Working with an Online and Offline Computer when using GnuPG - Best Practice?

Whitey whitey at
Tue Oct 10 17:39:00 CEST 2017

Pete Stephenson wrote:
> On Mon, Oct 9, 2017, at 06:53 PM, Stefan Claas wrote:
>> I read once here on the Mailing List that one should only use
>> trusted USB devices, whatever that means, when using an USB
>> device.
> If you must use USB devices for some reason, take a look at the
> <>
> flash drive.
> It's designed specifically to protect against "badUSB", where the
> controller and firmware can be compromised. The controller has the
> developer's public key baked in during manufacture. The firmware is
> signed and can only be loaded once (no provision is made for
> in-the-field firmware updates). The controller verifies the firmware and
> its signature at every power-on. If a malicious actor had physical
> access and re-flashed the firmware, the controller would notice and fail
> to load.
> It also has a physical write-protect switch that can prevent unwanted
> writes.

Since a flash drive is a read/write device, when would writes be
unwanted?  When should I use this?


More information about the Gnupg-users mailing list