How to enable ack button functionality on FST-01sz
Werner Koch
wk at gnupg.org
Thu Jan 7 10:49:36 CET 2021
On Wed, 6 Jan 2021 21:31, Mark Debian said:
>> BTW, Forcing a user to enter the Admin-PIN is pretty easy. Just let
>> the> malware use up the the PIN along with some social engineering
>> and most> users will enter the Admin PIN to unblock the PIN...
>
> However education can protect against that threat. Only ever use the
Yes with proper SecOPs training you could do that but that also involves
a lot of other procedures, hardware and people. The reality is
different.
Even with a touch-to-sign button you still don't known what you actually
sign or whether the displayed PDF is the PDF actually sent out. A
compromised box is a game-over condition. Tilt. Restart from scratch.
You _may_ not need to re-boot your public key infrastructure due to the
token, though.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnuk-users/attachments/20210107/dce78bbf/attachment.sig>
More information about the Gnuk-users
mailing list