Alternate egd socket
Dave Dykstra
dwd at bell-labs.com
Thu Feb 10 12:06:51 CET 2000
On Thu, Feb 10, 2000 at 06:11:19PM +0100, Matthias Urlichs wrote:
> Hi,
>
> Werner Koch:
> > IMHO, if someone is able to access the random seed file, he will also
> > be able to access the secret keyring ... well, and then he loads it
> > down starts a dictionary attack and in kost cases he will be able to
> > get the passphrase.
>
> Bah, dictionary attack... if you're root anyway, wait until the user
> starts up GnuPG, and trace its read() calls. Bingo.
Yes, if it is a live system and not one that has been physically seized.
- Dave Dykstra
More information about the Gnupg-devel
mailing list