Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
ckastner
on Aug 16, 2016
|
parent
|
context
|
favorite
| on:
Fake Linus Torvalds' Key Found in the Wild, No Mor...
Linus' fake key [1], as well as all the others from the random sample I took, have been revoked as of today.
[1]
http://pgp.mit.edu/pks/lookup?op=vindex&search=0xEA185A5E76E...
.
brians
on Aug 16, 2016
[–]
So the evil32 people kept the private keys. That's exciting.
mpasternacki
on Aug 16, 2016
|
parent
[–]
Not necessarily, they might have just generated revokation certs which are separate (so that they can be used in case your private key is lost). Keeping a revokation cert would be a responsible thing to do, just in case something like this happens.
lilyball
on Aug 16, 2016
|
root
|
parent
[–]
They had an old backup that contained the private keys. See this comment
https://news.ycombinator.com/item?id=12298230
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
[1] http://pgp.mit.edu/pks/lookup?op=vindex&search=0xEA185A5E76E....