public accounts / PGP / passphrases
Rich Salz
rsalz at osf.org
Thu Dec 1 19:25:46 PST 1994
> >Could someone please elaborate on the foolishness of using PGP with a
> >passphrase on a public machine (as I do) ? Am I wrong in thinking that my
> >secret key is useless to an intruder until she guesses my passphrase ?
The sys admin can change the kernel running on your machine. A special
kernel can be built so that when a particular user is typing on a tty
and the executing process is named "pgp" then all keystrokes they type
are recorded into a file for the administrator to read later on.
The local machine must be part of the trusted computing base.
/r$
More information about the cypherpunks-legacy
mailing list