GPG on Android
Juergen Bruckner
juergen at bruckner.tk
Mon Nov 5 12:32:08 CET 2018
Hi Werner
I know its not the perfect setup, but it is practicable for me, and as i
usually just work with subkeys i feel on a more safe side with this.
Tokens are always a good idea, and if anyone can use them its
recommended to do it that way.
There are good reasons why GPG supports Tokens/Cards by default ;)
best regards
Juergen
Am 05.11.18 um 10:41 schrieb Werner Koch:
> On Sun, 4 Nov 2018 23:20, juergen at bruckner.tk said:
>
>> I for myself did configure MailDroid that way, that for each
>> crypto-operation, decrypt, sign, encrypt I have to enter my passwort
>> each time.
>
> That does not help. A bugged phone will for sure employ a keylogger and
> thus you can also work without a passphrase. To protect your key you
> need to move the key to a separate hardware device (aka token). This
> may not help to protect you messages but at least you token must be close
> to the device so that an attacker can make use of your keys.
>
>
> Shalom-Salam,
>
> Werner
>
>
--
Juergen M. Bruckner
juergen at bruckner.tk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3894 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181105/30b91ad4/attachment.bin>
More information about the Gnupg-users
mailing list