Question about backdoors
Mark H. Wood
mwood at IUPUI.Edu
Tue Feb 10 10:13:55 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 9 Feb 2004 kgriffi at siue.edu wrote:
> I'm currently on break in a security class where someone has mentioned the
> backdoor NAI put in PGP. Since Gnupg is open source can/does something like
> this exist?
I hope they are going to teach you all to ask better questions, somewhere
in that class.
Can a backdoor be put into GNUpg, or any open-source product? Certainly.
Would its secrecy have a useful lifetime? Almost certainly *not*. Is
there, therefore, any point in trying? Probably not enough to be worth
the effort. How does this risk compare with that from some closed-source
product? I will leave that as an exercise for the student. :-)
- --
Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu
MS Windows *is* user-friendly, but only for certain values of "user".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
iD8DBQFAKPU5s/NR4JuTKG8RArTMAKCvvo6vNlPQ7sjM+g7Z74VqQsukNwCfRtNv
SkLlDNJ2L/+TRT540vy12tY=
=BUAd
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list