-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
... > And if I 0wn your box, do you not think that my keylogger can get your > passcode? Good grief! If the box is hacked, I can get any information I > need from you to screw you up further. Passcodes or anything else you have > *or* type are trivial to obtain once I have root on the box. > > I'm a bit surprised that I have to point this out. > > Paul Schmehl ([EMAIL PROTECTED]) ... One measure to enhance security would be externel storage of keys, on a smart card like in secure internet banking where an external reader has to have a keypad, so a pass doesn't travel anywhere on the computer ... with banking there are only numbers as pass, but the principle seems sound enough. Caraciola - -- Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQFAYIC+ANzMondHN+cRAmAuAKCKUVGLo5mbizClnaeKYGJKUt/v3wCgjK7L tp2pKEqsgON7jBmOm5B9cpc= =gFLY -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
