[39347] in cryptography@c2.net mail archive
Re: Hypothesis: PGP backdoor (was: A security bug in PGP products?)
daemon@ATHENA.MIT.EDU (Travis H.)
Wed Aug 30 10:33:30 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 28 Aug 2006 21:55:55 -0500
From: "Travis H." <solinym@gmail.com>
To: "Ondrej Mikle" <ondrej.mikle@gmail.com>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <44ED0985.8080905@gmail.com>
On 8/23/06, Ondrej Mikle <ondrej.mikle@gmail.com> wrote:
> We discussed with V. Klima about the "recent" bug in PGPdisk that
> allowed extraction of key and data without the knowledge of passphrase.
I skimmed the URL and it appears this claim was answered several times
in the original thread. Did you not read it, or not understand it?
You have to have a valid passphrase from before the change, because the
passphrase unlocks the disk key which doesn't change, unless you explicitly
tell it to.
--
"If you're not part of the solution, you're part of the precipitate."
Unix "guru" for rent or hire -><- http://www.lightconsulting.com/~travis/
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
