Communication with card reader encrypted?
peter at digitalbrains.com
Sun Aug 26 11:31:13 CEST 2018
On 26/08/18 11:12, Felix E. Klee wrote:
>> I think you'll need to trust the cable anyway,
> Well, if the cable is soldered to the reader, then it’s much harder
> to tamper with. Swapping a replaceable cable requires much less
I meant: even if the communication were encrypted and protected against
men in the middle, you still cannot use a compromised cable, ever, since
the compromised cable will compromise your entire phone instead of the
So avoiding the need of a separate cable altogether is indeed a
possibility if you're concerned about this. However, you'll need to
avoid cables for anything you plug into your phone, not just for your
smartcard reader. If instead you just store your charger, its cable and
your smartcard reader together, you can use that one cable for both
charging your phone and using the smartcard reader. And clearly you'll
need to protect all these parts against tampering, not just the
smartcard reader, regardless of whether your smartcard reader has a lead
> [...] logging everything, for debugging of course. ;)
Nah, for getting back that data you accidentally deleted ;-).
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users