[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Update news release



-- [ From: David E. Smith * EMC.Ver #2.5.02 ] --

-----BEGIN PGP SIGNED MESSAGE-----

> >Do the new versions use PGP's randseed.bin? If Netscape even only looks
at
> >data used to keep PGP secure,  Netscape will be banned from my computer
> >and every computer I am responsible for. -- For good.
> 
> This is the second person who has expressed this sentiment. I don't
> understand it. If you believe that the possibility of randseed.bin
> getting out is dangerous, then why do you leave it online? Do you
> really trust every piece of software you run, every piece of software
> that can possibly access your machine over the net, to not look at
> that file?

I'm still running MSDOS, so I suppose net connectivity isn't much
of an issue :)  At any rate, I set my randseed.bin to a length of 0
and then made in un-writable, so that new random bits have to be
generated every time.  It's not too much of a trouble for me;
most of my PGP use is just signing messages to certain interested
parties.  How would Netscape handle the fact that there aren't any
random bits here?

Dave "old bits, new bits, red bits, blue bits"
- --
David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(314)339-3814, "[email protected]", PGP ID 0x92732139
Opinions this ludicrous are mine.  Rational ones will cost you.
<a href="http://www.midwest.net/scribers/dsmith/">Heh</a>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGnQnwwyfvCScyE5AQHzIQQAklOHwzKJY9P2DqAvdf4Rn1aZUNcqW3bz
rk/FCrQP19WxqyTsO7RcRQ6q5ziwqU4qbMu+Xyci2qT0wEnOKFYhauLgLd0xxttA
7sqX9pEQVbLN9KCGz5AqFwDNlqVcdMqu0yo8s5gprmCFxDh0hXzt880rNn8tP6Id
ErrhJ2NToZo=
=0KRe
-----END PGP SIGNATURE-----