Basic operation of pgpdisk

Basic operation of pgpdisk

Post by Frod » Wed, 25 Jun 2003 18:46:27


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



If they for some reason bother looking around for private data, and realize
you have encryption in place, it'll likely perk their interest enough to
just sit back and wait for you to give them what they need. All they need
to do is have their trojan lurk around waiting for you to pop in your
secret key and password. My point is, that if your system is broken, no
matter what you're doing to protect yourself, it's all going through your
now insecure computer so you're basically adding a lot of work for yourself
for fairly slim security benefits. That is, of course, only my opinion.


If I were a cracker I wouldn't bother sharing at all considering the
likelyhood of a firewall being present. Not to mention the insane bandwidth
consumption of Microsoft's protocol.


I don't see why this is a complicating factor. If the system's compromised
without the user's knowledge it won't matter how often the trojan "calls
home" as long as it does so in a way that circumvents any outgoing firewall
blocks.


Why on earth would you feed a shared computer your secret key + passphrase?
That's just asking for a compromise.

Unless baddies are hiding in the next room ready to run in after you leave
the machine, "Auto unmount after X minutes of inactivity" set to 1 minute
should cover that base fairly good.


- --
Frode


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBPvgd8eXlGBWTt1afEQK0xwCgmLwT/hcPrvbVDf06Iy/FhHqyGr0AoJsg
rXiz3KtSSVn1/O2/QhvWbp8q
=17Nw
-----END PGP SIGNATURE-----
 
 
 

Basic operation of pgpdisk

Post by Gamma300 » Thu, 26 Jun 2003 05:13:53


additional
need
still
realize
yourself

I use PGP mainly just for the hell of it, and partly to deter the casual
snooper. Both of which are needs perfectly met by PGPDisk. I really doubt
the majority of people who use PGP actually use it to encrypt particularly
sensitive data.

sharing
bandwidth

There are a number of viruses (don't ask me to name names - my memories not
that good) that give a hacker access to your files. If the PGPDisk is
mounted when the hacker accesses the files, then the contents of the PGPDisk
are as good as gone.

basis.
firewall

I'm more likly to notice an unknown program in my Ctrl-Alt-Del list if it's
there all the time than if it's there once for a few seconds.

passphrase?

I share my computer with three other people in my flat. The data I have
encrypted is nothing the feds would want, but might cause trouble if one of
the people in my flat came across it. I don't have any choice but to use a
shared computer, but using PGPDisk, double encryption and keeping my private
key on floppy help security.


Fair point.