what is killing PKI?
ljrhurley at gmail.com
Fri Aug 31 01:37:51 CEST 2012
-----BEGIN PGP SIGNED MESSAGE-----
I think Mark actually wrote that originally, in response to my query about what he meant regarding backup. Just in case that was me originally though, that list all breaks down to social engineering and rubber hose cryptanalysis. I'd assume though that the number of people who discuss PKI as pillow talk must be pretty low. Alcohol is a potential security risk I suppose. I've given lectures on worse when drunk. Hypnosis is ridiculous though. Not going to work. As for rbc and remote surveillance, you're done for. All but the last would still require access to the key as well though, assuming they don't have a problem torturing and stealing your laptop.
- -------- Original Message --------
From: MFPA <expires2012 at rocketmail.com>
Sent: Thu Aug 30 17:43:13 EDT 2012
To: Landon Hurley on GnuPG-Users <gnupg-users at gnupg.org>
Cc: Landon Hurley <ljrhurley at gmail.com>
Subject: Re: what is killing PKI?
On Thursday 30 August 2012 at 7:34:56 PM, in
<mid:8723caa5-4796-4f49-bbf3-4c933fdcaecb at email.android.com>, Landon
> More to the point: my passphrase never leaves my
> equipment and isn't recorded anywhere outside my brain.
> You can only get it by getting inside my computer.
Or by using a discrete surveillance camera to watch your key presses.
Or how about social engineering, alcohol, pillow talk, hypnosis,
rubber hose attack, etc.?
MFPA mailto:expires2012 at rocketmail.com
Dreams come true on this side of the Rainbow too!
Violence is the last refuge of incompetence.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.8
-----END PGP SIGNATURE-----
More information about the Gnupg-users