Mitigating Poisoned PGP Certificates (CVE-2019-13050)

Cert Flooding Featured Image

This article will describe PGP Certificate Flooding attacks as well as inform the reader

How to detect if you have a poisoned certificate in your keyring, How to identify & clean the poisoned cert, and How to update the configuration to prevent it from importing poisoned certs in the future

Last month, an attacker spammed several high-profile PGP certificates with tens of thousands (or hundreds of thousands) of signatures (CVE-2019-13050) and uploaded these signatures to the SKS keyservers.

Without looking very deep, I quickly stumbled on 4 keys that were attacked last month:

. . . → Read More: Mitigating Poisoned PGP Certificates (CVE-2019-13050)

Sabayon, KDE, and Evolution

I recently reformatted my hard drive--switching from pure Gentoo to the Sabayon fork. Sabayon did for Gentoo what Ubuntu did for Debian. It's generally a lot easier to use, but--unlike Ubuntu--it doesn't sacrifice functionality for ease-of-use.

. . . → Read More: Sabayon, KDE, and Evolution