> On 14 May 2018, at 14:47, Dan Kegel <d...@kegel.com> wrote: > > Anyway, if you have a checkbox for 'automatically decrypt', you might > consider unticking it.)
This may not be sufficient. It’s not just automatic decryption but any decryption at all in the client that can trigger a callback. In the PGP case the attack is noisy, so you *may* have a chance to protect yourself before the damage is done if manual decryption is required for each attempt. But that assumes that a human being can reliably distinguish the attempts, which assumes a high level of knowledge of the attack procedure. A _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
