[44162] in Cypherpunks
Re: key for Alice as promised (not)
daemon@ATHENA.MIT.EDU (Jon Lasser)
Wed Nov 29 15:01:01 1995
Date: Wed, 29 Nov 1995 14:37:16 -0500 (EST)
From: Jon Lasser <jlasser@rwd.goucher.edu>
To: Adam Hupp <ahupp@primenet.com>
Cc: cypherpunks@toad.com
In-Reply-To: <199511290315.UAA26439@usr4.primenet.com>
On Tue, 28 Nov 1995, Adam Hupp wrote:
> >Can you imagine?? I'm simply not willing to fool myself into thinking
> >that I ahve security by posting a key and using PGP.
>
> Unless you can post some proof that PGP is insecure, stop insisting it is.
Hold on a minute. Alice is, here, 100% correct.
If I use PGP to read messages and there's a videocamera trained on the
keyboard, and other people have access to the machine, PGP is not
secure. Similarly, if PGP is on a computer which other people may use
without my supervision, they can monitor keystrokes, etc. and PGP is not
secure.
A chain is only as strong as its weakest link; Alice recognizes this, and
makes no claim that PGP itself is the weak link. The weak link is the
physical security of the system which Alice claims to use.
Jon
------------------------------------------------------------------------------
Jon Lasser <jlasser@rwd.goucher.edu> (410)494-3072
Visit my home page at http://www.goucher.edu/~jlasser/
You have a friend at the NSA: Big Brother is watching. Finger for PGP key.