On Sun, Aug 26, 2018 at 10:41 AM, Peter Lebbing <pe...@digitalbrains.com> wrote: > The OpenPGP smartcard and generic smartcard protocols do define > "Secure Messaging", but I don't think this is commonly used for cabled > OpenPGP smartcards.
Would be interesting to find out. > I think you'll need to trust the cable anyway, Well, if the cable is soldered to the reader, then it’s much harder to tamper with. Swapping a replaceable cable requires much less effort. Concerning key loggers for comparison: It is possible that the [attack at TAZ][1] would not have happened had the attacker to tamper with the victim’s keyboards, their computers, or their software. I would not be surprised if you can find USB cables on Alibaba that include sniffers and multiple GBs of flash memory for logging everything, for debugging of course. ;) [1]: http://www.taz.de/!5307828/ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users