Crypto device where I need to confirm every operation?

Robert J. Hansen rjh at
Fri Jan 23 04:15:11 CET 2015

> I was referring to exactly that - *somebody else* having "complete 
> control" over your hardware, remotely.  There are degrees of that...

There aren't.  It's like saying someone's a "little bit pregnant".  You
have complete control, or you have less-than-complete control.  There
are degrees of less-than-complete, but not complete.

The name of the game is prevention, detection, and recovery: prevent
compromises from occurring, detect them when prevention fails, and
recovery to a known-good state.  In electronic voting we liked to have
multiple orthogonal PDR; the idea of somehow persisting in operations
after complete compromise was always seen as a fool's errand.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20150122/4370c74c/attachment.bin>

More information about the Gnupg-users mailing list