Do the new versions use PGP's randseed.bin? If Netscape even only looks at data used to keep PGP secure, Netscape will be banned from my computer and every computer I am responsible for. -- For good.
This is the second person who has expressed this sentiment. I don't understand it. If you believe that the possibility of randseed.bin getting out is dangerous, then why do you leave it online? Do you really trust every piece of software you run, every piece of software that can possibly access your machine over the net, to not look at that file?
It makes a little bit of sense - I'm not aware of any software, other than PGP and now Netscape, that _explicitly_ goes after randseed.bin, though of course just about anything can try. Assuming the code is inspectable (which it currently is), if I can see that all it's going to do with the file is crunch it into MD5 along with a bunch of other stuff, I'm not too worried, even though it is stealing slack(entropy) from PGP. #--- # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com # Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281 #---