On 10/13/10 11:51 AM, Daniel Kahn Gillmor wrote: > > From a different perspective, i could run the agent itself in a > constrained account, and replace the prompting tool with a tool that > requires, say, an ACPI event, or a special keypress (not an X11 event) > from a designated hardware button. in that case, malicious code with > access to the X11 session could detect that a prompt had been made, and > possibly dismiss it or hide it from the user, but could not force > acceptance of the keypress without superuser access (at which point, > game over anyway). To take a vulnerability from a malicious use of > secret key material to a simpler denial of service attack strikes me as > a move in the right direction. >
But ultimately once you start trying to fix the problem by offloading the checks to special hardware, you might as well just key a smart card reader with an integrated keypad. Then you can use a simple pin. Not quite as convenient as hitting Y/N, but way more convenient than a really strong password. -- Grant "I am gravely disappointed. Again you have made me unleash my dogs of war."
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
