GnuPG PRNG insecure?

Werner Koch wk at
Sun Feb 10 18:38:01 CET 2002

On Fri, 8 Feb 2002 17:18:17 -0800 (PST), Len Sassaman said:

> Exactly. Open source developers who expect free audits of their code
> simply because it is open are going to be disappointed, especially if they

However a lot of people try to sell this as the advantage of Free
Software but the only evidence I have ever saw are counter examples.

> The reasons why source code must be available (from a security auditing
> perspective) are a) that a user can commission an audit if he wishes, and
> b) he is assured that the code he just had audited is the real deal, and

100% agreed.


Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus

More information about the Gnupg-devel mailing list