At 8:45 AM -0800 12/19/96, Dave Del Torto wrote:
At 12:25 am -0800 12/19/96, Bill Stewart wrote: ....
Be careful - PGP goes to a lot of effort to overwrite your passphrase when it's done using it; Norton or grep or other disk-crawlers are unlikely to do so, because that sort of paranoia's not part of their job [elided]
Indeed, and any malignant passphrase-snarfer is probably going to anticipate this counter-attack and scramble the text stream it saves invisibly so that disk sector searches will be unlikely to pop up your passphrase. We definitely need to build better defenses against this sort of thing.
The only way I know to solve this problem is to get a real operating system. This excludes the Mac, DOS and its descendents. First the kernel must be designed to prevent programs from installing themselves wherever they wish. (Gasp, even useful prrograms!) Second they must not be encumbered with piles of tools written by people with no sense of security. Such tools are often installed with more authority than they should require. There is a Unix system call that displays the most recent command that any user has typed. This call is used by the ps command to describe the origin of a task. Perhaps NT is new enough that it hasn't gathered all of these holes. I don't use NT so I wouldn't know.