User Awareness Alert: Open source digital signatures might be vulnerable

“A pair of security bugs in cryptography software could allow an attacker to insert content into a digitally signed message or forge signatures on files.

“The flaws lie in the open-source GNU Privacy Guard software, also known as GnuPG and GPG, the GnuPG group said in two alerts. The software, a free replacement for the Pretty Good Privacy cryptographic technology, ships with many open-source operating systems such as FreeBSD, OpenBSD and many Linux distributions” (By Joris Evers, CNET News.com Published on ZDNet News:¬†March 10, 2006, 2:38 PM PT).

Read the rest of the article

Listen to our podcasts –> add to my PodNova

Free Security Training available at http://adventuresinsecurity.com/SCourses.html

 

Leave a Reply

You must be logged in to post a comment.