[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SecureDevice/X-Windows
-----BEGIN PGP SIGNED MESSAGE-----
Okay, so I'm signing my messages now. At least your proposed sign-or-delay
rule has had its intended effect on one user here :)
My question is: What is the group's opinion on the use of SecureDevice to
store sensitive data as an encrypted volume under DOS on a PC? (I am assuming
here that enough people know what I'm referring to not to explain.)
I've moved all my email, sensitive data files, and PGP keyrings over to this new
volume. Given all that I've read on the IDEA encryption method, I feel comfortable
that the data is essentially secure from everything but a brute force attack on the
key, or carelessness on my part. I'm sure that the magnetic fingerprint of the
original data files still remains scattered over the rest of the hard disk, but I'm
not as worried about this (yet--the more I read this list, more paranoid I seem to
get :)
Someone posted about using CFS under Linux to store his PGP secret keyring, without a
keyring pass phrase. The idea here was that when the system was powered off, CFS
provided sufficient security to protect the secret keyring. This would allow the
user to automate the use of PGP with scripts to send and receive encrypted mail,
without the need to deal with piping in or otherwise supplying a pass phrase.
Would anyone consider this foolish? I can take the same argument here with
SecureDevice--I only 'login' to the drive with my passphrase when I am using it, and
when the machine is off, the encrypted volume protects the secret keyring by default.
The weakness here is that should I step away from my machine and carelessly forget
to 'logout' of the secured drive, my secret key is wide open for someone to steal.
On an entirely different note:
I use MS-Windows on the PC platform for my internet access due to the variety and
relative availability of Windows Sockets based software. Call me a traitor to the
cause, all Microsoft bashing aside, but I really do prefer the GUI interface to mail,
FTP, telnet, and WWW than the Unix command line oriented tools to do the same.
I also have Linux installed on a different machine, and am slowly learning all the
neat and wonderful things one can do with it. I haven't quite gotten X Windows
configured properly, but I wonder if all the same internet access tools I mentioned
exist as X apps. This would allow me to get all the benefits of Unix, while
retaining the ease-of-use benefits of a GUI environment. Forgive me if these are
naive questions--I'm a lowly DOS/Windows user just now starting to see the light of
Unix :)
Another question: How feasible would it be to build a system under Linux/X Windows
to automate PGP encryption and signatures in a transparent way, using an X windows
mail reader? People have done this with Pine/Elm, so I assume the same techniques
would work under X.
Gosh, really showing my ignorance here :)
- -----------------------------------------------------------------------
Johnathan Corgan "Violence is the last refuge of the incompetent"
[email protected] -Isaac Asimov
PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html
Or send email to: [email protected] Subj: GET jcorgan
- -----------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBLtr+6E1Diok8GKihAQFGLgP/e2BN0W+QOpRwnj7JmIVUgl0cQaNeXpTS
tvSmarhiSSQy6+6uC7XdOHWlJJ8qavbwr8LguMTcFIU8LFSp0jCiQcUj5Jxt9oSV
evpeZXucwXsT/kh3m97MRiwqOxkjFED1h7zjKbJrHxdI/TkGPUXUmP815Am6eVqB
qwY9W3lqeSs=
=n+Df
-----END PGP SIGNATURE-----