gpg on public system?

[Matthias Urlichs]

Hi,

Jan Petranek:
> > No, this is impossible.  If the system is insecure, you cannot keep
> > your private keys secret.
> 
> Well, that indeed is a point. So I have to put up with minimizing the
> risks. Any suggestions to that?
> 
The CD-ROM idea is good and not easily improved upon.

You might want to check the machine's process list for stuff that
doesn't usually run on it, or which masquerades itself (like for
instance a "ls" which runs for longer than a couple of seconds, or a
"top" that uses a significantly different amount of memory than the one
you're running).

All of this can also be faked, of course, but you already knew that.  :-/

-- 
Matthias Urlichs     |     noris network AG     |     http://smurf.noris.de/
-- 
One of the secrets of a long and fruitful life is to forgive everybody
everything every night before you go to bed.
                                -- Ann Landers