"--for-your-eyes-only"

[Werner Koch]

On Tue, 28 Jun 2005 04:58:52 -0400, Charly Avital said:

> I may not understand what you mean by "portable".
> I suppose that a secure viewer (software program) could not be nearly
> ported to GnuPG?

GnuPG is a command line tyool which only manges text input and output
and as such it is pretty portable.

For a viewer you need a graphical user interface to be able to display
custom made fonts.  Portability is harder to achieve than with text
tools but in general not a real problem.  However, it is a well known
paradigm on Unix to have small specialized tools and not to put every
thing into one big application.  A secure, or well better tempest
resistent, viewer should for sure be done as a separate application or
as part of a gpg frontend.

> I shall not discuss whether TEMPEST attacks, when targeted to CRT or LCD
> displays pose a real threat to encryption users (who is the targeting
> agent? who are the targeted/chosen users?) because I have no expertise
> or even reasonable knowledge of the technological aspects of that issue.

See http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-577.pdf for the
theory and examples of tempest attacks.

> But if it is, in fact, a viable way to breach confidentiality, it is
> possible that GnuPG could consider to include an external secure viewer
> program in future developments. As a matter of fact, according to
> Werner's email, some work has already been done, and is included in the CVS.

Well, there has not been much work done.  It was planned for some
later GPA releases but development of GPA more or less stopped so we
are not quite where we wanted to be a long time ago.

A simple text renderer as an alternative to less(1) on X would be
useful for quite some applications.  IIRC, GNOME has a gless tool
which could be enhanced by using filtered fonts.  I new text widget
for GTK+ is probably the best way to achieve this.



Salam-Shalom,

   Werner