Someone has harvested my address
David Shaw
dshaw at jabberwocky.com
Thu Sep 11 23:55:25 CEST 2008
On Wed, Sep 10, 2008 at 03:29:03PM -0400, reynt0 wrote:
> On Wed, 10 Sep 2008, Sven Radde wrote:
> . . .
>> Am Montag, den 08.09.2008, 19:40 -0500 schrieb Robert J. Hansen:
>>> The conversation we're not having, which I think we should be having, is
>>> "how can we have trusted communications on a hostile network when we
>>> don't know if we really control our own PCs?"
>>
>> I guess we're not having this discussion because the answer is trivial:
>> "Not at all."
>>
>> Anyway, keep in mind that the "common" trojan does not target GnuPG
>> key/traffic/passphrases, AFAIK. It's more about harvesting email
> . . .
>
> I thought the original question was an interesting fundamental
> question, in general and as concerns gnupg. Is there some way
> of identifying the
> { user - encryption - software - OS - hardware - any etc } situation
> and components, where a way can be found to put the
> parts together such that even if how you're doing it is
> publicly known, and you are in very adverse conditions, you can still
> communicate at a level of privacy/security you want?
This question reminds me of the Alice and Bob dinner speech:
Against all odds, over a noisy telephone line, tapped by the tax
authorities and the secret police, Alice will happily attempt, with
someone she doesn't trust, whom she cannot hear clearly, and who is
probably someone else, to fiddle her tax returns and to organize a
coup d'etat, while at the same time minimizing the cost of the phone
call.
If you haven't read it, it's quite funny:
http://downlode.org/Etext/alicebob.html
David
More information about the Gnupg-users
mailing list