GnuPG PRNG insecure?

Werner Koch wk at
Sun Feb 10 18:48:01 CET 2002

On Fri, 8 Feb 2002 09:41:56 -0500, David Shaw said:

> I'd be willing to throw some money into a pot for people who find
> security-related bugs in GnuPG.

The main problem is that it needs expierenced programmers to find the
non trivial bugs.  Those programmers are usually writing new code or
fixing old one and don't have the time to screen other programs and it
is not so interesting to do audits - especially not on a unpaid or low
paid basis.  So I don't believe that a little bit money will help.


Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus

More information about the Gnupg-devel mailing list