One Time Password and GnuPG
Andrew Berg
bahamutzero8825 at gmail.com
Sun Jun 8 19:22:11 CEST 2008
Robert J. Hansen wrote:
> If you don't have physical security over your hardware, you don't have
> anything. You cannot use GnuPG safely on a malicious machine
Exactly. There are keyloggers (both hardware and software),
screenloggers, USB drive copy programs, and a lot of other nasty stuff
you'll never see coming. If the copy program picks up your key, and a
keylogger or screenlogger picks up your passphrase, your key is compromised.
> it's like trying to make water not wet or bricks not heavy.
Bricks can be hallowed out. :P
More information about the Gnupg-users
mailing list