Confirmation for cached passphrases useful?

Faramir faramir.cl at gmail.com
Mon Oct 18 05:44:18 CEST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

El 17-10-2010 23:47, Robert J. Hansen escribió:
...
>>  And if one day the user finds it has been disabled somehow, the user
>> might become aware of some malware in the machine...
> 
> By this logic every user should have a big piece of Scotch tape on the center of his or her screen.  If the piece of tape is ever missing, then you know someone's been tampering with your machine.

  Yes, something like that. That's why I installed something supposed to
warn me if a unknown process tries to communicate with another process.
If it works as expected, I would get a warning about trojan.exe trying
to access Agent, and I would have to chose between blocking it, allowing
it, and making a rule from my decision to prevent future warnings about
the same thing.

  I'm not requesting that feature, I don't need it, but it won't bother
me if somebody decides to implement it, as long as it can be disabled.
Also, since software is always changing, many times in annoying ways
(I'm _not_ talking about GnuPG), probably soon or latter I'll have to
get used to a confirmation screen where there was none in the previous
version.

  I think I won't participate in _this_ discussion anymore, since I
already said I'm neutral about that feature, and don't have anything to
say that might be valuable to the discussion.

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJMu8KSAAoJEMV4f6PvczxAyxoH/RJMkGI6Z8AvO8/hdrAC1rgG
tIqlV3IIk4EamOnIEFbEV7E2K8QiY3W7kjx30i1ELe+jfStfpgG70gpuYI3ZgODw
GjaVI2eiZcjOrtkQ+ToSlyVrlf5IY196kvMgpyda+ARZQNCMcu015rhz0RIC0P/5
TZcu2z+mfwbxOr3UYSau9xzd4EI8ivjFroh+SpaysPw0JkFKtAndCmzXLOqH5eH5
VArfiqDPBjdExxzaT3iInfHrJPZCuSlfwIwNK6n252LCkruf+tdoykYEC/2CrvI7
4rQJPTmGXca+98YgRpdFXxbf7o7gGjwI/vF1+HvlS4C1o4990DyYvZ8itDKBXPM=
=mrQ+
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list