On Sat, 16 Dec 2017 09:34, ber...@debian.org said: > passphrase by default. I didn't find any rationale behind this change. See: > https://github.com/gpg/gnupg/commit/3d78ae4d3de08398fabae5821045a3a1da6dadbe
[ Please dont reference an arbirary repo mirror of gnupg. Either use the Debian repo or upstream. ] > I think this is a surprising change and a major security vector. It's > easy with a "follow mouse pointer" focus mode to get one password I don't think that this is a major security vector. In fact we even considered to create keys by default w/o passphrase. Most users don't have a tightened up box and those who have that know what to do: * agent: Option --no-grab is now the default. The new option --grab allows to revert this. Over the years we have received so many request to allow c+p of the passphrase and to treat the pinentry as a normal entry field. On most current desktops the grabbing does not work reliable or is ineffective due to the underlying GUI system. GNOME and macOS use there own passphrase manager anyway and more or less bypass the pinentry. On Windows it has no effect either. Also X and the need for grabbing is more and more replaced by Wayland or whatever thing distros like these days. Under the general directive to make GnuPG easier to use for the masses we changed some of the defaults. Those who have a need for securing there systems need to work up a lot on their configuration anyway, and thus adding a few options to GnuPG is just one more point on a list of hundreds of items to care about. Back in the days when Debian defaulted to the most secure configuration, the grab was of course justified. When I install a new Debian box today I have to disable a lot of services before I can reasonable say, I did something to secure that box. The question is whether we want to do something against mass surveillance or help a small group of targeted persons to secure their machines by default. We can't do both. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpQYzKqHzG3S.pgp
Description: PGP signature