Talking about Cryptodevices... which one?
Peter Lebbing
peter at digitalbrains.com
Thu Feb 5 10:38:29 CET 2015
On 04/02/15 23:12, Matthias-Christian Ott wrote:
> You could protect against this scenario by signing the firmware.
Yes, you /could/. However, we were talking about Rainer smartcard readers, which
/don't/.
I think we're really not having the same discussion here...
> I didn't make this argument.
... as I didn't intend to say you did, but I thought we were discussing this
argument made by Werner.
I think I see some source of confusion. You wrote:
> You speculated that Rainer SCT might cooperate with the German intelligence
> agency BND. You gave the following reason for your suspicion:
> "microcontrollers are smaller and writing malware for them is harder".
I never read it that way. To me, it were two spearate arguments, one on how
trustworthy Rainer appears in its dealings, and the other on the hackability of
their hardware. So I might have misinterpreted what you wrote following that.
Oh, by the way:
> But will a smartcard solve the problem that the host computer might be
> infected with malware?
I'm absolutely sure nobody made that claim. More miscommunication galore? ;)
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list