Slashdot Mirror

← Back to Stories (view on slashdot.org)

Schneier et al Report PGP Vulnerability

Posted by timothy on from the speak-plainly dept.

SpaceTaxi writes: "Researchers reported that they were able to intercept and modify a PGP encrypted message so that, IF it is sent back to the attacker, the original message could be read by the attacker." The paper comes from Kahil Jallad, Jonathan Katz, and Bruce Schneier. Here is the Yahoo! article.

4 of 204 comments (clear)

  1. that's why they call it Pretty Good by krog · · Score: 5, Funny

    leaving the door open for instances like this.

    PEBKAC conquers all, as usual.

    --
    Cretin - a powerful and flexible CD reencoder
  2. Please stop by Anonymous Coward · · Score: 5, Funny

    Every day it seems like there is some new vulnerability discovered in one of our beloved secure communication tools/protocols (PGP, SSL, SSH, etc). This really hurts me a lot, as I feel my trust has been shattered.

    For this reason, I ask... no beg... all hackers, researchers, programmers, etc to please stop reporting these security problems. Find something? Keep it quiet! Don't tell anyone, and then no one will know, and we'll all still be safe. Maybe in a few years, you can quietly patch it up, and we'll all go on like nothing has happened. Sound good?

    Let's all follow Microsoft's lead on this one. Thanks guys!

  3. Applied Cryptography - 3rd Edition? by Shamanin · · Score: 3, Funny

    Errata from the desk of Bruce Schneier: Pay no attention to p. 584-587 of Applied Cryptography - 2nd Edition... I didn't know what I was talking about... now I do.

    --
    come on fhqwhgads
  4. IN RELATED NEWS, A NAME CHANGE... by Eric_Cartman_South_P · · Score: 4, Funny
    PGP Announces today that it will change its name to SGP.

    Sorta' Good Privacy.