[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)

On 09/07/2011 03:19 PM, Julian Yon wrote:

My bank forces me to enter part of my password using unobscured
dropdowns "for security". Sure, it avoids keyloggers, but what about
*someone standing behind me*?

Do they have a gun? Otherwise, cover the screen with your hand or ask them to look away.

Realistically, this is nowhere near the biggest threat these days. It's mostly a holdover from security guidance from shared computing labs and pre-internet days.

Yes, be aware of your physical surroundings. No, don't think that it keeps you one bit safe online, unless you're that special case where your adversary is physically present.

- Marsh
tor-talk mailing list