I suppose they could also keep the decrypted key in memory using something like ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lilyball on April 16, 2013 \| parent \| context \| favorite \| on: Security incident update I suppose they could also keep the decrypted key in memory using something like gpg-agent.

stock_toaster on April 17, 2013 [–]

I read somewhere (can't remember where now) that the hacker supposedly dumped the key from memory. My guess is they type in the passphrase on boot or something, and it lives in an agent thereafter.

lilyball on April 17, 2013 | [–]

I haven't seen that anywhere, and I find it unlikely.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact