Skip to main content

View Diary: The MSFT-NSA conspiracy theory (40 comments)

Comment Preferences

  •  That's actually why (1+ / 0-)
    Recommended by:

    openssl was written abroad.  Theo didn't trust any US entity to not put backdoors in.

    I never understood why that precluded, say, MI5 from twisting the original author's arms.

    •  MITM attacks (1+ / 0-)
      Recommended by:
      Johnny Nucleo

      What I'm concerned about who has my private keys.

      To you, I'm an atheist. To God, I'm the loyal opposition.” ― Woody Allen

      by soros on Sat Jun 15, 2013 at 08:11:18 PM PDT

      [ Parent ]

      •  They're pretty hard to effect (0+ / 0-)

        Unless, of course, you use an Amazon Kindle or Opera's mobile browser.  Those come pre-equipped with a pre-exploited MITM, although they call it "the browser".

        You should never let your private keys out of your control.  If you must carry them around, put a GPG repository on a Flash drive with a single-use key pair, and put the pass phrase for that key pair in a piece of paper in your wallet, treating it like you would your passport.

        (Yes, I just told you to put a password in your wallet.  Think about it: if someone steals my credit cards, my Social Security card, my passport or my Global Entry card, they can do so much mischief that losing the passphrase to a secret key which is stored on a Flash drive in a safety deposit box -- you can see where this is going.)

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site