Smart card

Robert J. Hansen rjh at
Sun Apr 9 17:26:39 CEST 2017

> Good point, and I agree to that for a very basic assessment. However,
> the assumption that only politicians and government employees holding
> a security clearance are targeted by Mossad & co is a thing of the
> past.

It never was true -- for decades the French DGSE surveilled on Airbus's
competitors, for instance.

But the point still stands.  The attacks you're talking about are not
automated.  They require significant per-target involvement from
highly-skilled technical talent, and once you posit you're being
targeted by people who have both technical talent and a budget you're
far outside the realm where a smartcard can save you.

There are definitely domains where smartcards make sense.  I use a
smartcard not just because of high-value secrets, but because I use
several different computers.  A smartcard means I have one copy of my
private key that I can safely share between rigs, without the risks that
come from each machine having a copy, putting my private key on an NFS
share, storing it on a USB drive, or any of the other ways to tackle it.

More information about the Gnupg-users mailing list