"general purpose OS is fundamentally inadequate for trusted operations"
Robert J. Hansen
rjh at sixdemonbag.org
Sat Apr 22 19:01:12 CEST 2017
> Smart card is not the device authors discuss in that paper, but it is
> a small, evolutionary step toward it.
Not really. What's the trusted device in the system? It's still the
desktop PC. A compromise there leads to so many different and
catastrophic attacks that it needs to be called a game-over.
> It is the best that many users who agree with the quoted sentence
> have at their disposal at the moment. It might not prevent all
> imaginable attacks, but it could prevent enough of those to make it
> worth deploying.
No. The game-over condition without a smartcard is, "my computer gets
compromised by an attacker." The game-over condition with a smartcard
is, "my computer gets compromised by an attacker."
There are *some* use cases where smart cards lead to better risk
mitigation. But as a general rule, no, smart cards are not ready for
More information about the Gnupg-users