One Time Password and GnuPG
eocsor at gmail.com
Mon Jun 9 06:00:01 CEST 2008
Would a smartcard address this private key compromising problem?
On Mon, Jun 9, 2008 at 2:52 AM, Andrew Berg <bahamutzero8825 at gmail.com> wrote:
> Robert J. Hansen wrote:
>> If you don't have physical security over your hardware, you don't have
>> anything. You cannot use GnuPG safely on a malicious machine
> Exactly. There are keyloggers (both hardware and software), screenloggers,
> USB drive copy programs, and a lot of other nasty stuff you'll never see
> coming. If the copy program picks up your key, and a keylogger or
> screenlogger picks up your passphrase, your key is compromised.
>> it's like trying to make water not wet or bricks not heavy.
> Bricks can be hallowed out. :P
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
More information about the Gnupg-users