Generating and storeing keys on usb pen
Robert J. Hansen
rjh at sixdemonbag.org
Wed Apr 25 18:04:31 CEST 2007
> Thieves usually don't steal USB pen drives; there is almost no
> market for
> stolen USB pen drives.
Professional thieves, no. On the other hand, living on a college
campus I've seen tons of thumb drives get stolen. Someone leaves
their drive on a table for a few minutes while they're off in the
bathroom, someone else walks along and--"hey, free drive. I can use
one of these."
There are far, far more thieves of opportunity in the world than
there are professional thieves.
> Keeping your keys on a USB pen drive has the additional benefit that
> you can use them on multiple machines without having multiple copies
> of the keys and the problems inherent with keeping the multiple copies
> of your keys in sync.
USB is a peer to peer protocol; it requires substantial computing
power on both ends of the connection. I'm just waiting for the first
virus which targets common USB drives; it would rip through colleges
and workplaces like wildfire.
It seems unwise to advocate plugging USB drives into multiple
machines unless you're comfortable with the idea your drive may be an
infection vector. And frankly, I don't want my keys to be on the
same token as a token which is going to be shared around a large
number of computers, not all of which I will control.
> The thrust is that a USB pen drive is no better than a lap-top.
In some respects it is probably worse.
More information about the Gnupg-users