Memory forensics

Werner Koch wk at
Sat Mar 6 13:16:01 CET 2010

On Fri,  5 Mar 2010 22:30, rjh at said:

> The upshot: we now have an actual demonstration.  The takeaway is that
> you should be very, very careful about hibernating your computer while
> passphrases are cached, or while GnuPG is actively processing a file.

You can protect against this by adding a little bit of code to the
suspend script: Iterate over all active users and run for them the
command "gpgconf --reload agent" or directly send a HUP to all
gpg-agent's.  This will invalidate the caches.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list