-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert J. Hansen wrote:
> ... Moral of the story: be very careful where you go plugging your
> USB tokens into, recognize they are infection vectors and infection
> targets, recognize they can be compromised, and act accordingly.
Or better yet,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> autonomous malware. What evidence do we have that USB controllers are
> reprogrammable once they leave the factory?
The better question, at least from a security perspective, is what
evidence do you have that your particular vendor's USB token
On Wed, Apr 25, 2007 at 01:52:41PM -0500, Robert J. Hansen wrote:
> > USB is a peer to peer protocol; it requires substantial computing
> > power on both ends of the connection. I'm just waiting for the first
> > virus which targets common USB drives; it would rip through colleges
> > and workplac
> USB is a peer to peer protocol; it requires substantial computing
> power on both ends of the connection. I'm just waiting for the first
> virus which targets common USB drives; it would rip through colleges
> and workplaces like wildfire.
And then, literally minutes later, this crosses my desk
> Thieves usually don't steal USB pen drives; there is almost no
> market for
> stolen USB pen drives.
Professional thieves, no. On the other hand, living on a college
campus I've seen tons of thumb drives get stolen. Someone leaves
their drive on a table for a few minutes while they're of
On Wed, Apr 25, 2007 at 09:18:05AM -0600, Henry Hertz Hobbit wrote:
> Your last paragraph is true but only partially complete. It is easy
> to slip that USB pen drive into your pockets or put it some place
> else like that to keep it safe. But a lap-top isn't easily stuffed
> into pockets. In addi
On Mon, 2007-04-23 at 13:46 -0400, David Shaw wrote:
> On Sun, Apr 22, 2007 at 01:42:37PM -0700, rocko wrote:
> > I want to generate a new key pair, but i want to save it to
> > a usb pen drive so i can keep it safe.
> > I don't want any gpg keys stored on my laptop, in case it gets
> > lost or s
On Sun, Apr 22, 2007 at 01:42:37PM -0700, rocko wrote:
> I want to generate a new key pair, but i want to save it to
> a usb pen drive so i can keep it safe.
> I don't want any gpg keys stored on my laptop, in case it gets
> lost or stolen, the culprits won't have access to my gpg keys.
There is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John Clizbe wrote:
>> I don't want any gpg keys stored on my laptop, in case it gets
>> lost or stolen, the culprits won't have access to my gpg keys.
>> So my questions is how do i tell gpg to look for my keys on a
>> usb pen drive so i can encrypt
rocko wrote:
> I want to generate a new key pair, but i want to save it to
> a usb pen drive so i can keep it safe.
> I don't want any gpg keys stored on my laptop, in case it gets
> lost or stolen, the culprits won't have access to my gpg keys.
> So my questions is how do i tell gpg to look for m
I want to generate a new key pair, but i want to save it to
a usb pen drive so i can keep it safe.
I don't want any gpg keys stored on my laptop, in case it gets
lost or stolen, the culprits won't have access to my gpg keys.
So my questions is how do i tell gpg to look for my keys on a
usb pen dr
11 matches
Mail list logo
