Secret key storage question

Bob Luckin bob at
Wed Jun 19 20:14:01 CEST 2002

On Wed, Jun 19, 2002 at 09:16:39AM +0200, Arno Wagner wrote:
> My personal assumption is that as soon as somebody can break 
> into my computer without me noticing very soon or somebody gets 
> physical access to my computer, the attacker is in. Doing 
> keyloggers in hardware or software is not that difficult. Not 
> araising my suspicion is also possible to do. I would not think 
> it needs the NSA for that.
> Only way around that would be encryption doen on a trusted 
> token, like a smartcard, which I would immediately miss if
> stolen.

But if someone has enough access to your machine to be able to setup a
keylogger, then could they not equally well set up something to log the
data coming off / going on to the smartcard when it is read/written ?
Then they wouldn't need to steal it.

Cheers, Bob

More information about the Gnupg-devel mailing list