|
|
On Thu, 18 Aug 2011 11:08:05 +0200, Lars R. wrote:
> GPG and Truecrypt don't have to be “installed” but can be used directly
> from USB drive, sure.
>
> But: If you have sensitive data on your USB drive you never ever should
> decrypt them on a foreign PC, in an Internet café etc. because you
> cannot trust them at all (keylogger, spyware etc.)
Certainly, though you can get a certain degree of security if you also
have a bootable OS, say a Linux LiveCD or LiveUSB. That doesn't remove
hardware keyloggers, of course, but it does remove the software threats.
> Call me paranoid but I distrust any Windows PC (and any other PC that is
> under control of a talented Linux guy) and I would never enter any
> sensitive password on them (neither web mail nor ssh nor crypted USB
> drives etc.)
Using ssh - easy way would be to use public key authentication from a
removable storage device, though I would prefer to boot my own media for
something like that on a public system.
Of course, if you do this in the public library, the staff sometimes can
tend to get a bit testy about it (here in the SLC library, they have
software to restrict your usage to a particular period of time, obviously
that doesn't run if you use your own OS).
Jim
Post a reply to this message
|
|