"general purpose OS is fundamentally inadequate for trusted operations"
Robert J. Hansen
rjh at sixdemonbag.org
Mon Apr 24 02:42:45 CEST 2017
> No, that is *one of* the game-over conditions; it is not *the* game-over
> condition.
[a lot of stuff I agree with snipped]
Please re-read the thread. You'll see you're agreeing with Peter
Lebbing and me. We've consistently maintained smart cards are useful in
a number of use cases and threat models -- but they do not rise to the
level listo is ascribing to them.
> There are a
> few possible attacks that the use of a smartcard mitigates, and
> therefore a smartcard key *is* more secure than a non-smartcard key
No. It's more secure *only if those attacks are within your threat
profile*.
Wearing a parachute gives me additional security against, say, aircraft
disasters. But if I don't fly anywhere, it's just an inconvenience
which offers me no additional security.
More information about the Gnupg-users
mailing list