What am I missing? (Again)

listo factor listofactor at mail.ru
Thu Mar 31 03:41:06 CEST 2016


On 03/30/2016 12:16 PM, listo factor - listofactor at mail.ru wrote:

 > I do not use this device, so I am wondering...

There was a quite a few posts following my question, but
unfortunately those quickly drifted off to the aspects of this
case (good/bad government(s), compelling rich/poor vendor(s)...)
that are of no interest to me, and also clearly OT for this list,
and none provided the answer.

Let me condense and try again:

1) Is it correct that this particular device maker designed a
sophisticated hardware-based system with the specific purpose of
thwarting the brute-forcing of ridiculously low-entropy user's
secret?
Yes/no?

2) Is it possible for the user to circumvent the potential problem
of the device maker cooperating with his adversary to by-pass this
protection, simply by using a pass-phrase of an appropriate length?
Yes/no?

Is anybody on this list user/owner of this device? (as I am not).
Can anybody answer (1) and/or (2) with "yes" or "no"? I really
would like to know the answer...





More information about the Gnupg-users mailing list