[tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
Marsh Ray
marsh at extendedsubset.com
Wed Sep 7 20:42:06 UTC 2011
On 09/07/2011 03:19 PM, Julian Yon wrote:
>
> My bank forces me to enter part of my password using unobscured
> dropdowns "for security". Sure, it avoids keyloggers, but what about
> *someone standing behind me*?
Do they have a gun? Otherwise, cover the screen with your hand or ask
them to look away.
Realistically, this is nowhere near the biggest threat these days. It's
mostly a holdover from security guidance from shared computing labs and
pre-internet days.
Yes, be aware of your physical surroundings. No, don't think that it
keeps you one bit safe online, unless you're that special case where
your adversary is physically present.
- Marsh
More information about the tor-talk
mailing list