Key Security Question

paul at fatmans.demon.co.uk paul at fatmans.demon.co.uk
Mon Feb 3 10:04:02 PST 1997



> > > On the other hand, if the "repairman" replaced your pgp executable
> > > with version 2.6.3kgb, which uses your hashed passphrase as the
> > > session key, you're hosed.  Or if he installed a keystroke sniffer,
> > > or added a small radio transmitter to your keyboard, or whatever.
> > > Depends on your threat model.  If you need to be paranoid,
> > > they've already gotten you....
> > 
> > If you're really paranoid, you can boot from a clean floppy and
> > reinstall everything from your backup tapes. You do have a
> > contingency plan in case your hard disk goes bad, or gets a
> > virus, don't you? Well, if you're in doubt, exercise it.

Face it, the only solution is to wrap your computer, cat, family, car 
and yourself in aluminium foil and burn your hard disk whilst 
chanting "yamma yamma yamma yaaaaamaa"


  Datacomms Technologies web authoring and data security
       Paul Bradley, Paul at fatmans.demon.co.uk
  Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: 5BBFAEB1
     "Don`t forget to mount a scratch monkey"






More information about the cypherpunks-legacy mailing list