[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Key Security Question




> > > On the other hand, if the "repairman" replaced your pgp executable
> > > with version 2.6.3kgb, which uses your hashed passphrase as the
> > > session key, you're hosed.  Or if he installed a keystroke sniffer,
> > > or added a small radio transmitter to your keyboard, or whatever.
> > > Depends on your threat model.  If you need to be paranoid,
> > > they've already gotten you....
> > 
> > If you're really paranoid, you can boot from a clean floppy and
> > reinstall everything from your backup tapes. You do have a
> > contingency plan in case your hard disk goes bad, or gets a
> > virus, don't you? Well, if you're in doubt, exercise it.

Face it, the only solution is to wrap your computer, cat, family, car 
and yourself in aluminium foil and burn your hard disk whilst 
chanting "yamma yamma yamma yaaaaamaa"


  Datacomms Technologies web authoring and data security
       Paul Bradley, [email protected]
  [email protected], [email protected]    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: 5BBFAEB1
     "Don`t forget to mount a scratch monkey"