[OTR-users] Private keys file security
Carl Johnson
aknownim at yahoo.com
Fri Dec 1 05:29:03 EST 2006
As Richard pointed out, it would be great to have the
private keys and fingerprints encrypted.
The countermeasures that we could use against the
motivated employer, could be to implement a virtual
keyboard to type the password, and to bypass
screenloggers, the virtual keyboard would press the
key when the mouse hovers a key for over 2 seconds,
for example.
Still, if this is too much trouble since both otrlib
and otrproxy are somewhat not being updated, someone
could at least point me to who is the win32
maintainer?
If we could just choose from otrproxy the directory
to read the private keys and fingerprints, that would
help a lot. It would be just a matter of using another
program for on-the-fly encryption, and having the keys
stored on a secure location, say a usb flash fisk for
instance.
But since we cannot choose (at least on WinXP as far
as I know) the userdir for the privkey and
fingerprints files, using otr on public computers
nears the impossible. Interestingly enough, on Win98
the privkeys are written on the same directory that
otrproxy is, and that alone would already solve this
problem. But, Win98 isn't used on public computers
anymore.
If we could just choose the directory (and drive) for
the files, it would really help.
Thanks.
____________________________________________________________________________________
Yahoo! Music Unlimited
Access over 1 million songs.
http://music.yahoo.com/unlimited
More information about the OTR-users
mailing list