More secure than smartcard or cryptostick against remote attacks?

Peter Lebbing peter at
Wed Feb 6 13:45:29 CET 2013

On 06/02/13 11:37, Hauke Laging wrote:
> Then you can (safely...) copy the data to several PCs and have them show you
> both the file hash and the document (in that order). Hoping that at least one
> of the PCs is not compromised.

In my other mail I got kinda hung up on manual verification but forgot about
this part of your mail :).

I think what you propose is a completely different topic/solution.

You seek security in numbers: hope one of the many PC's isn't compromised. The
device proposed by OP/by me seeks security in being restricted and simple. And
also takes a whole lot less of effort to use ;).

I don't really believe in the security in numbers, by the way. Seems too
stochastical. If the attacker can attack all but one of the many, why not the
last one? Yes, you reduce the odds, but I prefer more determinism.

But let's stick to the e-mail signing in this thread, or the discussion will get
very unfocused and hard to follow. If you want to continue anyway, could you
please change the Subject: line?


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list