|Subject:||Re: [Duplicity-talk] Stream Vulnerability|
|Date:||Sun, 31 Aug 2014 14:10:45 +0000|
On 29.08.2014 23:30, Jonathan Brown wrote:
> Could anyone tell me if Duplicity is vulnerable to stream encryption vulnerabilities utilizing GPG? This blog post talks about issues affecting encryption that uses GPG and I would like to know if there is any reason to be concerned. Thanks
> https://www.imperialviolet.org/2014/06/27/streamingencryption.html <mailto:address@hiddenorg>
it's unclear to me how an attacker might use this vulnerability in case of duplicity. can you give an example?
generally duplicity has all flaws of gpg. volumes/files are created by piping them into a gpg process and using the resulting encrypted files.
Duplicity-talk mailing list
|[Prev in Thread]||Current Thread||[Next in Thread]|