[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: key for Alice as promised (not)

On Tue, 28 Nov 1995, Adam Hupp wrote:

> >Can you imagine??  I'm simply not willing to fool myself into thinking 
> >that I ahve security by posting a key and using PGP.
> Unless you can post some proof that PGP is insecure, stop insisting it is.

Hold on a minute.  Alice is, here, 100% correct.

If I use PGP to read messages and there's a videocamera trained on the 
keyboard, and other people have access to the machine, PGP is not 
secure.  Similarly, if PGP is on a computer which other people may use 
without my supervision, they can  monitor keystrokes, etc. and PGP is not 

A chain is only as strong as its weakest link; Alice recognizes this, and 
makes no claim that PGP itself is the weak link.  The weak link is the 
physical security of the system which Alice claims to use.

Jon Lasser                <[email protected]>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.