GnuPG PRNG insecure?
Ben Pearre
bwpearre@alumni.princeton.edu
Thu Feb 14 21:27:02 2002
--XRI2XbIfl/05pQwm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
> Perhaps a cash-for-bugs "bounty" isn't the right thing, but in terms
> of auditing, a little bit of money doesn't help, but if 20 people all
> throw in a little bit of money...
Money? Pshaw. Credit! There could be a command-line option
--list-contributors or some such, which makes it trivial to see who
has helped with the program. "...and the daring souls who found
security flaws in the code:..."
The key is being able to say during a job interview (OK, how many
interviewers use GPG?) or a hot date (?!) "Run this command and see my
name"... and have it take 10 seconds.
--=20
bwpearre@alumni.princeton.edu http://hebb.mit.edu/~ben
--XRI2XbIfl/05pQwm
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8bB0v+CWfKs/abNoRAvVcAKDDK9Rsm5t3NqOgmocIGY+PjJit/ACfbuSQ
92J/cMNc+4yNq0K5aatIFb4=
=+H2P
-----END PGP SIGNATURE-----
--XRI2XbIfl/05pQwm--