On Thu, Oct 13, 2011 at 10:03:56AM -0400, Jean-David Beyer wrote:
> It seems to me that to do much damage to my machine, you need to get a
> shell with root access.
Depends on what you regard as damage.
Do you need root privileges to use your private gpg keys ???
> I never run a web browser as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 13 Oct 2011 10:03:56 -0400
Jean-David Beyer articulated:
> At one extreme, the only way to be pretty safe is to have a machine
> that is not connected to the Internet, and have U.S.Marines to guard
> the hardware and access to it.
"The only s
On 10/13/11 10:03 AM, Jean-David Beyer wrote:
> It seems to me that to do much damage to my machine, you need to get a
> shell with root access. And to do that, do you not pretty much need the
> root password?
Nope. Local exploits are enough.
Take a look at the kernel.org exploit as an example.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert J. Hansen wrote:
> On 10/11/2011 05:14 PM, Jean-David Beyer wrote:
>> Let us assume you are the bad guy
>
> Okay.
>
>> Unless you have my encrypted keys, you have to access my computer
>> (unless you have already stolen it, in which case ther
On 11 October 2011 22:32, Robert J. Hansen wrote:
> Accurate to 6%, there are 2**25 seconds in a year. Worth remembering:
> it makes certain kinds of computations much easier. (It follows there
> would be about 2**35 seconds in a thousand years, or 2**45 seconds in a
> million.)
>
> E.g., let's
On 10/13/2011 8:29 AM, Jerome Baum wrote:
> I didn't say anything (modulo "Take a look").
At this point it seems to me you're being deliberately obtuse. Have a
nice day.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/
On 2011-10-13 14:14, Robert J. Hansen wrote:
> On 10/13/11 7:51 AM, Jerome Baum wrote:
>> Take a look:
>
> I did. You said I have to access your computer, to try logging in
> through the Internet. I don't. I just have to find an exploit.
I didn't say anything (modulo "Take a look").
> Saying
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/13/11 7:51 AM, Jerome Baum wrote:
> Take a look:
I did. You said I have to access your computer, to try logging in
through the Internet. I don't. I just have to find an exploit.
Saying "my front door is locked" is great, but it's not so gr
> Hold on a second there. You seem to be making some extremely
> unwarranted assumptions.
Take a look:
>> Unless you have my encrypted keys, you have to access my computer
>> (unless you have already stolen it, in which case there are much
>> easier ways to invade the machine), you will have
On 10/11/2011 05:14 PM, Jean-David Beyer wrote:
> Let us assume you are the bad guy
Okay.
> Unless you have my encrypted keys, you have to access my computer
> (unless you have already stolen it, in which case there are much
> easier ways to invade the machine), you will have to try logging in
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 11 October 2011 at 9:32:18 PM, in
, Robert J. Hansen wrote:
> Accurate to 6%, there are 2**25 seconds in a year.
[...]
> I don't know why it took me so long to notice that:
> seems like the sort of thing I should've noticed a
> d
Robert J. Hansen wrote:
> Accurate to 6%, there are 2**25 seconds in a year. Worth remembering:
> it makes certain kinds of computations much easier. (It follows there
> would be about 2**35 seconds in a thousand years, or 2**45 seconds in a
> million.)
>
> E.g., let's say you want to brute-forc
Accurate to 6%, there are 2**25 seconds in a year. Worth remembering:
it makes certain kinds of computations much easier. (It follows there
would be about 2**35 seconds in a thousand years, or 2**45 seconds in a
million.)
E.g., let's say you want to brute-force an 64-bit key on a CPU that can
do
13 matches
Mail list logo
