COMMAND.COM (or where ever the COMMAND.COM file is located).

Another common problem is the PGP directory not being specified in the AUTOEXEC.BAT PATH statement. If it is, try modifying the values of the PIF files that comes with Private Idaho. By default, they point to PGP.EXE, but you might try changing their values to point to the fully qualified PGP path (such as C:\PGP26\PGP.EXE).

The PUBKEYS.OUT file is created by piping the information from the DOS pgp -kv command to a file. Some users running NDOS and 4DOS have reported compatibility problems with this piping procedure.

Some users using PGP language files other than English have reporteded PUBKEYS.OUT problems have been resolved when the English language file is used.

Finally, if nothing seems to work, you can manually create the file by going to the DOS prompt, cd'ing to your PGP directory, and typing:

pgp -kv >pubkeys.out

Move this file into the Private Idaho directory. This will at least get you running until you isolate the problem.

Mail Server and Winsock Connections

First, make sure the WINSOCK.DLL file is in either the \WINDOWS or \WINDOWS\SYSTEM directory. I've heard of some applications renaming the Winsock file.

If you have difficult connecting to a mail server, try using the IP address instead of the actual server name. Also, be sure your account name is correct.

If you still are having problems sending mail, try this test to see if there might be a problem interacting with your server. Temporarily set the SMTP server to mail.eskimo.com and try sending e-mail. If you are successful, there's likely some type of incompatibility with the mail server your ISP is running.

Note: The mail server address shown above is Joel's ISP's. Please don't abuse it.

Windows NT

Users have successfully run Private Idaho under Windows NT, but others have reported problems I haven't been able to replicate. At this point (since I don't have an NT box), Windows NT is an unsupported platform.

PGP doesn't use correct secret key

In certain circumstances, PGP will use the first key found in a secret key ring containing multiple keys. To avoid this, specify the key ID instead of the user ID. For example, 0x123456 instead of mrbill@snl.com. To view the key ID, use the -kv command.

PGP and Mixmaster icons in Windows 95 taskbar

If the "Run PGP minimized" item in the PGP menu is checked, and you're running Windows 95, when you encrypt a message, the PGP icon will appear in the taskbar at the bottom of the screen. You must click on the icon for PGP to be run (this applies to running Mixmaster also). You can avoid this step by changing the PIF settings in the Win95 Explorer. For example, in the Explorer, select the PIPGP file and right click the mouse button to set properties. Go to the Misc tab. Under Background, make sure "Always suspend" is not checked. Perform the same steps with the PIPGPX and MIX PIF files.

USENET messages don't get posted

I frequently get e-mail from people who are having difficulties posting to USENET newsgroups. If you follow the instructions, this usually isn't a problem with Private Idaho. The most common reasons why people don't see there anonymous messages posted include:

• When test posting to alt.test or another high traffic newsgroup, sometimes articles seem to disappear into a black hole. Try posting to alt.anonymous as a test.
• The speed of your Internet provider's newsfeed impacts when you will see your article. It may be hours or days before you actually see an article you posted. This depends on which server you posted the article to, and the amount of time it takes for the newsfeed to reach your Internet provider's news server.
• A single remailer that is down will prevent the article from reaching its final destination. This is especially true with reply blocks used with nym accounts.
• A mail to USENET gateway may not be accepting articles to a specific newsgroup or from your domain (for example, the demon gateway does not accept articles from c2.org accounts).

The bottom-line is you get what you pay for. The remailer services are free. It's only when some Internet providers start charging for their privacy services, will you see a higher level of reliability when posting anonymous USENET articles. Until then, be prepared to experiment to find the right remailer and gateway that's the most reliable for you.

Web links don't transfer correctly

The browser must not be minimized for a URL to transfer. If the application is maximized, it's likely the window name specified within Private Idaho is incorrect.

NYMS.TXT not formatted correctly and "File past end of input" in NYMS.TXT

All nyms must have three lines of information. The nym (mrree), the full nym (Mr. Ree), and the nym server (config@nym.alias.net). Each line should be followed by a carriage return. The full nym line must have some information on it, and not be left blank. If you modify the file by hand, too many lines, or two few lines, cause an error.

Mixmaster doesn't run correctly

First, make sure you have all of the files that Mixmaster needs to run. Then try setting the working directory in the MIX.PIF file to the directory path that contains Mixmaster and Private Idaho. Also, make sure MIXPATH is set in your AUTOEXEC.BAT file.

Nym servers only use Cypherpunk style remailers for reply blocks. If you try to specify Mixmaster type remailers, you will get errors.

The Private Idaho interface to Mixmaster is currently limited to plaintext messages approximately 10k in length.

Command line greater than 128 characters

DOS applications have a limit to the size of a command line that can be passed to them. When Private Idaho shells to DOS PGP, it passes commands that identify directory paths, user IDs, etc. In some cases, the command line may surpass the limit, and cause a PGP operation to fail. A dialog box notifies you of this. If this happens, try: (1) reducing the length of your PGP user ID (i.e. use <joelm@eskimo.com> instead of Joel McNamara <joelm@eskimo.com>, or (2) relocating Private Idaho to a directory with a shorter path name (i.e. C:\PI versus C:\APPS\CRYPTO\WIN\PIDAHO).

Multiple .ASC files for attachments

When PGP encrypts a file and uses ASCII armor, it will split the file up into multiple files, each containing 720 lines. If you have a large attachment, you'll get numerous .ASC files. To force PGP not to split a file, in the PGP config.txt file, set the ArmorLines variable to 0.

Known issues

I haven't gotten around to fixing these yet. They'll hopefully make the next incremental release.

• If any of the Advanced Cypherpunk menu options are checked, Eric remailers will not be displayed in the remailer list.
• Mixmaster messages composed with PI currently appear to be limited to ~10k of plaintext.
• Private Idaho will probably crash with any messages over ~32k. If it is possible you will receive large messages, be sure the "Delete POP3 mail from server" option is turned off inside of PI.
• During nym creation, if no remailers are specified and Encrypt to remailers is checked in the Advanced Cypherpunks menu, PI will first encrypt the nym creation message with the user's public key.

Command Summary

File

• Import message - reads a text file into the message area
• Import message as quoted - reads a text file into the message area and adds > to the beginning of each line
• Save message - saves the contents of the message area to a text file
• Print message - sends the message to the printer
• Address book - displays the user-editable address book
• Expert/User - toggles the user interface between expert and user mode
• Options - sets up all the options
• Save settings - saves program settings, which are restored on running
• Exit - just what it sounds like

Edit

• Cut - standard
• Copy - standard
• Paste - standard
• Paste as quoted - Quotes the text and adds > to the beginning of each line
• Quote selected - Adds > to the beginning of each selected line
• Clear all - clears headers and message box
• Clear message - clears any text in the message box
• Copy message - copies any text in the message box to the Clipboard
• Paste messages - pastes Clipboard text to the message box
• Insert header - inserts a predefined header in the message
• Insert signature - inserts a predefined signature in the message
• Find - standard
• Find Next - standard

PGP

• Encrypt message - encrypts text in the message box
• Encrypt and sign message - encrypts and signs text in the message box
• Clear sign message - attaches a signature to text in the message box
• Decrypt message - decrypts PGP ciphertext in the message box
• Use multiple keys - encrypts message with multiple keys instead of To:
• Encrypt to self - also encrypts with your key for archiving
• Eyes only - only allows DOS box display
• Conventional encrypt - uses single versus public key encryption
• Obscurity - adds and deletes PGP headers from ciphertext
• File as input - uses a file as encrypt/decrypt source
• Word wrap message - word wraps the message before encryption
• Run PGP minimized - keeps the PGP DOS box minimized
• Auto-close PGP - automatically closes the PGP DOS box window

Keys

• Create key pair - creates a new secret and public key
• Delete key - removes a key from your public key ring
• Add key from message - adds any keys in the message box to public ring
• Insert key in message - inserts a selected public key in the message
• Update PUBKEYS.OUT- updates PI's key ring file
• Submit key to server - submits a key in the message box to the MIT key server
• Get key from server - attempts to get a key from the MIT server based on the To: box

Remailers

• Cypherpunk - displays Cypherpunk-style, Type I remailers
• Mixmaster - displays Type II remailers
• Eric - displays Eric-style remailers
• Update remailer info - establishes a Net connection and updates current remailer info
• Get remailer keys - establishes a Net connection and gets remailer keys

Advanced Cypherpunk - more Cypherpunk-remailer options

• Encrypt to remailer(s) - encrypts message with remailer PGP key
• Replace subject - uses a different subject line
• Use latent time - delays sending the message
• Use cutmarks - removes specified signature lines
• Post to USENET - displays remailers that support posting to newsgroups

Newsgroups

• None - if you're not posting to a USENET newsgroup
• E-mail gateway - displays e-mail gateways to newsgroups
• Eric - fills in information for posting through Eric remailers
• Remailer newsgroup header - uses a newsgroup header for certain types of remailers

Message

• Send - sends the message through a SMTP mail server
• Append info - adds remailer info to message
• Append on send - when checked, automatically remailer formats message when sent
• X-Headers - when checked allows user defineable mail headers to be inserted in a message
• Download new e-mail - Downloads any waiting e-mail by SMTP/POP3
• View e-mail - read e-mail you have downloaded
• View queued e-mail - look at e-mail that is ready to send

Nym

• Create nym - steps you through creating a nym account
• Change nym password - provides a template for nym passowrd changing
• Change nym reply block - provides a template for changing a nym reply block
• Delete nym - deletes the nym from NYMS.TXT and the nym server
• Show nym server stats - provides current info on nym servers
• Edit existing alias.net.nym - configures an alias.net nym type account
• Prepare nym message - prepares a message for sending through the server
• Encrypt nym message - encrypts (mandatory) a message sent to the server

Web

• Anonymous jump to URL - uses C2's "Anonymizer" for Web browsing

Help

• About... - brief info
• Information... - where to get this file
• Step me through... - provides step by step instructions for common tasks

Other things

Other things:

• There's more to this site than just Private Idaho, check it out...
• Practical limitation of text in the message box, approximately 32K.
• Total anonymous mailers to list for chaining, 30.
• The name Private Idaho comes from a catchy B-52s song. No deep social meaning, just had a nice ring to it.
• Real Cypherpunks write code and spread crypto... (and don't engage in petty flame wars)