Would a smartcard address this private key compromising problem? On Mon, Jun 9, 2008 at 2:52 AM, Andrew Berg <[EMAIL PROTECTED]> wrote: > Robert J. Hansen wrote: >> >> If you don't have physical security over your hardware, you don't have >> anything. You cannot use GnuPG safely on a malicious machine > > Exactly. There are keyloggers (both hardware and software), screenloggers, > USB drive copy programs, and a lot of other nasty stuff you'll never see > coming. If the copy program picks up your key, and a keylogger or > screenlogger picks up your passphrase, your key is compromised. > >> it's like trying to make water not wet or bricks not heavy. > Bricks can be hallowed out. :P > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users >
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users