Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - PGP Vulnerability -- No Fix for Freeware Version (cert.org)

DERoss writes: PGP Desktop — used to encrypt or digitally sign E-mail and files — contains a serious vulnerability in current versions 10.0.3 and 10.1. This vulnerability allows a signed message or file (or sometimes a signed and encrypted message or file) to be altered without invalidating the signature. This makes it impossible to use a digital signature to verify the integrity of a message or file. While many individual, non-commercial users of PGP Desktop use the freeware trial version, Symantec will not provide a fix except for the purchased version. For non-technical details, see [http://www.rossde.com/PGP/pgp_weak.html#inject].
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

PGP Vulnerability -- No Fix for Freeware Version

Comments Filter:

"Stupidity, like virtue, is its own reward" -- William E. Davidsen

Working...