[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: public accounts / PGP / passphrases

To: [email protected]
Subject: Re: public accounts / PGP / passphrases
From: Rich Salz <[email protected]>
Date: Thu, 1 Dec 94 22:21:57 -0500
Sender: [email protected]

> >Could someone please elaborate on the foolishness of using PGP with a
> >passphrase on a public machine (as I do) ?  Am I wrong in thinking that my
> >secret key is useless to an intruder until she guesses my passphrase ?

The sys admin can change the kernel running on your machine.  A special
kernel can be built so that when a particular user is typing on a tty
and the executing process is named "pgp" then all keystrokes they type
are recorded into a file for the administrator to read later on.

The local machine must be part of the trusted computing base.
	/r$

Prev by Date: Mighty morphing power cypherpunks
Next by Date: Re: Why nothing works <g> [Was: Mandatory sig workaround]
Prev by thread: Re: public accounts / PGP / passphrases
Next by thread: Re: public accounts / PGP / passphrases
Index(es):
- Date
- Thread