From: Toto <toto@sk.sympatico.ca>
To: “Z.B.” <zachb@netcom.com>
Message Hash: 831a664c66dba4ac20a50d939fdc6f329f5e5418c3018668d691b94f4e815cad
Message ID: <199702010201.SAA29739@toad.com>
Reply To: N/A
UTC Datetime: 1997-02-01 02:01:30 UTC
Raw Date: Fri, 31 Jan 1997 18:01:30 -0800 (PST)
From: Toto <toto@sk.sympatico.ca>
Date: Fri, 31 Jan 1997 18:01:30 -0800 (PST)
To: "Z.B." <zachb@netcom.com>
Subject: Re: Key Security Question
Message-ID: <199702010201.SAA29739@toad.com>
MIME-Version: 1.0
Content-Type: text/plain
Z.B. wrote:
>
> My computer went into the shop a few days ago, and I was unable to take
> my PGP keys off it before it went in. What are the security risks here?
> If the repairman chooses to snoop through the files, what would he be
> able to do with my key pair? Will I need to revoke the key and make a
> new one, or will I be relatively safe since he doesn't have my
> passphrase?
If the repairman has your pubring and secring files, you can now
consider them in the same light as a 'busted flush'.
Chances are, he has neither the capability nor the interest in
popping open your deep, dark secrets. On the other hand, if he
returns your computer with a 'shit-eating grin', you may be in for
a world-of-hurt.
My advice would be for you to check your 'paranoia level' and,
if you are a quart low, then read Phil Zimmerman's PGP documentation
once again, and make your decision based on the reality of the
possibilities involved.
Toto
Return to February 1997
Return to “Toto <toto@sk.sympatico.ca>”