From: ahupp@primenet.com (Adam Hupp)
To: Jon Lasser <jlasser@rwd.goucher.edu>
Message Hash: 06bdb0da74a6ecbcdcaf68b7f593df384a33793cc97eb15e1578a22797a6fece
Message ID: <199512010334.UAA07818@usr2.primenet.com>
Reply To: N/A
UTC Datetime: 1995-12-01 07:32:58 UTC
Raw Date: Fri, 1 Dec 1995 15:32:58 +0800
From: ahupp@primenet.com (Adam Hupp)
Date: Fri, 1 Dec 1995 15:32:58 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: key for Alice as promised (not)
Message-ID: <199512010334.UAA07818@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain
>On Tue, 28 Nov 1995, Adam Hupp wrote:
>
>> >Can you imagine?? I'm simply not willing to fool myself into thinking
>> >that I ahve security by posting a key and using PGP.
>>
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>
>Hold on a minute. Alice is, here, 100% correct.
>
>If I use PGP to read messages and there's a videocamera trained on the
>keyboard, and other people have access to the machine, PGP is not
>secure. Similarly, if PGP is on a computer which other people may use
>without my supervision, they can monitor keystrokes, etc. and PGP is not
>secure.
>
>A chain is only as strong as its weakest link; Alice recognizes this, and
>makes no claim that PGP itself is the weak link. The weak link is the
>physical security of the system which Alice claims to use.
>
>Jon
>------------------------------------------------------------------------------
>Jon Lasser <jlasser@rwd.goucher.edu> (410)494-3072
> Visit my home page at http://www.goucher.edu/~jlasser/
> You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
>
>
I guess I missed Alice's point, but I gave it more thought and Alice is
still wrong:
1) If someone DID monitor Alice, that almost defanitly means the remailer
chain was compromised. The weakest link here is the remailer chain, not
Alice's computer's physical security.* If Alice's true address is not
known, there cannot be any monitoring of his/her computer (unless it for
some other reason than "Alice").
2) This whole deal is about Alice signing his/her messages, not encrypting
them. What Alice would be giving up if his/her computer were compromised
would not be security, but identity. The most Alice could lose, IF the
remailer chain were compromised and IF his/her computer's physical security
were compromised is his/her's reputation by spoofing (loss of
pseudo-anonaminity is a given if the attacker gets that far). Those are
some really big Ifs.
*BTW, the chain is NOT as strong as it's weakest link. If I send mail to a
remailer, and it strips the headers like it's supposed to, but sends the
mail to a compromised remailer (the weak link), I am just as secure as before.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6
mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----
Return to December 1995
Return to “ahupp@primenet.com (Adam Hupp)”
1995-12-01 (Fri, 1 Dec 1995 15:32:58 +0800) - Re: key for Alice as promised (not) - ahupp@primenet.com (Adam Hupp)