On Wed, Jul 24, 2013 at 08:35:25AM +0200, Heinz Diehl wrote: > On 24.07.2013, Philipp Klaus Krause wrote: > > > I do not trust the computer at university with the secret key used to > > decrypt my private mail. > [....] > > > Still, I want to be able to read any encrypted mail sent to my > > unversity addresses on the computer at university. And I want to use > > encryption, since the mails might contain sensitive information, such as > > exams, grades, etc (and the mail servers are maintained by students). > > You can't have security on a machine which is out of your control. If > others have physical access to your machine at university, what you > want isn't possible. They could simply install a keylogger or other > monitoring.
Absolute security isn't possible. Any machine you are not shackled to is sometimes out of your control. The best one can do is make the expectation of loss significantly more than the expectation of gain. Smart attackers will go elsewhere and stupid ones can be caught. Installing a keylogger represents a significant risk of detection. If "they" can do surreptitious monitoring, how do "they" know that I am not doing surreptitious monitoring? Remote log servers, firewall logs, 'tripwire', cheap cameras the size of an aspirin tablet.... -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
