On Tue, Jan 07, 2003 at 03:19:24PM -0500, Valdis.Kletnieksat_private wrote: > On Tue, 07 Jan 2003 12:02:13 EST, Andrew MacKenzie <andyat_private> said: > > > My question therefore is: is all this worth the trouble? In order to use > > PGP with scripts (or even Java code), the scripts need access to both the > > private key and pass phrase (which are stored locally in files). If the > > system were compromised would any of this help? > > Simple answer: "GAME OVER". > > Detailed answer: If the system is compromised, they have all the data they > need to get all the data. The only way to "fix" this is to have a "pgp daemon" > that needs to be started by hand so you can give it the passphrase. I think that to make it nontrivial to crack, the application itself would have to be that daemon. Otherwise (i.e. if the application and the daemon were separate processes) they could intercept the communication between those two components and just ask the daemon do decrypt the files they need. That, in turn, might be possible by ptracing or modifying the kernel code, for example using modules. regards Marcin -- Marcin Owsiany <marcinat_private> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 "Every program in development at MIT expands until it can read mail." -- Unknown
This archive was generated by hypermail 2b30 : Tue Jan 07 2003 - 16:51:52 PST