"general purpose OS is fundamentally inadequate for trusted operations"
Wouter Verhelst
w at uter.be
Mon Apr 24 18:33:42 CEST 2017
On Sun, Apr 23, 2017 at 08:42:45PM -0400, Robert J. Hansen wrote:
> > There are a
> > few possible attacks that the use of a smartcard mitigates, and
> > therefore a smartcard key *is* more secure than a non-smartcard key
>
> No. It's more secure *only if those attacks are within your threat
> profile*.
It is objectively more secure. Whether that extra security is relevant
to your threat profile is a different question; e.g., you may also have
threats that you are not aware of.
Like almost everything in security, this is a trade-off.
--
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
people in the world who think they really understand all of its rules,
and pretty much all of them are just lying to themselves too.
-- #debian-devel, OFTC, 2016-02-12
More information about the Gnupg-users
mailing list