Setpref on RSA key in 1.3.0 knocks over W2K - erratum

Dick Gevers Dick Gevers <dvgevers@xs4all.nl>
Wed Nov 20 00:44:02 2002


On Tuesday, 19 November 2002 at 22:28 h, I wrote about "Setpref on
RSA keyin 1.3.0 knocks over W2K":

>Hi all,
>
>[ Don't you Linuxers start laughing, please: I am one of yours *) ] 
>
>What could perhaps be interesting for the readers of this list is
>what happened to me tonight: on the command console I updated my
>preferences on an old RSA secret key (69DA67C9) imported early this
>year from PGP 7.0.3, and with F7 (bringing up previous commands) I
>did an update pref. with the same string I had previously done on an
>old PGP created DSA key (3E0047E8). 
>
>When I did several F7's that way I noticed GPG wasn't responding
>well, but stupidly continued and setpref'ed. It worked okay I found
>later, but it BSOD'ed my W2KSP3. The fatal exception screen showed
>an error message I never saw before, but realising what I had been
>doing was explanatory: quote stop error 0xc000021a (Fatal System
>Error). The Windows Subsystem process terminated unexpectedly with a
>status of 0xc0000005 (0x77fcb238 0x005bf940) unquote.  
>
>A remark in the "Getting Started" booklet provided with the W2K
>setup-CD from Microsoft under this stop error states i.a.: "the user
>subsystem, such as winlogon or the client server runtime subsystem
>(crss), is fatally compromised and security can no longer be
>guaranteed". 
>
>If some of you W2K'ers would want to recreate this, pls bear in mind
>that my secring is on a PGP Disk, I was running hardly anything
>except BlackIce PC Protection and Kerio personal firewall. 

err: ...and seti@home command line

>But we
>can't completely blame windows for this (yet another BSOD), because
>since day 1 that I own W2K my hardware setup appears to be not
>completely compatible with it, this was worsened when SP3 was
>published and sofar I couldn't obtain the perfect controller card
>driver for me and my W2K yet. So my box is much more likely to fall
>over than someone's completely stable system.
>
>Nevertheless it is my experience that GnuPG is drawing so many
>resources (I have 458 Mb RAM and a PII /350 MHz that should normally
>speaking be sufficient) that since SP3 I have taken many a beating.
>I have even been falsely accusing GPGshell of some freezes I
>suffered, but it has become clear to me that GnuPG (both 1.2.1-1 and
>1.3.0) is so demanding that a not 100% stable system will bowl over.
>  
>
>If there would be any chance of making available an option in GnuPG
>to make less demands on the O/S + hardware I would highly appreciate
>that. Of course, I don't want to bring down encryption speed for
>everybody, but I could imagine that others might suffer difficulties
>too, sometimes. 
>
>Anyway I hope the information is helpful for those who want to see
>GnuPG usage increase in general: it's a fine tool for me in all
>other respects.
>
>Cheers,
>=Dick Gevers=
>
>
>*) sort of: Suse 6.0 was incapable of dealing with my non-win-
>modem, unless I flashed its BIOS with a Siemens update that would
>have disabled it for Windows: now I hope to have ADSL soon when I
>intend to multi-boot to Mandrake or W2K).