> Sorry, not any more. Look at the online-banking fraud business. > Automated credential stealing tools from simple keyloggers to > sophisticated maleware such as from the Zeus family are available on > a pay-and-play basis.
I've seen some truly scary malware, and I'm not seeing the level of sophistication you're talking about except from nation-state actors. GnuPG certificates aren't targeted by mass-market malware because there aren't enough GnuPG users to be worth targeting. Malware that targets online banking, though ... that's worth constructing specialized malware to target. > I thought your private key is so well encrypted that your can publish > it in a news paper? It is. Those aren't the risks I'm talking about. Why don't I want to store the private key on multiple computers? Because a good rule of thumb in a forensics lab is "store the minimum personal data possible on your systems". Why don't I want an NFS mount? Because these computers need to be isolated. Why don't I want to use a USB drive? Because USB is a critical vector for malware, and as such USB devices are closely controlled and monitored. Etc., etc. Standard fare for a forensics lab. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users