Confirmation for cached passphrases useful?
Grant Olson
kgo at grant-olson.net
Sat Oct 16 00:34:58 CEST 2010
On 10/15/10 5:04 PM, Jameson Rollins wrote:
> Don't let the perfect be the enemy of the good.
>
But is it good? To me this feature seems like "security theater." It
makes you feel all warm and fuzzy and lets you sleep at night, but
doesn't provide any real protection.
Is it good to have users thinking that there's no way their box can be
compromised, because they're not getting pop-ups, when in reality they
may be completely compromised? Do the percieved protections of this
feature come anywhere close to the actual protection provided?
--
Grant
"I am gravely disappointed. Again you have made me unleash my dogs of war."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 559 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101015/9fadf7e0/attachment-0001.pgp>
More information about the Gnupg-users
mailing list