1996-03-12 - Remailer passphrases

Header Data

From: Gary Howland <gary@kampai.euronet.nl>
To: cypherpunks@toad.com
Message Hash: f99863f95aa6ad9ca6df1797ffcd1b24524e3513073ac5f837edd653469ea2f0
Message ID: <199603121043.FAA20786@bb.hks.net>
Reply To: N/A
UTC Datetime: 1996-03-12 12:55:31 UTC
Raw Date: Tue, 12 Mar 1996 20:55:31 +0800

Raw message

From: Gary Howland <gary@kampai.euronet.nl>
Date: Tue, 12 Mar 1996 20:55:31 +0800
To: cypherpunks@toad.com
Subject: Remailer passphrases
Message-ID: <199603121043.FAA20786@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

markm@voicenet.com writes:
On Mon, 11 Mar 1996, Gary Howland wrote:

> > This of course assumes that the remailer runs as a process - if it doesn't
> > then there is no reason a 'remailer helper' cannot.
> >
> > The only disadvantage of this is that the remailer cannot be rebooted
> > without a passphrase being entered, but then there are ways around this
> > (entering the passphrase remotely over a secure link etc., or more
> > sophisticated 'remote authorisation' systems).
> >
> > The advantage of this is that the password is never on the disk,
> > only in memory (which will take serious (read "expensive") to extract).
> 
> I don't know that it would be that expensive.  If someone was able to gain
                                                 ^^
> root access to the system, something like "strings /dev/kmem" could narrow
> the search for the passphrase down significantly.  Of course one could
> obfuscate the passphrase by XOR'ing it with 0x80, but that's only security
> through obscrurity.

Sure, _if_ they were able to gain root access without rebooting the machine,
but the usual scenario is that the filth turn up with black bin liners, not
men from the NSA.

Gary
- --
pub  1024/C001D00D 1996/01/22  Gary Howland <gary@kampai.euronet.nl>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMUVVMioZzwIn1bdtAQFFPAGAkqQFY1FRwSunSdqkvZBQx8S6BnD7UXRV
ztKYpHcCkyex8pT4jL/WqeEIGPUXfi4l
=voJ5
-----END PGP SIGNATURE-----





Thread