ichudov@algebra.com wrote:
- Whenever I need to do something secret, like reading pgp-encrypted messages, use ssh to connect from that laptop to my main Unix host (manifold.algebra.com) and read those off of the laptop screen. How secure would that arrangement be? At present, I do not feel that the additional security is worth even $700, but who knows, that may change.
If you're doing it for isolation reasons (keeping private stuff on your laptop instead of your Internet-connected machine to reduce breakin risks), it may be worth something. If you're doing it for TEMPEST, don't bother; laptops may put out less than CRTs, but I've still had my laptop emit signals that showed up on a nearby TV semi-legibly (out of sync, but Bad Guys can deal with that...) If you find a TEMPEST-shielded PC at an NSA Surplus auction, it'll probably be a 386 at best, and maybe a 286, so it may not be fast enough to bother with. Shielding this stuff is a Black Art, though paying a lot of attention to cables and boxes and tight corners with metal connectivity helps a lot. And just using a slower processor instead of that 200MHz microwave tower also helps. On the other hand, Matt Blaze has done some good work on cooperative encryption between smartcards and real computers, where the smartcard does a critical part of the computation and the bigger computer does the bulk of the work; you could still keep your secret keys on the slow shielded box. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.)