From: Alan Olsen <alan@ctrl-alt-del.com>
To: “Z.B.” <zachb@netcom.com>
Message Hash: c0a95da1a752b319884a4998c86cbadf01bb433a824f85ffd2d53ee0cdcd0964
Message ID: <3.0.1.32.19970201113728.02c2b18c@mail.teleport.com>
Reply To: N/A
UTC Datetime: 1997-02-01 19:37:53 UTC
Raw Date: Sat, 1 Feb 1997 11:37:53 -0800 (PST)
From: Alan Olsen <alan@ctrl-alt-del.com>
Date: Sat, 1 Feb 1997 11:37:53 -0800 (PST)
To: "Z.B." <zachb@netcom.com>
Subject: Re: Key Security Question
Message-ID: <3.0.1.32.19970201113728.02c2b18c@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
At 10:41 AM 1/31/97 -0800, Z.B. wrote:
>My computer went into the shop a few days ago, and I was unable to take
>my PGP keys off it before it went in. What are the security risks here?
>If the repairman chooses to snoop through the files, what would he be
>able to do with my key pair? Will I need to revoke the key and make a
>new one, or will I be relatively safe since he doesn't have my
>passphrase?
Depends on how guessable your passphrase is. If you use something that would
fall to a dictionary attack, then you are vulnerable. (Providing that they
actually looked for your keyring and made a copy.)
If you had nyms on your keyring, then those nyms can be associated with your
"true name" with no passphrase required. (Unless you keep your keyring
encrypted. Private Idaho supports encrypted keyrings, but little else does.)
If you are really concerned about it, you could learn to do your own computer
repairs.
-----BEGIN PGP SIGNATURE-----
Version: 4.5
iQEVAwUBMvObZeQCP3v30CeZAQHwCgf+Oks1qT2Hc9pRU4jy+YU/q3WidHVhJmf2
QxjdEFeRPyX3rt+7ThCN4wnGdh7W2Ya8SYGwmgGgU7pucJ9vgC0JACU20RvRgsQk
5USpS3+Ua9QVNs/NpKGDDANlsurPMi9y12rIqrDbmPmcnW7HDfrfByLVy0HvfqKE
ctJsOOz391rbjM+HiNXzMUiiWLBelVA9CrsG/UtSd243vymwD/J2dJiq3s0CMPln
Tl1rSy1IVsMqNuQ65ALV9qsz6GJtK8Wu1nSk1IwR8Ge2ZSq6VCqkV/hY8+r5KPOM
V0XMIblviEc87xmiJ8BMuNNJpOvhGzFZQ1TV9vwdec3pfyeV/HeHjw==
=2if1
-----END PGP SIGNATURE-----
---
| If you're not part of the solution, You're part of the precipitate. |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!" | Ignore the man |
|`finger -l alano@teleport.com` for PGP 2.6.2 key | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/ |alan@ctrl-alt-del.com|
Return to February 1997
Return to “Alan Olsen <alan@ctrl-alt-del.com>”
1997-02-01 (Sat, 1 Feb 1997 11:37:53 -0800 (PST)) - Re: Key Security Question - Alan Olsen <alan@ctrl-alt-del.com>