Please remove MacGPG from gnupg.org due to serious security concerns

Hugo Osvaldo Barrera hugo at barrera.io
Tue Feb 17 15:14:24 CET 2015


On 2015-02-17 11:01, Jonathan Schleifer wrote:
> 
> I disagree. The developers are not capable of writing secure software, as demonstrated (several times even, it seems). It would be best to advise to never use that at all and then write new software, if there's demand for it. It's sometimes better to not use something than to use something untrustworthy. For security products, this is especially true.
> 

Actually, I've noticed that there was a very quick reply to this when it was
brought to the dev's attention. I'll leave this here for anyone else interested
in following-up:

  https://github.com/GPGTools/GPGTools_Core/commit/5186bade36acedfdc0b76f9f5ddfcfc004ec698b

I'm not aware of any track record of writing bad software in the past either -
I believe they're just human.

Cheers,

-- 
Hugo Osvaldo Barrera
A: Because we read from top to bottom, left to right.
Q: Why should I start my reply below the quoted text?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20150217/3c3b1b09/attachment.sig>


More information about the Gnupg-users mailing list