From: Stuart Smith <cipher@nemesis.wimsey.com>
Date: Sun, 19 Jun 94 04:41:34 PDT
To: ecarp@netcom.com
Subject: Re: totally secure email? Not a chance
In-Reply-To: <m0qF7cT-0004JTC@khijol.uucp>
Message-ID: <2e03b49e.nemesis@nemesis.wimsey.com>
MIME-Version: 1.0
Content-Type: text/plain


> > 1) Your sysadmin can assuredly get around this too if he wants, and get
> > at your mail even before procmail does. As a general rule of thumb, the
> > sysadmin can do anything. But getting aroudn this would definitely be more
> > dificult then simply reading your /spool/mail file. 
> 
> True, but I don't know if he'd think of this one...

As long as you are aware of the risks and accept them.. no
problem.  But "I don't know if he'd think of this" is hardly
cryptographically secure..

> I'm curious - all the stuff that comes with PGP says to not let your secret
> key /pass phrase out of your sight, but why is it necessary to guard your
> secret key so carefully?  After all, you have to type your pass phrase to
> use the secret key, so without the pass phrase, the secret key is useless,
> isn't it?  I mean, besides just destroying it...

Well no.. without the secret key file, you have to factor the
public modulus to find the secret key.   We all know how are
that is..  if he already has the encrypted key file though...
then he just has to guess your password.  Far less work, unless
of course you picked a pass phrase a few hundred letters long.

In general, it is impossible to achieve total security on a
multi-user system unless you are the sysadmin yourself.  You
either have to forget it entirely or decide what risks you're
willing to take and what risks you're not.

Good luck.

-- 
 Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister
shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba
        E7 E3 90 7E 16 2E F3 45   *   28 24 2E C6 03 02 37 5C 
   Stuart Smith                           <stu@nemesis.wimsey.com>