GnuPG PRNG insecure?
wk at gnupg.org
Sun Feb 10 18:38:01 CET 2002
On Fri, 8 Feb 2002 17:18:17 -0800 (PST), Len Sassaman said:
> Exactly. Open source developers who expect free audits of their code
> simply because it is open are going to be disappointed, especially if they
However a lot of people try to sell this as the advantage of Free
Software but the only evidence I have ever saw are counter examples.
> The reasons why source code must be available (from a security auditing
> perspective) are a) that a user can commission an audit if he wishes, and
> b) he is assured that the code he just had audited is the real deal, and
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus
More information about the Gnupg-devel