reynt0 wrote: > If you have mouse holes in your box, plugging at least the big ones, or > the ones you can reach, or the ones you can do > quickly, and so on, is still a good thing as long as you > are not opening up new holes which will make things worse.
This metaphor is appealing: it's also inaccurate. Let's say that you want to practice good fire safety in your home. You've checked the smoke alarms. You have a fire extinguisher in your kitchen. You've invested in electric induction rangetops instead of natural gas. Etc., etc. You believe there are many small, reasonable things you can do to prevent the risk of fire in your home. And, to be honest, you're correct: you are very well prepared for the overwhelming majority of potential home fires. Now someone drops a military incendiary bomb on your home. It crashes through the roof, lands in your living room, and a timer is counting down to zero. You can say, "well, we have fire extinguishers: we should at least /try/ to deal with the fire. Sure, there's going to be a lot of fire. But we can at least deal with the small ones, so long as we're not making it worse." You can also say, "this is double the worst trouble I've ever imagined," and run away so fast you leave a you-shaped hole in the wall on your way through it. I heartily recommend the second. Active MitM is pretty much the military incendiary bomb in the living room. A competent attacker who is controlling your network traffic and wishes to subvert your system has so many ways to do it that you stand effectively no chance of preventing it. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
