On Jun 23, 2009, at 7:28 AM, Werner Koch wrote:
On Sun, 21 Jun 2009 00:10, t.e...@yahoo.com said:
So, here is the question: Is is possible to secure gpg (or PGP or
TrueCrypt for that matter) on a Windows system?
If you have the ability to run a program if hibernation kicks in, you
may want to run:
gpgconf --reload gpg-agent
That deletes the passphrase cache. I assume that you are using a
recent
version of gnupg2.
If possible, I'd also add a pause for running gpg processes to exit to
cover a small race condition. Even if the passphrase cache is wiped,
if there is a running gpg process at suspend time, secret material
could still be caught in the hibernation data. GPG does wipe its
memory for things like session keys (to the limit that such things can
be done in software), but the process has to complete for the wipe to
happen.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
