Why trust gpg4win?
Jan
takethebus at gmx.de
Fri Sep 13 11:33:44 CEST 2013
09/12/2013 22:03, NdK wrote:
> You really should define your "security perimeter".
09/13/2013 09:19, NdK wrote:
> I can be "reasonably sure" nobody will hack my machine just to read my
> mail. Obama can be "reasonably sure" that *many* attackers will try.
My "security perimeter" should be "equal" to the maximum of the "security
perimeters" of my usual communication partners. That is so because with
their private key they protect my mail and with my private key I protect
their mail. What is "usual" is not always easy to determine. Lets say I'm
looking for the maximum of security an average user can achieve with common
hardware. This user is willing to do some inconvenient things like reboot,
burn CDs or wait.
Generally I distrust certain hardware like smartcards or HSMs because they
are main targets for secret services, who have a lot of money. Recently I
red about this intersting (English/German) article on FBI backdoors in
openBSB and scmartcards:
http://www.h-online.com/open/news/item/FBI-back-door-in-IPSec-implementation-of-OpenBSD-1153297.html
http://www.heise.de/newsticker/meldung/FBI-Backdoor-in-IPSec-Implementierung-von-OpenBSD-1153180.html
It should be possible to create a rather secure system using "norml
technoligies" (CDs, offline PCs etc.) which are harder to target by secret
services. If you manage to have a rather secure file transfer between an
online and an offline PC, the only security relevant technology you need to
focus on is gnuPG itself. Some people read the source code to check its
integrity but are there people who focus on its output? To me this is a very
important point. I'm not sure how this could be done in practice, but I was
thinking about someone who knows the theory of RSA etc. and who "manually"
encrypted a text and would compare that with the output of gnuPG to see
whether the two results match. Some other approach might be to compare the
output of several versions of gnuPG, PGP etc.. This way you could check
whether the information was secretly decrypted with a second "FBI key". This
is even possible for someone how is no programer. Do you think checking the
output in that way is useful?
Kind regards,
Jan
More information about the Gnupg-users
mailing list