Backup of encrypted private key on uncontrolled disks

Robert J. Hansen rjh at sixdemonbag.org
Thu Nov 20 19:53:18 CET 2014


> Hmm, I’m having a hard time imagining how someone could get me to
> divulge the passphrase if they couldn’t also get me to hand over the
> key backups I own. Of course, my imagination is not the limit here,
> so is there something I’m missing?

http://en.wikipedia.org/wiki/Robin_Sage

The people fooled by Robin Sage were all intelligence professionals of
one stripe or another.  These are people who have been vetted for their
reliability and discretion, and who regularly get briefed about efforts
by foreign powers to get information out of them.  They were all aware
of the risks.  Despite this, they were fooled.

It's really easy to point fingers at them and say, "man, what chumps."
But the reality is none of us on this list are different than they are.
We're human, with the same foibles and weaknesses, and I'm pretty sure
Robin Sage would rip through this mailing list like a chainsaw.

(For that matter, I have no reason to think one isn't doing so right
now.  It's worth thinking about.)



More information about the Gnupg-users mailing list