Looking for answers about Command Code products? Check out our list of frequently asked questions.
new in SpyShield 1.0?
is MSN® Messenger and how can I get it? What is Windows® Messenger?
do I verify the downloaded file with the downloaded signature file?
SpyShield 1.0 adds support for MSN® Messenger 5.0 and GnuPG.
SpyShield 1.0 also includes support for some localized versions of MSN® Messenger. English, Spanish, and German are known to work. Languages that use the ISO-Latin-1 character set (for example, French and Portuguese) probably will work. Your mileage will vary with other languages.
Please note the following minor changes in functionality:
Pretty Good Privacy® (PGP®) is a powerful cryptographic tool that provides privacy and strong authentication for users. As the de facto standard for data protection with over six million users, PGP enables you to store data and exchange messages securely. You can learn more about PGP technology at www.pgp.com and http://web.mit.edu/network/pgp.html.
SpyShield 1.0 supports PGP 6.5.8. SpyShield works with PGP 6.5.1; however, signing imported keys is known to fail due to a PGP bug. Compatibility with earlier versions has not been tested; if you have used SpyShield successfully with an earlier version, please inform us by email to email@example.com.
Many users have written us asking about support for PGP 7.x freeware. PGP began as a command-line program and included the PGP Command Line in all versions through PGP 6.5.8. In a surprise move, Network Associates, Inc. removed the command-line version of PGP from the PGP 7.x freeware distribution. SpyShield integrates with PGP using the PGP Command Line, so SpyShield currently does not support PGP 7.x freeware. As a solution to this problem, we included support for GnuPG in SpyShield 1.0. GnuPG is tiny compared to PGP and can coexist on the same machine.
You can work around this issue by using PGP 6.5.8 freeware, the last release to include the PGP Command Line. You can download this version from the MIT Distribution Center for PGP at http://web.mit.edu/network/pgp.html.
Although SpyShield does not support the Cyber Knights Templar (CKT) version of PGP at this time, we have received reports that SpyShield works with build 6 of the CKT version of PGP. Please send us an email if you have success with this or other versions.
If you are interested in support for CKT, please email us a feature request. We make every effort to include popular feature requests in upcoming releases.
In SpyShield 1.0, we have added support for GnuPG. GNU Privacy Guard (GnuPG) is a free replacement for PGP. It is a full implementation of OpenPGP, the standard that extends PGP, and has been released as open-source software under the GNU General Public License (GNU GPL). For more information about GnuPG, check out http://www.gnupg.org/.
SpyShield 1.0 does support GnuPG under Cygwin. For more information about Cygwin, check out http://www.cygwin.com/.
SpyShield 1.0 is free for noncommercial use. We reserve the right to change this policy in future releases. If you find this product useful, please spread the word to friends and colleagues. If you would like to make a contribution to help offset our costs of operation, please drop a check or money order in the mail to Command Code, PO Box 99707, Seattle, WA 98199. You also can make a donation using PayPal (see below). For commercial purchasing, contact firstname.lastname@example.org.
Command Code is focusing development efforts on MSN® Messenger and Windows® Messenger at this time. If you are interested in support for other instant messengers, please email us a feature request. We make every effort to include popular feature requests in upcoming releases.
Your feature requests are welcome! Please email them to email@example.com.
We're glad you asked! Spread the word to your friends, colleagues, other sites, news media, and anyone else interested in instant-messaging privacy. If you would like to make a contribution to help offset our costs of operation, please drop a check or money order in the mail to Command Code, PO Box 99707, Seattle, WA 98199. You also can make a donation using PayPaljust click the PayPal Donate button below!
If you have feature requests, bug reports, product ideas, or other comments, let us know by email to firstname.lastname@example.org. We appreciate your support!
MSN® Messenger is the Microsoft® software tool you can use to exchange instant messages with friends online. You can download it at http://messenger.msn.com/ for free.
Windows® Messenger is the Microsoft messaging tool included in Windows XP. Windows Messenger only works on the Windows XP operating system.
MSN® Messenger and Windows® Messenger both use .NET Messenger Service (previously called MSN® Messenger Service) and are interoperable.
SpyShield supports MSN® Messenger 2.0 through 4.5 and Windows® Messenger 4.0 through 4.5.
If I'm running MSN® Messenger and my friend is running Windows® Messenger, will SpyShield still work?
Yes. Windows® Messenger and MSN® Messenger both rely on .NET Messenger Service and have been developed for interoperability.
Although MSN® Messenger Service does provide password encryption, it does not encrypt the contents of your messages; MSN® Messenger Service sends your messages as plain text through the network. Anyone who shares a hub with you or anyone with access to an Internet router between you and MSN® Messenger Service can view your messages simply by packet sniffing.
With SpyShield, you can PGP-encrypt your instant messages to guarantee your privacy and the security of the information you send.
SpyShield encrypts your messages with all keys you select from the Recipient Keys dialog box. SpyShield also encrypts with the sender key that you select so that messages you send can be displayed as plaintext on your screen. It is assumed that messages sent to you can be decrypted with this key.
Encrypted messages are indicated by (secure line) in the message window.
First you need to import our key into your keyring. Our key is posted on our site at http://www.commandcode.com/about/publickeys.html. Generally, PGP creates a file association for .sig files. The best way to verify the signature is to save both ssinstall.exe and the corresponding digital signature in the same directory and double-click the .sig file. PGP will do the rest. If all goes well, you will not see anything like "bad signature". Unfortunately, you will probably see "invalid key". This does not necessarily indicate a problem. It simply means that our key has been found in your keyring, but it is not considered valid because it has not been signed by you or one of your trusted introducers. This behavior is related to PGP's web of trust. If you have the PGP command-line program (included by default in pre-7.0 versions of PGP), you can validate the signature by running "pgp ssinstall.exe.sig" in the same directory. This will give you more information than the pretty (but confusing) windows UI.
Unzip the files to a temporary folder and run spyshield --install.
The SpyShield plug-in is only active when SpyShield.exe is running. The SpyShield installation creates a shortcut in your Startup folder to start SpyShield.exe when you first login. If you stop the MSN® Messenger Service, you should restart it by double-clicking the SpyShield desktop shortcut.
More often than not, the sender is not encrypting the message to your public key.
Due to a known bug in PGP 6.5.1, SpyShield cannot sign an imported public key. Upgrade to a later version of PGP to correct this problem. As a workaround, you can sign the imported key using the PGPkeys tool.
It is possible that your sender key is not trusted. When PGP generates a new key pair, the key is trusted implicitly because you were the person who generated it. However, when you import a key pair from another source, you might have to set the trust manually. You can make this change using the command line with the pgp -ke command or using PGPkeys by right-clicking your key and selecting Key Properties (in the General tab of the dialog box that opens, check the Implicit Trust check box).
Make sure that the PGPkeys application is closed when you use SpyShield to import a public key into your keyring. Otherwise, SpyShield cannot import it successfully.
The short answer is that it just doesn't. The slightly longer answer is that the encrypted message is not the same size as the original message, which confuses the emoticon substitution.
Same problem as above.
Quite possibly. Several users have had problems when using non-ISO-Latin1 character sets. We at Command Code lack the resources to do exhaustive testing with international versions of Windows. Please send us an email and we'll try to help you to find a resolution.
In SpyShield 1.0, we have added support for some localized versions of MSN® Messenger. English, Spanish, and German are known to work. Languages that use the ISO-Latin-1 character set (for example, French and Portuguese) probably will work. Your mileage will vary with other languages.
I'm using MSN® Messenger 4.x with SpyShield 0.98 Beta, and my messages aren't encrypted when I press ENTER to send them. What can I do?
You can install SpyShield 1.0, which includes a fix for this problem. If you would like to continue using MSN® Messenger 4.x with SpyShield 0.98 Beta, you must click the Send button or press ALT-S to encrypt your messages. Encrypted messages are indicated by (secure line) in the message window.
We appreciate your feedback. Please send bug reports to email@example.com.
© 2003 Command Code. All rights reserved.