* Morlock Elloi wrote:
BO, trojans, http tunelling and similar are really not rocket science these days. 99% of sheeple machines are vulnerable. This is perfectly valid and real attack. Not on my machines and probably not on yours - that does not make any difference.
Exactly. Furthermore overclocked customer maschines make it just more likely to attack a PGP key using failture analysis ("Bellcore attack" in German smartcard hacking lingo). So urge the implementors to protect against computing errors as well. IMNSHO the PGP paradigma to expect locally written data to be unmodified on later read was attacked. Phil can not be sued for this paradigma because he developed for DOS. PHP Inc might be sueable because they extended the model to other OS. I can be sued because I forget it as well while adapting the source to PKI needs. PGP2.6.3(i)n has the necessary fixes.