More secure than smartcard or cryptostick against remote attacks?
Robert J. Hansen
rjh at sixdemonbag.org
Fri Feb 8 04:14:17 CET 2013
On 02/07/2013 06:42 PM, Faramir wrote:
> Ah, but there are situations in which that would not work...
Sure. There are always situations where a particular attack won't work.
For instance, if there's an ironclad no-exceptions policy that you may
never, ever, fall back to using GnuPG on the PC, then this attack
wouldn't work. But that quickly reduces to a game of whack-a-mole -- a
game you're not going to win. The attacker gets to tailor his attack to
your defenses; you don't get to tailor your defense to the attacker.
If you don't trust your hardware, get new hardware that you do trust.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130207/3ef4babb/attachment.pgp>
More information about the Gnupg-users
mailing list