Delurking... Jesus. Stop picking at the guy (not just you, I mean everybody). Why not use your brains and suggest a few workarounds?
Like: 1: Superencrypt beforehand. 2: Don't type if you can cut and paste. 3: Use one-time hard passwords 4: Use throw-away one time free email addresses 5: Use proxies to connect to privacy services you don't own 6: Use Regulatory (and other) arbitrage 7: Wear gloves, Margaret Thatcher halloween mask, leave no DNA, etc, etc. /flame off/ On Mon, 24 Mar 2003 10:51:49 -0500 (est), "Sunder" <[EMAIL PROTECTED]> said: > And (dumbass) you would trust the keyboard and display of an internet > cafe > is safe to type in your passphrase? Never heard of keystroke capturing? > > You're better off trying to find a WiFi access point - i.e. Starbucks or > whatever cafe and using that instead with your own trusted hardware. > > That said, you can use hushmail... > > > ----------------------Kaos-Keraunos-Kybernetos--------------------------- > + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ > \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ > <--*-->:Instead of rewarding|monitor, or under your keyboard, you \/|\/ > /|\ :their failures, we |don't email them, or put them on a web \|/ > + v + :should get refunds! |site, and you must change them very often. > [EMAIL PROTECTED] http://www.sunder.net ------------ > > On Sun, 23 Mar 2003, Anonymous wrote: > > > Assumptions: > > > > - I have https (SSL) access to a trusted unix box > > - I trust SSL > > - I'll take a risk of unknown machine running http client being subverted > > > > I want to use PGP while checking/sending e-mail via web interface on someone > > else's machine (say, internet cafe). So in one window I have webmail interface, > > and in the other window I have "webpgp" interface, and I paste ciphertext back and > > forth. > > > > The https-ed webpgp interface should authenticate me via some sort of passphrase > > and then I can submit ciphertext for decryption (encryption also requres > > authenticatin, in order to avoid browsing of my keyrings.) > > > > The question is - do I have to code this or has someone already done it ? > > -- contrary [EMAIL PROTECTED]
