Why trust gpg4win?

NdK ndk.clanbo at gmail.com
Fri Sep 13 09:19:10 CEST 2013 

Il 12/09/2013 23:10, Marko Randjelovic ha scritto:

> All the time I read suggestions on using USB sticks and I must say
> people are crazy about USB sticks. It is more convenient to use optical
> media then USB stick because they are read only. Boot from Live CD, not
> from USB stick and use USB stick only for data. In a desktop PC you can
> put two CD devices and boot Live CD from CD1 and write your data to
> CD2. You can use write-once media or rewritable media so you do not
> waste to much plastic.
It's just a matter of trust (and speed). After all, you need to take the
system image from "somewhere". That's probably the weakest link. Or, at
least, it's the easiest to compromise.

PS: I'll tell you a secret: there are USB keys with a "write protect"
switch :)

> If you write your data to CDROM, then it is much more safer to transfer
> data to another PC. It is much more complicated to make a virus that
> will insert itself into a CDROM then into a USB stick. Furthermore,
> such action would be odd and could be blocked by a security software
> like SELinux.
And maybe there's a buffer overflow in the ISO9660 driver that can be
exploited <g>. Hey, we're talking of the most tested codepaths (unless
you use some exotic filesystem)!

Maybe technical solutions for a social problem aren't always the right
answer?
You can *never* be 100% sure. No way. You can be "reasonably sure". You
can be "certifiably sure" (given that you define which kind of attacks
you think you'll be exposed to and find a standard to certify against).

I can be "reasonably sure" nobody will hack my machine just to read my
mail. Obama can be "reasonably sure" that *many* attackers will try. So
my scenario and Obama's one are "a bit" different, and require *greatly*
different solutions. I can't afford the costs and inconveniences of a
solution based on Obama's needs (and I'd be indeed quite stupid to try
to adopt it), and he can't afford the risk of a solution tailored on mine.

PPS: at least here in Italy a *completely offline machine* becomes
illegal after 6 months. Law dictates that every computer where personal
data is handled (and even a name and surname *is* "personal data")
*must* be updated *at least* every 6 months. And attacking your update
medium is probably easier than attacking the USB key.

BYtE,
 Diego.

More information about the Gnupg-users mailing list