Computer security is full of tradeoffs among risks, costs, and benefits. In theory, nothing less than 100% security will protect your system, but 100% is impossible to achieve, and even getting close may be difficult and expensive. Guarding against the many possibilities for intrusion, not to mention counter-possibilities and counter-counter-possibilities, can be (and is) a full-time job.

As an example, suppose you are a careful communicator and encrypt all the mail messages you send to friends using GnuPG, as we discuss in Chapter 8. Let’s say you even verified all your friends’ public encryption keys so you know they haven’t been forged. On the surface, this technique prevents hostile third parties from reading your messages in transit over the Internet. But let’s delve a little deeper. Did you perform the encryption on a secure system? What if the GnuPG binary (gpg) has been compromised by a cracker, replaced by an insecure lookalike? What if your text editor was compromised? Or the shared libraries used by the editor? Or your kernel? Even if your kernel file on disk (vmlinuz) is genuine, what if its runtime state (in memory) has been modified? What if there’s a keyboard sniffer running on your system, capturing your keystrokes before encryption occurs? There could even be an eavesdropper parked in a van outside your building, watching the images from your computer monitor by capturing stray electromagnetic emissions.

But enough about your system: what ...