Frontends for Windows

Silviu Cojocaru
Mon Nov 19 15:18:01 2001

Hash: SHA1

Monday, November 19, 2001 at 4:12:04 PM ,
Loic Bernable wrote the following
on the "Frontends for Windows" thread:

> The question is : why did you decide to use GnuPG ? To improve
> your security, I imagine, as most people here did.

Or because he regards PGP solutions as being expensive, or maybe
because he does not like NAI, but still wants to be able to send
encrypted mail and sign documents electronically.

> However, using such a program, especially under this freeware
> kind of license, is clearly a security problem, as many people
> have already told you. I also agree that GPGshell must not
> contain any backdoor, but precisely you make your system
> security rely entirely on this asumption. Even if this is a
> bug, the passphrase is at some moment within the program
> memory, and who knows what is done of it then ?

Like I said it before, even using the command line, how can you
be certain that gpg is the only one to capture the input ?

This is not an issue.

> There are a lot of ways a program can send data over the
> internet by any mean, I'm quite sure this can be easily
> feasible, especially under MS-Windows.

True. False, run a firewall app and control what connects to the

> Your opinion is that this program is good for GnuPG for it
> provides a user-friendly interface, even if its source code is
> closed.

I would say it does a lot to make it easier to use to the
average tired Windows user that hasn't much time to play with
command line options.

> My opinion is you don't deserve to use GnuPG.

Oh give me a break, will you!

- --
Are you sure you want this tagline?
Version: GnuPG v1.0.6 (MingW32)
Comment: Member of the PGP-Basics, Encryption Help Team