"Robert J. Hansen" <[EMAIL PROTECTED]> writes: >> What prevents the keylogger in your first example to snarf the PIN >> code >> for the OpenPGP card and send decryption requests to the OpenPGP card, >> using the PIN code, in the background, possibly remotely controlled >> over >> the network? > > There exist cryptographic smart cards you can actually be safe > against this kind of attack with. They're pretty cool.
How do they work? I'd expect them to have a button, to authorize signing or decryption, but without a display, you still have no idea what you really sign or decrypt. /Simon _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users