Why trust gpg4win?

NdK ndk.clanbo at gmail.com
Tue Sep 10 15:18:51 CEST 2013

Il 10/09/2013 14:19, Werner Koch ha scritto:

>> First error: USB is *not* a peer protocol. It's master-slave. FireWire
>> is a peer protocol.
> However, that is implemented by computers at boths ends and the software
> there may have backdoors or explotable code which coult be used for all
> kind of tricks.  Look only at the trend to use HID as simple driver-less
> way to connect about anything to a computer.  Emulated keyboard which
> sends ANSI control codes to take over your box without you noticing?
Uh? "Whithout you noticing"? For sure you know more than me, but to my
knowledge an USB keyboard only sends key scan-codes (not ANSI sequences,
that's why you need to set the keyboard language). And if you have an
open app chances are that you will see keystrokes there.
Sure, it could send a 'win' keypress+release event, but that wouldn't
work (or at least it wouldn't be "unnoticed") in every other SO.

Probably it's "easier" (or at least more effective and less
user-noticeable) to target the USB stack using non-conformant packets
(where buffer overflows might eist). That would give much more time to
try different vulnerabilities before getting caught.

PS: one of the ideas that could "easily" be implemented on FST-01 is a
TOTP password generator that auto-types the code when you press its button.

>> You'd be exposed nearly to the same attack vectors. Plus some more (the
>> ones that handle the extra layer), so you'd have to check more code.
> So what about using that free USB stack for AVR's to implement a flash
> device?  You would be able to audit about everything; flylogic even has
> these nice pictures of the ATmega88 masks...
Sorry, I don't follow your reasoning here.
Pete proposed to use an USB-to-Serial interface to avoid attacks against
the USB stack on the PC. Why should an AVR be used to implement a flash


More information about the Gnupg-users mailing list