Setpref on RSA key in 1.3.0 knocks over W2K

Dick Gevers Dick Gevers <dvgevers@xs4all.nl>
Tue Nov 19 23:32:02 2002 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

[ Don't you Linuxers start laughing, please: I am one of yours *) ] 


What could perhaps be interesting for the readers of this list is 
what happened to me tonight: on the command console I updated my 
preferences on an old RSA secret key (69DA67C9) imported early this 

year from PGP 7.0.3, and with F7 (bringing up previous commands) I 
did an update pref. with the same string I had previously done on 
an old PGP created DSA key (3E0047E8). 

When I did several F7's that way I noticed GPG wasn't responding 
well, but stupidly continued and setpref'ed. It worked okay I found 

later, but it BSOD'ed my W2KSP3. The fatal exception screen showed 
an error message I never saw before, but realising what I had been 
doing was explanatory: quote stop error 0xc000021a (Fatal System 
Error). The Windows Subsystem process terminated unexpectedly with 
a status of 0xc0000005 (0x77fcb238 0x005bf940) unquote.  

A remark in the "Getting Started" booklet provided with the W2K 
setup-CD from Microsoft under this stop error states i.a.: "the 
user subsystem, such as winlogon or the client server runtime 
subsystem (crss), is fatally compromised and security can no longer 

be guaranteed". 

If some of you W2K'ers would want to recreate this, pls bear in 
mind that my secring is on a PGP Disk, I was running hardly 
anything except BlackIce PC Protection and Kerio personal firewall. 

But we can't completely blame windows for this (yet another BSOD), 
because since day 1 that I own W2K my hardware setup appears to be 
not completely compatible with it, this was worsened when SP3 was 
published and sofar I couldn't obtain the perfect controller card 
driver for me and my W2K yet. So my box is much more likely to fall 

over than someone's completely stable system.

Nevertheless it is my experience that GnuPG is drawing so many 
resources (I have 458 Mb RAM and a PII /350 MHz that should 
normally speaking be sufficient) that since SP3 I have taken many a 

beating. I have even been falsely accusing GPGshell of some freezes 

I suffered, but it has become clear to me that GnuPG (both 1.2.1-1 
and 1.3.0) is so demanding that a not 100% stable system will bowl 
over.   

If there would be any chance of making available an option in GnuPG 

to make less demands on the O/S + hardware I would highly 
appreciate that. Of course, I don't want to bring down encryption 
speed for everybody, but I could imagine that others might suffer 
difficulties too, sometimes. 

Anyway I hope the information is helpful for those who want to see 
GnuPG usage increase in general: it's a fine tool for me in all 
other respects.

Cheers,
=Dick Gevers=


*) sort of: Suse 6.0 was incapable of dealing with my non-win-
modem, unless I flashed its BIOS with a Siemens update that would 
have disabled it for Windows: now I hope to have ADSL soon when I 
intend to multi-boot to Mandrake or W2K).

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.0 (Win32)
Comment: GPGShell 2.65 - QDGPG for Pegasus Mail 1.0.3.0 beta4

iD8DBQE92rrvwC/zk+cxEdMRAnInAKCkXGYKBtNOLC1PiER0pdf+pPqZMACgqwiK
4n6qXtF1ohi03KJpU+4Zk9k=
=Jmff
-----END PGP SIGNATURE-----