Confirmation for cached passphrases useful?
Robert J. Hansen
rjh at sixdemonbag.org
Sat Oct 16 00:23:04 CEST 2010
> Ok, then this protects against malicious programs that are not
> intercepting the dialog box.
Which means that six months after this feature gets implemented, the malware authors will write exploits that intercept the dialog box.
Arms races are inevitable, but stupid arms races should be avoided.
> Don't let the perfect be the enemy of the good.
I'm not. This idea isn't good.
More information about the Gnupg-users
mailing list