How secure is GnuPG

[Janusz A. Urbanowicz]

-- Start of PGP signed section.
> From: Johan Wevers [mailto:johanw@vulcan.xs4all.nl]
> >Yes, don't use windows, and if you have to, certainly
> >don't use IE and outlook and outlook express.
> 
> Keyboard sniffing is possible on Linux and just about any OS if
> it is compromised at root. Linux machines and client applications

There is an excellent article on it in today's Phrack.

But there is a way to avoid passphrase logging with keylogger. The solution
was used in Tinfoil Hat Linux (and it was the only interesting thing in it).
It works like that - for every letter off passphrase, there is a random
table of characters displayed and user enters coordinates of appropriate
letter. Since new table is generated every time, keyloggers are defeated.
But, it is very inconvenient.

Alex