Page "Pretty Good Privacy" Paragraph 15

New versions of PGP are released periodically and vulnerabilities are fixed by developers as they come to light.

Any agency wanting to read PGP messages would probably use easier means than standard cryptanalysis, e. g. rubber-hose cryptanalysis or black-bag cryptanalysis i. e. installing some form of trojan horse or keystroke logging software / hardware on the target computer to capture encrypted keyrings and their passwords.

The FBI has already used this attack against PGP in its investigations.

However, any such vulnerabilities apply not just to PGP, but to all encryption software.