If you use a program with a vulnerability that is exploited, then the attacker may be able to read your files in your home folder (no need for root permissions) including your private GPG key. With that *private GPG* key, the attacker can then usurp your identity (e.g., sign emails) and decrypt encrypted messages that were addressed to you.
My post was not clear (possible confusion between "Nitrokey" and "GPG private
key"):
- [Trisquel-users] anyone heard of nitrokey? calmstorm
- Re: [Trisquel-users] anyone heard of nitrokey? calmstorm
- Re: [Trisquel-users] anyone heard of nitrokey? moxalt
- Re: [Trisquel-users] anyone heard of nitrokey? calmstorm
- [Trisquel-users] Re : anyone heard of nitrokey... lcerf
- Re: [Trisquel-users] anyone heard of nitro... greatgnu
- [Trisquel-users] Re : anyone heard of... lcerf
- Re: [Trisquel-users] anyone heard of nitro... j1
- Re: [Trisquel-users] anyone heard of nitrokey? calmstorm
- Re: [Trisquel-users] anyone heard of nitrokey? greatgnu
- Re: [Trisquel-users] anyone heard of nitrokey? blade . vp2020
- Re: [Trisquel-users] anyone heard of nitro... greatgnu
- Re: [Trisquel-users] anyone heard of ... calmstorm
- Re: [Trisquel-users] anyone heard of ... blade . vp2020
- Re: [Trisquel-users] anyone heard... greatgnu
- Re: [Trisquel-users] anyone heard of nitrokey? zwiebel444