Full Disclosure mailing list archives
Re: Re: pgp passphrase
From: Jim Richardson <warlock () eskimo com>
Date: Mon, 22 Mar 2004 22:13:13 -0800
On Mon, Mar 22, 2004 at 08:29:03PM -0600, Paul Schmehl wrote:
--On Monday, March 22, 2004 4:03 PM -0800 Denis Dimick <denis () dimick net> wrote:Most smart users.. Ok start the laughing now.. Have a passcode for their keys.. :)No, really????And if I 0wn your box, do you not think that my keylogger can get your passcode? Good grief! If the box is hacked, I can get any information I need from you to screw you up further. Passcodes or anything else you have *or* type are trivial to obtain once I have root on the box.I'm a bit surprised that I have to point this out.
since the context of this discussion was email worms and trojans, and a certain OS/App combination's vulnerability to same, I'd say that wrt to*nix like OSen,
"if you had some ham, you could have ham and eggs, if you only had some egss." or to paraphrase South park 1) Send email trojan 2) ??? 3) Got root... My MUA doesn't execute attachements, does that mean I am invulnerable? no, just far less vulnerable than someone who's relying on an MUA that can't tell the difference between open() and exec() -- Jim Richardson http://www.eskimo.com/~warlock Ok, the guy who made the netfilter Makefile was probably on some really interesting and probably highly illegal drugs when he wrote it.-- Linus Torvalds
Attachment:
signature.asc
Description: Digital signature
Current thread:
- Re: Re: pgp passphrase, (continued)
- Re: Re: pgp passphrase Tomasz Konefal (Mar 22)
- Re: Re: pgp passphrase Max Valdez (Mar 21)
- Re: Re: pgp passphrase Cedric Blancher (Mar 21)
- Re: Re: pgp passphrase Frank Knobbe (Mar 21)
- RE: Re: pgp passphrase Alerta Redsegura (Mar 21)
- Re: Re: pgp passphrase Alain Crespo (Mar 21)
- Re: Re: pgp passphrase Max Valdez (Mar 22)
- Re: Re: pgp passphrase Paul Schmehl (Mar 22)
- Re: Re: pgp passphrase Denis Dimick (Mar 22)
- Re: Re: pgp passphrase Paul Schmehl (Mar 22)
- Re: Re: pgp passphrase Jim Richardson (Mar 23)
- Re: Re: pgp passphrase Caraciola (Mar 23)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 23)
- Re: Re: pgp passphrase Sam Sharpe (Mar 23)
- Re: Re: pgp passphrase Cedric Blancher (Mar 23)
- Re: Re: pgp passphrase Max Valdez (Mar 26)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 26)
- Re: Re: pgp passphrase Max Valdez (Mar 26)
- Re: Re: pgp passphrase Max Valdez (Mar 22)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 22)
- Re: Re: pgp passphrase Nico Golde (Mar 22)