[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Key Security Question
Z.B. wrote:
>
> My computer went into the shop a few days ago, and I was unable to take
> my PGP keys off it before it went in. What are the security risks here?
> If the repairman chooses to snoop through the files, what would he be
> able to do with my key pair? Will I need to revoke the key and make a
> new one, or will I be relatively safe since he doesn't have my
> passphrase?
If the repairman has your pubring and secring files, you can now
consider them in the same light as a 'busted flush'.
Chances are, he has neither the capability nor the interest in
popping open your deep, dark secrets. On the other hand, if he
returns your computer with a 'shit-eating grin', you may be in for
a world-of-hurt.
My advice would be for you to check your 'paranoia level' and,
if you are a quart low, then read Phil Zimmerman's PGP documentation
once again, and make your decision based on the reality of the
possibilities involved.
Toto