On Sat, May 13, 2017 at 02:55:12PM -0500, Andrew David Wong wrote: > > you really dont protect your gpg key with a passphrase?? > See: https://www.qubes-os.org/doc/split-gpg/
oh wow :(
> Why is that a problem? It's only visible in dom0. If an attacker is in
> dom0, it's already game over.
no, the world is not black and white.
If an attacker steals your computer while it's unlocked, all your gpg
encrypted stuff is wide open.
If an attacker steals my computer while it's unlocked, my gpg encrypted
stuff is still locked. Surely the attacker can now install as many backdoors as
they want, but as long as I don't type my gpg passphrase into that computer
anymore, it should be pretty safe.
--
cheers,
Holger
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/20170514085123.GC13184%40layer-acht.org.
For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Digital signature
