Silver lining of the spam & virus epidemic...

Eugen Leitl eugen@leitl.org
Tue, 18 Jun 2002 08:35:03 +0200 (CEST)


On Tue, 18 Jun 2002, Robert Harley wrote:

> If your glib statement "that which can be signed can be forged" is
> supposed to have some bearing on reality, then why don't you collect
> the dough?

All it requires to forge your signature is to infect your machine with a
passphrase snarfer (and are you really sure you're signing what you're
seeing on the screen? REALLY sure?). As long as current systems are a
sieve security-wise and crypto isn't compartmentalized in hardware tokens
a digital signature is not nearly as secure as the mathematics suggests.