[24553] in Cypherpunks
Re: Why I have a 512 bit PGP key
daemon@ATHENA.MIT.EDU (Adam Shostack)
Tue Dec 27 22:15:07 1994
From: Adam Shostack <adam@bwh.harvard.edu>
To: eric@remailer.net (Eric Hughes)
Date: Tue, 27 Dec 94 22:06:00 EST
Cc: cypherpunks@toad.com
In-Reply-To: <199412280240.SAA02061@largo.remailer.net>; from "Eric Hughes" at Dec 27, 94 6:40 pm
Eric wrote:
| From: "Ian Farquhar" <ianf@sydney.sgi.com>
|
| re: personal account tripwire
|
| The problem is that although you can protect the data file of
| hashes (by using a pass phrase to encrypt it), protecting the
| binary which does the checking is rather more difficult.
|
| Why not recompile the binary? All it needs to be is something like
| md5.c.
Or leave the binary on a floppy (assuming you can access
floppies, or some other removable media.) The problem reduces pretty
quickly to a variant of trusting trust. root can hack the kernel, the
math libraries, your shell, or several other points to make life
difficult. Can you go through a set of steps so convoluted as to
catch this? Probably. But in all likelyhood, its easier to get a
personal machine on which to store private files.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
