Quoting Bob Tanner (tanner at real-time.com):
> How will this work under Linux?
> 
> Is the FBI specifically targeting Windows?
> 
> Nice to know terrorists will move to linux now. :-|
> 

So this thing targets your pass-phrase, outside the privacy concern, the
approach is very, VERY good. Even long pass-phrases aren't immuned if they are
snarf'd at the keyboard.

This article makes me double check tripwire installs and rolling our SNARE ASAP.
But I digress.

What other options do you have for secure email? Can you tie one of the
Secure-IT cards from Verisign into GPG (or any tokenizer card)?

I'm not sure how the cards work, but if your getting a new token every 30
seconds won't that greatly reduce the keyboard-sniffer attack?

You may still have to have a phase-phrase to make GPG work, but could you
protect the pass-phrase with a token?

-- 
Minneapolis St. Paul Twin Cities MN        | Phone : (952)943-8700
http://www.mn-linux.org Minnesota Linux    | Fax   : (952)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9