Reply to post: Re: PuTTY's days are numbered

PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted

alain williams Silver badge

Re: PuTTY's days are numbered

I seem to recall PuTTY has had a mixed history when it comes to security (e.g IIRC there was a period where they had a trojanised copy hosted on the official website for quite some time before it got noticed).

PuTTY on MS Windows has a much greater problem than a, now fixed, trojan copy of PuTTY.

The whole operating system is a trojan, it has an in built key logger. You are supposed to be able to turn key logging off, but you can't completely switch off telemetry, what gets sent is encrypted (from the machine owner) -- so how do you verify that key stroke stealing is really disabled ?

I will not use PuTTY on a Windows machine - I would just not feel safe.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019