On Thu, Feb 07, 2013 at 10:03:30AM -0000, refresh...@tormail.org wrote: > I have no reason to believe my system is compromised. Taking security very > serious. Otherwise I wouldn't bother posting here. :) > > That sounds like a oxymoron. How can I be REALLY sure my system isn't > compromised? Mail clients and browsers are major attack surface and a > device exposed to internet can not be as secure as a small single purposed > device. > > > It makes no sense to me to believe that it's somehow possible to have a > > dongle that you can plug into a compromised PC to make it safe (or > > safer) to sign with. > > I think if designed right it works. This implies the compromised machine > can not attack the text reading and gpg signing device.
If designed right, your machine won't be compromised. But this is obviously a very hard problem. If your signing device interprets mail, doesn't it become part of this "major attack surface"? And if it only interprets ASCII, how does it differentiate between signing ASCII and signing Unicode, possibly including RLO chars? I'm not sure that such a signing device can be designed simple enough to be immune to advanced attacks and still be useful. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users