[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using PGP on Insecure Machines



-----BEGIN PGP SIGNED MESSAGE-----

> You can reduce these problems by running a _real_ operating system on your PC,
> but it's tougher to run your favorite applications that way,
> and you still need to either run all your mail down to the PC,
> which isn't practical for lots of people, or explicitly forward
> the stuff down there from your main mail system.
> 
> There's another transparency problem, at least for reading encrypted mail -
> you either need to type in your passphrase each time, which is annoying and
> increases exposure somewhat, or you need to leave it aorund in environment
> variables, etc., which also increase exposure.

I use Linux at home, and uucp my email down at regular intervals to the
box at home.  When I want to run windoze, I just say "reboot".  The Linux
uucp runs just fine, and talks to everyone else, as far as I know. 

I keep my PGP pass phrase in $PGPPASS, although I have to type it in every
time I log in - small price to pay.  The machine at home is pretty secure 
- - I hope!  :)


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLl0efyS9AwzY9LDxAQGtygP9GjJtTV+0O+RNzC2+4ypQ0i18gY36kZh5
1KekzPYZQtQdNxUwsziRENhr1UC4GT/BI0m83Bf74jHl/fFJXOzeoGJQLLJwnufD
XT/HnRlOHa6DR3ZxrEH3BomnWHqCzUhGk5khnf9VdU6qi6kNJyLCf40R2BdtAxRf
YzDt2q7Bw1k=
=9Zxg
-----END PGP SIGNATURE-----