Or try two part authentication, ala secureid.. or at least SNK (challenge
response) as a minimum.. it doesn't fix the problem, but makes it more
difficult.
//umar.
> the problem is not so much the key being in memory (it needs to get into
> memory if it's ever gonna go through the cpu) but that when that memory
> gets paged to disk it can potentially be read by someone else later; you
> don't want that key you've taken pains to put on CD to be sitting in the
> swap space of every box you use.
>
> the software that accesses the data has to handle this. see mlock(2)
>
> Conrad.
>
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
