In message <[EMAIL PROTECTED]>, Harald Hanche-Olsen writes: >As is pointed out in the referenced article, this macro virus only >steals the (encrypted) private keyring, and hence private keys are >still safe unless the attacker can break the encryption. Which he can >easily do with a dictionary search, if the user has been overly >simplistic in her choice of pass phrase. Right. There was a paper presented this morning at NDSS on just how bad folks are at picking Kerberos passphrases. In other words, people haven't taken advantage of the freedom to use more than eight characters to improve their behavior. The same likely applies to PGP.
- Re: PGP compromised on Windows 9x? Nelson Minar
- Strengthening the Passphrase Model ... Arnold G. Reinhold
- Re: Strengthening the Passphra... Rodney Thayer
- Re: Strengthening the Pass... Ben Laurie
- Re: Strengthening the Passphra... Bill Frantz
- Re: Strengthening the Pass... Bill Stewart
- Re: Strengthening the Passphra... David R. Conrad
- Re: Strengthening the Passphra... David R. Conrad
- Re: Strengthening the Pass... Bill Frantz
- Re: PGP compromised on Windows 9x? Jim Gillogly
- Re: PGP compromised on Windows 9x? Steven M. Bellovin
- Re: PGP compromised on Windows 9x? Jon Callas
- Re: PGP compromised on Windows 9x? Arnold G. Reinhold
- RE: PGP compromised on Windows 9x? Tom Garner
- Re: PGP compromised on Windows 9x? Michael J. Fromberger
- RE: PGP compromised on Windows 9x? David R. Conrad
- Re: PGP compromised on Windows 9x? Michael Motyka
- RE: PGP compromised on Windows 9x? Walter Burton
- Re: PGP compromised on Windows 9x? Steve Bellovin
