On Fri, 30 Jun 2017 21:02:38 +0200, Peter Lebbing wrote: > PS: As a final note, what prevents your attacker from grabbing your > passphrase when you enter it? They control your computer! If you > could use your passphrase to verify it was really you, they would > immediately also have that passphrase, since you just gave it to them.
The idea with this scenario is that it can be carried out by people with no skills in hacking or compromising a computer, in small shops, companies for example, when one of the co-workers leaves his/her work place for a minute, or two etc. P.S. Maybe it was not such a bad idea to propose identicons, for third party apps using GnuPG, along with showing the fingerprint. Regards Stefan
pgpo28MmYoNtv.pgp
Description: Digitale Signatur von OpenPGP
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
