In case you use OpenPGP on a smartphone ...

Stefan Claas sac at
Tue Aug 11 22:10:24 CEST 2020

Johan Wevers wrote:
> On 11-08-2020 17:18, Stefan Claas wrote:
> >> Why hardware? If a bug is found you can't upgrade it easily.
> > 
> > Because hardware can't be tampered with like software.
> If a hardware bug is found you're still lost. Even Apple has found out
> the hard way.

Yes, you are right. While I am no programmer I would assume that designers
of such little hardware devices, same as YubiKey or Nitrokey for example,
do not have to deal with a boatload of large software components, burned
into ROMS.

> >> On mobile, encrypted messengers are the norm. WhatsApp is the biggest,
> >> and it uses Signal's encryption algorithm which is excellent.
> > 
> > And you think that continuing with those is a good practice since
> > Mr Snowden's YouTube Video was released?
> It is a risk, but not a bigger risk than someone taking over your pc or
> laptop. Signal and GnuPG are both defenseless against that.

Yes, a risk, but at what price? I could imagine that many people do not
care to much if it hurts journalists or activists from foreign countries.

But how about cybercrimes in general?


my 'hidden' service gopherhole:

More information about the Gnupg-users mailing list