Protecting private key on USB flash drive: how to?
Robert J. Hansen
rjh at sixdemonbag.org
Fri May 9 20:02:14 CEST 2008
Faramir wrote:
> OMG... 8 highly complex steps... surely that will defeat any attempt
> to seize my private key...
Not really.
Imagine a piece of malware that looks for new drives to be mounted. As
soon as it gets mounted, the malware looks through the drive looking for
interesting data. Malware such as this already exists and has been
spotted in the wild.
As soon as you mount a TrueCrypt volume, it becomes subject to these
sorts of attacks. Note that the malware design doesn't have to
accommodate TrueCrypt at all. The design is simple enough and robust
enough to work regardless of whether you're using TrueCrypt or PGPDisk,
or whether you're plugging in a USB token or a FireWire external hard
drive, or... etc., etc.
I do not think very highly of this idea.
More information about the Gnupg-users
mailing list