Re: [PLUG] PGP ADK Vulnerability.

Beldon Dominello on Sun, 27 Aug 2000 09:55:29 -0400 (EDT)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] PGP ADK Vulnerability.

From: Beldon Dominello <beldon@speakeasy.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] PGP ADK Vulnerability.

Date: Sun, 27 Aug 2000 09:56:18 -0400

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

Vik Bajaj wrote: > For full advisory, please see: > > http://www.vikbajaj.com/security/incident/august-25/ > It's important to note that the above advisory and "bug fix" only addresses the (quite justified) concern that an ADK can be hacked out of the PGP key. It does *not* correct the fact that the ADK exists. It appears to me that an ADK could still be surruptitiously added to your PGP key without your knowledge at creation time. Could someone with a decent knowledge of encryption technology address this concern, please? Hey! I smell a user-group topic! Anyone? Anyone? -- -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GMU/PA/CS/IT d s+:++ a C++ UL++>$ P+ L++>++++ E W++ N++ o-- K w---$ O M+ V--- PS+ PE Y+ PGP- t+ 5-- X R* tv-- b++ DI++ D+ G++ e+ h--- r+++ y++++ -----END GEEK CODE BLOCK------- For translation, see http://www.kluge.net/ungeek.html ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug

Follow-Ups:

Re: [PLUG] PGP ADK Vulnerability.
From: Vik Bajaj <vbajaj@sas.upenn.edu>

References:

[PLUG] PGP ADK Vulnerability.
From: Vik Bajaj <vbajaj@sas.upenn.edu>

Prev by Date: [PLUG] PGP ADK Vulnerability.

Next by Date: Re: [PLUG] PGP ADK Vulnerability.

Previous by thread: [PLUG] PGP ADK Vulnerability.

Next by thread: Re: [PLUG] PGP ADK Vulnerability.

Index(es):

Date

Thread