|
From: | Martin Pool |
Subject: | Re: [Duplicity-talk] Stream Vulnerability |
Date: | Sun, 31 Aug 2014 14:10:45 +0000 |
On 29.08.2014 23:30, Jonathan Brown wrote:
> Could anyone tell me if Duplicity is vulnerable to stream encryption vulnerabilities utilizing GPG? This blog post talks about issues affecting encryption that uses GPG and I would like to know if there is any reason to be concerned. Thanks
>
> https://www.imperialviolet.org/2014/06/27/streamingencryption.html <mailto:address@hiddenorg>
>
>
it's unclear to me how an attacker might use this vulnerability in case of duplicity. can you give an example?
generally duplicity has all flaws of gpg. volumes/files are created by piping them into a gpg process and using the resulting encrypted files.
..ede/duply.net
_______________________________________________
Duplicity-talk mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
[Prev in Thread] | Current Thread | [Next in Thread] |