A safe text editor
gnupg at oneiroi.net
Sun Sep 9 21:06:23 CEST 2012
On 09/09/2012 08:39 PM, Peter Lebbing wrote:
> On 09/09/12 13:12, Milo wrote:
>> Also there are vim scrips allowing some level of integration with gnupg.
> Personally, I'd have more faith in a text editor that was written ground-up with
> security in mind. If you take a full-fledged editor that was never intended to
> hide the contents, and then bolt on the security with some scripts, it's quite
> likely you're missing some way in which it is leaking your data.
> On the other hand, you have to consider your threat model. It could be enough.
> But I wouldn't be surprised if that nephew of yours who's good with computers
> got hold of one of your passwords, greps your whole hard disk for that password,
> and thus uncovers some temp file or swap page with all your passwords neatly
> arranged around that one password he knew.
> By the way, I don't suspect vim scripts can lock memory pages, so it could
> indeed very well be a swapped out memory page that will match the grep expression...
I'm not sure what you are trying to say/prove by polemics with things I
didn't wrote. I won't speculate about your faith in editors, your threat
model, and probably there is no real point for you to speculate about my
(possible) family and my hard drive data arrangement.
More information about the Gnupg-users