Re: PGP's "only for your eyes"
-----BEGIN PGP SIGNED MESSAGE----- [To: cypherpunks@toad.com] [Subject: Re: PGP's "only for your eyes"] Usuario Acceso2 <acceso2@diatel.upm.es> wrote: Maybe some of you already know about this. Whe reading PGP's "Only for your eyes" messages, the program creates a temporary file containing the plaintext in the directory where the cyphertext file is. So, don't worry about this option, it's quite useless. The manual points out that you shouldn't rely on it. Its main purpose is simply to prevent accidentally or automatically leaving the plaintext lying around, not to actually securely guarantee that behaviour. After all, you could always cut-and-paste the text, or (since you have the PGP source) alter PGP to ignore the flag. The real problem is not what it does, but what people *think* it might do. I take that back. When I check the manual, it doesn't say that it is insecure. It really ought to. At least one of the books about PGP does though, I know I've read it somewhere other than email. Chris McAuliffe <cmca@alpha.c2.org> (No, not that one.) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBMRfm+oHskC9sh/+lAQHgygQAs4gsA3DWORL06++EpiQahmDOj6JZJKaD CTkljTcGA1WoY6LNEwGrEMBSs1NoaY6JT+KgxAeP/HOxTJDKwRkAdU+/psjMT9t6 rqERq6HerBKIBqUj/nOsbhnigA2U+e3gto9Fpvs5gld6oQvbyn3M56PWXrm9dbBX N2KqJ8BcQTE= =eRZ2 -----END PGP SIGNATURE-----
In article <199602062336.PAA24566@infinity.c2.org> cmca@alpha.c2.org (Chris McAuliffe) writes:
Maybe some of you already know about this.
Whe reading PGP's "Only for your eyes" messages, the program creates a temporary file containing the plaintext in the directory where the cyphertext file is.
So, don't worry about this option, it's quite useless.
The manual points out that you shouldn't rely on it. Its main purpose is simply to prevent accidentally or automatically leaving the plaintext lying around, not to actually securely guarantee that behaviour. After all, you could always cut-and-paste the text, or (since you have the PGP source) alter PGP to ignore the flag.
I've gotten burned by this because it created a temp file over NFS. If I'd been able to read the message with my mail reader "pgp -f", I would not have disclosed the information. The for your eyes only option is more than useless, it's dangerous.
The real problem is not what it does, but what people *think* it might do.
I take that back. When I check the manual, it doesn't say that it is insecure. It really ought to. At least one of the books about PGP does though, I know I've read it somewhere other than email.
David
participants (2)
-
cmca@alpha.c2.org -
David Mazieres