1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
On 03/19/2013 11:28 PM, Michael Mol wrote: |
5 |
> |
6 |
> Not so much. The idea would be that you could power cycle the |
7 |
> device to get access to it again. The device would be read for the |
8 |
> keys at system bootup, but then would shut itself off after a few |
9 |
> minutes to prevent the keys from being read from disk. (There's |
10 |
> still the risk of them being read from the memory of the process |
11 |
> using them, but that's slightly more difficult, and security is all |
12 |
> about raising the bar.) |
13 |
> |
14 |
|
15 |
Eject the USB drive after five minutes? This raises the bar |
16 |
significantly, to "has tried to send the 'close CD tray' command to a |
17 |
USB stick before." |
18 |
|
19 |
-----BEGIN PGP SIGNATURE----- |
20 |
Version: GnuPG v2.0.19 (GNU/Linux) |
21 |
|
22 |
iQIcBAEBAgAGBQJRSTmpAAoJEBxJck0inpOiKusP/1sVI0A5hbT1pE8yRu+Ydn5W |
23 |
j+O6o9j+r2Tqzkay0/tXPWs8HJlM7c8yQcaRvQoCiau2mQzitSk+nLxCPh/GLpis |
24 |
2d49ihFKmVFk7qrIzMkrHoV4XRc2jVfgiEq+n8W5dYpODPCX9N4MQidgiYePnZ52 |
25 |
YEtxijEkfPk73j5jPoJh6SNWtzrdLUC6DH4mmghqgmZcn4glkhWpqIU6U/tj4hJT |
26 |
iN67F5g0g8YSIQNTBsTO/TLrQmrHdb/iT2v9hTxeL+Ly+xjHKJmSikP+f0rOOrQn |
27 |
vXbJHGk2IAgajDHcdG3jDJvoQDgA0vl+uJ/i4tj++rwMNNXxX7MmFq9qGqGGjBp4 |
28 |
nwFVJn9QGMHq2boDXISXlz+zNcjLWcaxNrXQiqSB5sqnbvjg27/NCDaQG8+ZgWzX |
29 |
a/JGLqu3l7LoribH54E51PGdpKiiooDgYjgQkB9ZrSM6/X14JftqWavEALrLQXfM |
30 |
ud32XTgMGiBVqyjtGQ4VDS2KtQnZAWhORMQJvOx3nwApUiXOlyX8xoyazYetnTaC |
31 |
pZFgYRgmNYQodweJNrpz28EekEhwr1A/HHYhe5ANqUSO44xZBhsfEhtz0ycVd0ok |
32 |
2JnCC4WwmQtqifD4S3hEsn4BN1XvxCH8YhXV6S+ApD9bo22ybZFw7f54tMSV0L/d |
33 |
brkafk2u3Bhnh2yFr+6k |
34 |
=pX91 |
35 |
-----END PGP SIGNATURE----- |