-----BEGIN PGP SIGNED MESSAGE----- Okay, so I'm signing my messages now. At least your proposed sign-or-delay rule has had its intended effect on one user here :) My question is: What is the group's opinion on the use of SecureDevice to store sensitive data as an encrypted volume under DOS on a PC? (I am assuming here that enough people know what I'm referring to not to explain.) I've moved all my email, sensitive data files, and PGP keyrings over to this new volume. Given all that I've read on the IDEA encryption method, I feel comfortable that the data is essentially secure from everything but a brute force attack on the key, or carelessness on my part. I'm sure that the magnetic fingerprint of the original data files still remains scattered over the rest of the hard disk, but I'm not as worried about this (yet--the more I read this list, more paranoid I seem to get :) Someone posted about using CFS under Linux to store his PGP secret keyring, without a keyring pass phrase. The idea here was that when the system was powered off, CFS provided sufficient security to protect the secret keyring. This would allow the user to automate the use of PGP with scripts to send and receive encrypted mail, without the need to deal with piping in or otherwise supplying a pass phrase. Would anyone consider this foolish? I can take the same argument here with SecureDevice--I only 'login' to the drive with my passphrase when I am using it, and when the machine is off, the encrypted volume protects the secret keyring by default. The weakness here is that should I step away from my machine and carelessly forget to 'logout' of the secured drive, my secret key is wide open for someone to steal. On an entirely different note: I use MS-Windows on the PC platform for my internet access due to the variety and relative availability of Windows Sockets based software. Call me a traitor to the cause, all Microsoft bashing aside, but I really do prefer the GUI interface to mail, FTP, telnet, and WWW than the Unix command line oriented tools to do the same. I also have Linux installed on a different machine, and am slowly learning all the neat and wonderful things one can do with it. I haven't quite gotten X Windows configured properly, but I wonder if all the same internet access tools I mentioned exist as X apps. This would allow me to get all the benefits of Unix, while retaining the ease-of-use benefits of a GUI environment. Forgive me if these are naive questions--I'm a lowly DOS/Windows user just now starting to see the light of Unix :) Another question: How feasible would it be to build a system under Linux/X Windows to automate PGP encryption and signatures in a transparent way, using an X windows mail reader? People have done this with Pine/Elm, so I assume the same techniques would work under X. Gosh, really showing my ignorance here :) - ----------------------------------------------------------------------- Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan@netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys@pgp.ai.mit.edu Subj: GET jcorgan - ----------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLtr+6E1Diok8GKihAQFGLgP/e2BN0W+QOpRwnj7JmIVUgl0cQaNeXpTS tvSmarhiSSQy6+6uC7XdOHWlJJ8qavbwr8LguMTcFIU8LFSp0jCiQcUj5Jxt9oSV evpeZXucwXsT/kh3m97MRiwqOxkjFED1h7zjKbJrHxdI/TkGPUXUmP815Am6eVqB qwY9W3lqeSs= =n+Df -----END PGP SIGNATURE-----