lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040320233330.GA12212@hockwold.net>
From: warlock at eskimo.com (Jim Richardson)
Subject: Re: pgp passphrase

On Sat, Mar 20, 2004 at 03:29:56PM -0800, Blue Boar wrote:
>Jim Richardson wrote:
>
>>>>Key won't do them much good if they don't have my passphrase :)
>>>cant the key be bruteforced in some kind of distributed fashion ? like
>>>spam sending bot we could also have key brute forcing bots ....
>>dunno, I'd be willing to listen to evidence that it could, but put it
>>pretty low down on the list of things to worry about.
>
>No need, the worm would steal the passphrase while it was running on 
>your host.
>
>					BB
>


I would be interested to see how it would accomplish that. 


-- 
Jim Richardson     http://www.eskimo.com/~warlock
"I worry that the person who thought up Muzak may be thinking up
something else."
     --Lily Tomlin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040320/9d6fca9a/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ