On 21/01/09 10:36, Ciaran Mooney wrote: > Again I would only do this with computers you trust. The > ultra-paranoid elf in my head says, whats stopping a hidden process > on that computer copying the contents of all pen drives attached? > Being encrypted would make no difference once it is mounted on the > system. >
Which is why you should never use the same password for different systems. Indeed, you should never enter any vital password on any system that's not entirely under your control for exactly that reason. However, pragmatism occasionally has to win out over paranoia. For a gpg key - of which you can keep a master copy which you can then revoke at will - I think the risks are reasonable enough with this approach. Moreover, applying permissions carefully to the USB key and its contents will also help, unless said evil process is running as root, in which case all bets are off anyway. -- Graham Binns | PGP Key: 4DAD18FA
signature.asc
Description: OpenPGP digital signature
-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
