on communication - gpg's el gamal and debian's openssl

Steve Kinney admin at pilobilus.net
Tue Sep 20 14:57:59 PDT 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 09/20/2016 02:19 PM, Georgi Guninski wrote:
> On Tue, Sep 20, 2016 at 12:38:43PM -0400, Steve Kinney wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> On the downside, it makes denying that you wrote something all 
>> but impossible - "somebody stole my signing key and its pass 
>> phrase" is not what someone who is trying to avoid embarrassment 
>> would like to say.
>> 
> 
> lol, tell this to the gpg's guys and gals, who completely 
> compromised the El Gamal's signing keys

Oh dear.  That implies that the DEB and RPM package managers are blown
wide open, as both use GPG for integrity checks.  At least this
explains why everybody gets rooted all the time.

We gonna have to compile and install from source signed by the
devel... um, heh heh, signed with what?  Houston, come in?  Anybody
down there?

> and to debian, who memset() what they read from /dev/random.

Sounds like a personal issue to me...

> search the interwebz for references.

TL;DR

teh intertubes has too big, probably over 9000






-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJX4bDnAAoJEECU6c5XzmuqPqcIALe915KwejZB6uNapRyaR2bh
UvCO/Obw+qiBlVBXn5kJJPUWWmF0pi8H3q1q+THWbuGJUnXojzFR3lpQYIf/z5Iz
QqdSQr0mbbA4ffRncpBXwtMH9Yh//NHSHxJ4wimg4RmDuunNgJyLosWvXCaFSZaC
mlKuf71P8CsL5Yxx/5ze9APa7B8FFygL/Z7PMaT7WtVGD3rUh++E0hBmB8DEEYjG
PlPfI5oeoAuTQpDEOv0aH8Hn4mIPhPhR7OP3Dz6TSvki6sYkDb0HPlR6WxANiVO3
K1GVYTMydR1xAlB4wpHsRJPdZ5nhWAnCb3fFRFqRunHmEbi74WTMFarC7hyFhjE=
=P36O
-----END PGP SIGNATURE-----



More information about the cypherpunks mailing list