On Tue, 12 Oct 2010 04:44, d...@fifthhorseman.net said:
(e.g. one process can send a simulated mouseclick to another process
pretty easily) but that doesn't mean no one is running with a
The standard pinentry grabs mouse and keyboard and thus we should be
protected against this kind of attack.
On 10/12/2010 02:26 AM, Werner Koch wrote:
On Tue, 12 Oct 2010 04:44, d...@fifthhorseman.net said:
(e.g. one process can send a simulated mouseclick to another process
pretty easily) but that doesn't mean no one is running with a
The standard pinentry grabs mouse and keyboard and thus we
Am Dienstag 12 Oktober 2010 06:34:48 schrieb Robert J. Hansen:
If my attack gives me unprivileged access I'm going to escalate it to root.
going to, yes.
This is straight out of the malware
playbook, and malware authors have a great many ways to achieve it.
I think that it is not useful
Am Dienstag 12 Oktober 2010 09:05:56 schrieb Daniel Kahn Gillmor:
I think that grabbing mouse and kbd prevents other tools from *reading*
the kbd and mouse events. It doesn't prevent synthesized events from
triggering those inputs (e.g. clicking OK on a button).
But this may change in the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
El 11-10-2010 12:04, Ben McGinnes escribió:
...
Most email clients which support OpenPGP/GPG either natively or via a
plug-in do the former automatically. I use Thunderbird with Enigmail
and it will encrypt an attachment to an encrypted email
Hi Tiago
I just purchased OpenPGP cards and Gemalto USB Shell Token V2 readers
(see https://www.mukund.org/). They work perfectly for me.
I'll explain what I use to access them. Maybe you can adapt it to your
own use.
1) Start the pcscd service on your distro. This is a daemon that is
Hi all
I just purchased 4 OpenPGP cards and am configuring one of them.
Everything is working perfectly so far. I am using the Gemalto USB
Shell Token V2 as the reader device with PCSC-Lite. You can see
pictures of it here: https://www.mukund.org/
1. There is a typo on the printed sheet
Hello all.
This is my last resort. I know that this is not the realy the correct place to
pose such a question.
I have now succesfully set up a fully automated GPG solution, with the help of
all of you on this list.
However my next task is to intergrate the scripts with GPG with
On 12/10/10 8:44 PM, Faramir wrote:
Well, Enigmail could be seen as an additional library. Programmers
have one definition of libraries, the rest of the world maybe have another.
Good point, it has been a while since I've thought of things that way.
But yes, Thunderbird with Enigmail is
On 10/12/2010 1:54 AM, Daniel Kahn Gillmor wrote:
yes, of course this isn't going to be able to protect the user from
someone with full access to their user account or their current session.
These two attack modes (root and user access) cover the overwhelming
majority of instances today, so
Im really sorry, i need this in simple terms. Putty command line looks alot
better though!
this is the script i intend to use
SETLOCAL
C:\Program Files\putty
%TMP%\~ftplist.txt DIR /B C:\encryptedfiles
PUSHD C:\encryptedfiles
FOR /F delims= %%F IN ('MORE ^ %TMP%\~ftplist.txt') DO (
IF
There is a workaround to encrypt any e-mail attachment and send it
inline as part of the encrypted email message:
gpg --enarmor 'attachment file'
or
gpg -e -a 'attachment file'
and then paste the ascii armored text inline, and then encrypt the
message.
It has the minor advantage of getting
On Tue, 12 Oct 2010 09:05, d...@fifthhorseman.net said:
the kbd and mouse events. It doesn't prevent synthesized events from
triggering those inputs (e.g. clicking OK on a button).
You are right. However it is the only protection we can use on X; it
might be helpful in some cases, but as you
On Tue, 12 Oct 2010 11:10, mailinglis...@hauke-laging.de said:
There are ways to prevent this. E.g. I protect important and hardly ever
changed files like ~/.gnupg/options with root priviledge (chattr immutable on
It doesn't help - you need to protect gpg.conf and gpg.conf-2 and
gpg.conf-2.0
Does anyone have the Gemalto USB working with Red Hat 5.5?
Cathy
---
Cathy L. Smith
IT Engineer
Pacific Northwest National Laboratory
Phone: 509.375.2687
Fax: 509.375.2330
Email: cathy.sm...@pnl.gov
-Original Message-
From: gnupg-users-boun...@gnupg.org
15 matches
Mail list logo