[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Musings about on-disk encryption in Fedora Core



On Tue, 2004-07-06 at 16:54, mike flyn org wrote:
> I would also argue that if I have access to your account than I eventually
> have access to your PGP keys.  I can install something in .bash_profile and I
> can read your process memory, right?
> 
> I suppose that one could argue that all these passphrases and passwords are a
> defense in depth technique, but here is a fundamental problem: your system
> authentication token says to the system "this is me" and if that is not the
> case then all else is eventually doomed.

Well:

- Because you mentioned it: having my PGP keys on a USB stick that I
carry around with me, an attacker is at least forced to try to read my
memory or install a key logger, mere mailing home .gnupg/secring.pgp
from .bashrc won't work. I know that this is not 100% secure (what is?),
but it's a reasonably high hurdle.
- Having login and secret storage authentication tokens separate allows
me at least to tell the system "this is me and I want this accessible
now". It's the same with not logging in as root, but using su when you
need sufficient privileges ;-).

Nils
-- 
     Nils Philippsen    /    Red Hat    /    nphilipp redhat com
"They that can give up essential liberty to obtain a little temporary
 safety deserve neither liberty nor safety."     -- B. Franklin, 1759
 PGP fingerprint:  C4A8 9474 5C4C ADE3 2B8F  656D 47D8 9B65 6951 3011

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]