1992-11-26 - Re: PGP on local machine (was Re: MacPGP)

Header Data

From: George A. Gleason <gg@well.sf.ca.us>
To: ebrandt@jarthur.Claremont.EDU
Message Hash: 67d6b2671c358e14a82381e9e9c3ea375e8a1602071301dcd4783a4cca172e6f
Message ID: <199211261053.AA23687@well.sf.ca.us>
Reply To: N/A
UTC Datetime: 1992-11-26 10:55:00 UTC
Raw Date: Thu, 26 Nov 92 02:55:00 PST

Raw message

From: George A. Gleason <gg@well.sf.ca.us>
Date: Thu, 26 Nov 92 02:55:00 PST
To: ebrandt@jarthur.Claremont.EDU
Subject: Re:  PGP on local machine (was Re: MacPGP)
Message-ID: <199211261053.AA23687@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Eli discussed some ideas regarding online encryption... it suddenly occurred
to me that if you were connected to the phone line while doing your crypto
processing, it's entirely possible that some signal would leak through and
if your phone line was being monitored, the nastie-wasties would get the
whole thing including your private key.  Uh-oh, very bad.  Thus the need for
some kind of hardware device which isolates the line and all that.  Perhaps
a specifically cryptographic modem as has been proposed by others here.  And
perhaps a tweak in the software which requires that the user set these
options manually at some point, where a warning message would occur to say,
"don't do on-line crypto unless you have (one of the protected modems)."

-gg





Thread