<html><head></head><body><div class="ydpc259626byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
<div><br></div><div dir="ltr" data-setdir="false"><div><div>> Even with a touch-to-sign button you still don't known what you actually</div><div>> sign or whether the displayed PDF is the PDF actually sent out. A<br></div><div><br></div><div dir="ltr" data-setdir="false">Hmm. I guess not.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false"><br></div><div>> compromised box is a game-over condition. Tilt. Restart from scratch.<br></div><div>> You _may_ not need to re-boot your public key infrastructure due to the<br></div><div>> token, though.</div></div><div><br></div><div dir="ltr" data-setdir="false">Yes.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">It sounds like you really need a smartcard with a built in touch screen for entering the PIN and also displaying confirmation about just what you are signing.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Is there any device like the NGrave device for use with GnuPG which is air gapped and achieves the cryptographic signatures through scanning QR codes or the like?</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Regards,</div><div dir="ltr" data-setdir="false">Mark.</div><div dir="ltr" data-setdir="false"><br></div><br></div>
</div><div id="yahoo_quoted_0533709547" class="yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Thursday, 7 January 2021, 07:50:12 pm AEST, Werner Koch <wk@gnupg.org> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div dir="ltr">On Wed, 6 Jan 2021 21:31, Mark Debian said:<br clear="none"><br clear="none">>> BTW, Forcing a user to enter the Admin-PIN is pretty easy. Just let<br clear="none">>> the> malware use up the the PIN along with some social engineering<br clear="none">>> and most> users will enter the Admin PIN to unblock the PIN...<br clear="none">><br clear="none">> However education can protect against that threat. Only ever use the<br clear="none"><br clear="none">Yes with proper SecOPs training you could do that but that also involves<br clear="none">a lot of other procedures, hardware and people. The reality is<br clear="none">different.<br clear="none"><br clear="none">Even with a touch-to-sign button you still don't known what you actually<br clear="none">sign or whether the displayed PDF is the PDF actually sent out. A<br clear="none">compromised box is a game-over condition. Tilt. Restart from scratch.<br clear="none">You _may_ not need to re-boot your public key infrastructure due to the<br clear="none">token, though.<br clear="none"><br clear="none"><br clear="none">Shalom-Salam,<div class="yqt7477724904" id="yqtfd63439"><br clear="none"><br clear="none"> Werner<br clear="none"><br clear="none"><br clear="none">-- <br clear="none">Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.</div></div></div>
</div>
</div></body></html>