On Mon, Mar 08, 2004 at 09:19:23AM +0000, Ben Laurie wrote:
And it doesn't even work in theory - once your PC is hacked, the passphrase would be known the first time you used it.
True, but in the current threat model passphrase snarfing is yet negligible (keyloggers look for credit card info, etc.). Also, the fraction of 0wn3d to pristine machines is low, and likely go become lower in future. So the egress points of spam remain few, and if they come with signatures, so much better for us. If they don't come with signatures, or use variable signatures (if you disregard entropy pool issues, how many signatures/min can you churn out on a desktop PC?), ditto (if you compute spam score by signed, and know signed vs unsigned). *BSD and Linux penetration rate (desktop, not server) is low, Redmondware is about to become similiarly hardened at the network layer. Things are still a bit dismal at the userland executable level, but security has become a selling argument. So, sooner or later, they will have to start selling something palpably more secure, instead of just waffling about it. The passphrase locking idear won't fly, but a biometrics-lockable wallet could. Isn't part of Pd envelope goal establishing a tamper-proof compartment? We know Pd is evil, but once hardware support is everywhere, one can as well use it for something positive, for a change. -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]