key generation: paranoia mode - explicit random input

Robert J. Hansen rjh at
Fri Feb 28 04:30:01 CET 2014

> Trivial to prevent in comparison to the task of verifying a distro.

There are literally thousands of vectors.  Defending against *all* of
them is a deeply nontrivial task.  Sometime take a look at the
requirements for a SCIF: they're eye-opening.

> This attitute doesn't help though considering that we meanwhile face a 
> situation in which it has become more or less impossible to build a 
> system which is known non-compromised.

It was always impossible.

If you really want a known non-compromised system, you have to set up
your own chip fab plant churning out low-transistor-count, hand-verified
IC designs made from six-nines silicon you personally smelted from sand
you personally mined off a beach.  It has always been this way.  It will
always be this way.

More information about the Gnupg-users mailing list