"Mike A. Harris" <mharris@meteng.on.ca> said:
> On Fri, 18 Feb 2000, Horst von Brand wrote:
[...]
> >A determined root will be able to snoop on your password and stash the
> >contents of your encrypted media away for leisurly study. Not easy to do,
> >but not terribly hard either.
> Thanks, I'm aware of that, however that would be acceptable.
> The particular case I'm thinking about, root is for all intents
> and purposes a bucket of chicken. ;o) Certainly not capable of
> hacking anything... A *TRUE* secure solution would be nice, but
> a "stop luser root" solution would be fine...
Then you need a "stop luser root from talking to 3vi7 h@x0r" (sp? ;)
too... it is just _too_ easy to troyan the program you use to enter the
key, and just copy your encrypted data for later reading. Or read your
keyboard for that matter.
-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Viņa del Mar, Chile +56 32 672616- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:23 EST