Author: Oliver Egginger 2014-03-23 00:59:50
Published on: 2014-03-23T00:59:50+00:00
On March 22, 2014, Mike Hearn sent out a warning to Bitcoin users regarding fake PGP keys being created to sign popular pieces of crypto software. This was likely done to make a MITM attack appear more legitimate, possibly by an intelligence agency. Users were advised to be cautious and ensure they are using the correct key when verifying Bitcoin downloads. In response to difficulty in finding keys initially, a user created a side for documentation, which is now outdated. Though ordinarily people fetch the keys by key-id from a well-known key server, Gavin Andresen's GPG key can be found through a Google search. Despite this, the user expresses gratitude that any signing has been done and verifies it themselves.
Updated on: 2023-06-08T15:42:08.525171+00:00