PGP software pirated
David Shaw
dshaw at jabberwocky.com
Mon Jun 11 19:39:59 CEST 2007
On Mon, Jun 11, 2007 at 10:21:16PM +0530, Hardeep Singh wrote:
> Hi All
>
> Someone gave me a PGP signed message that unlocks the paid version of
> PGP. Just to be sure it worked, I tried it and then uninstalled the
> software (I dont use pirated stuff, GPG is much better for me).
> However, does this mean that someone was able to find the private key
> for the key PGP uses to sign licenses? If that could be found, then
> probably our keys can also be cracked. While I personally find this
> impossible, I want to know how the hackers were able to give me a
> signed message? Is it possible they tweaked PGP to use their private
> key instead of PGPs and hence PGP is not really broken?
I suspect what you got was either someone elses license file, or
possibly something that patches the PGP code itself to bypass the need
for licensing.
Even if the PGP license key was somehow compromised (which I highly
doubt), it does not follow that "probably our keys can also be
cracked".
David
More information about the Gnupg-users
mailing list