17 Dec
2003
17 Dec
'03
11:17 p.m.
From: Timothy Newsham <newsham@wiliki.eng.hawaii.edu>
hmm.. looks like the ideal for someone to test out a dos virus that looks for the PGP passphrase and for secret key rings and tries to "get out alive" with them.
Tim N.
Coders start your engines.
Don't type your PGP passphrase on a PC owned by someone else! You don't have to use your passphrase to exchange keys. Keys can be extracted, added, etc. without the passphrase being entered. I don't see any way a virus could be spread via PGP key exchange. At best (worst) a virus could somehow attach itself to the PGP key file but it would be just passive data. It wouldn't do anything. Hal