Robert J. Hansen
rjh at sixdemonbag.org
Sun Apr 9 17:26:39 CEST 2017
> Good point, and I agree to that for a very basic assessment. However,
> the assumption that only politicians and government employees holding
> a security clearance are targeted by Mossad & co is a thing of the
It never was true -- for decades the French DGSE surveilled on Airbus's
competitors, for instance.
But the point still stands. The attacks you're talking about are not
automated. They require significant per-target involvement from
highly-skilled technical talent, and once you posit you're being
targeted by people who have both technical talent and a budget you're
far outside the realm where a smartcard can save you.
There are definitely domains where smartcards make sense. I use a
smartcard not just because of high-value secrets, but because I use
several different computers. A smartcard means I have one copy of my
private key that I can safely share between rigs, without the risks that
come from each machine having a copy, putting my private key on an NFS
share, storing it on a USB drive, or any of the other ways to tackle it.
More information about the Gnupg-users