Good morning, a security auditor emailed me his private pgp key

@moonman he is testing you

Assert dominance by signing all your communication with his key.

@pony it would be nice to think that

@moonman haven't been long in that business so far but I can attest to the total lack of security knowledge or protocol in many of these people. Certification is mostly a sham.

@moonman post it or it didn't happen :>

@moonman our security auditors ran some weird testing for open X11 connections that was made to trick me into giving them root on my machine, but because i was running the X server on windows, it failed in a way that gave me root terminal on theirs

@moonman humph, i bet he sends that to all the girls

@moonman I had a consultant insist I use his pgp private key to decrypt. I had to inform him that “my private key is private.” And if there was one thing I learned in my encryption class, it was that.