Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

On the positive side, it's unlikely "everyone" who isn't a government agency with billions of dollars of taxpayer money to waste has the time, storage, and compute resources to mount the kind of attack you're talking about.

I know NSA is the topic of the day, but they're kind of a special case here. They're the single most powerful and well funded adversary the average crypto user will face.



Until you break up and your ex decides to publish your key in revenge. Unlike a password, you can't change a key and revoke access.


Why on earth would you let someone who is not you anywhere near your private key? No security system in the world can fix user fail.


The difference is when your ex releases your key and you are using this system then everybody can read your email instead of just the NSA and the recipient.


So, what you are saying is that nobody else, but you, should ever have access to your private key, right? I'm pretty sure that's PKI 101, which I think was Karunamon's point; and, I'm pretty sure the solution to your proposed 'weakness' in this system is not technical.


He edited his post and my reply doesn't make sense in context now


Since people share passwords with (at the time) trusted people quite frequently, it seems like a scenario one should plan for.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: