In case you use OpenPGP on a smartphone ...

ಚಿರಾಗ್ ನಟರಾಜ್ gpg-users at chiraag.me
Tue Aug 11 22:21:11 CEST 2020


Yubikey dealt with a mass recall only last year due to a bug in their firmware: https://www.engadget.com/2019-06-13-yubico-recalls-government-grade-security-keys-due-to-bug.html
-- 
ಚಿರಾಗ್ ನಟರಾಜ್
Pronouns: he/him/his

11/08/20 22:10 ನಲ್ಲಿ, Stefan Claas <sac at 300baud.de> ಬರೆದರು:
> 
> Johan Wevers wrote:
> 
> > On 11-08-2020 17:18, Stefan Claas wrote:
> >
> > >> Why hardware? If a bug is found you can't upgrade it easily.
> > >
> > > Because hardware can't be tampered with like software.
> >
> > If a hardware bug is found you're still lost. Even Apple has found out
> > the hard way.
> 
> Yes, you are right. While I am no programmer I would assume that designers
> of such little hardware devices, same as YubiKey or Nitrokey for example,
> do not have to deal with a boatload of large software components, burned
> into ROMS.
> 
> > >> On mobile, encrypted messengers are the norm. WhatsApp is the biggest,
> > >> and it uses Signal's encryption algorithm which is excellent.
> > >
> > > And you think that continuing with those is a good practice since
> > > Mr Snowden's YouTube Video was released?
> >
> > It is a risk, but not a bigger risk than someone taking over your pc or
> > laptop. Signal and GnuPG are both defenseless against that.
> 
> Yes, a risk, but at what price? I could imagine that many people do not
> care to much if it hurts journalists or activists from foreign countries.
> 
> But how about cybercrimes in general?
> 
> https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
> 
> Regards
> Stefan
> 
> --
> my 'hidden' service gopherhole:
> gopher://iria2xobffovwr6h.onion
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - gpg-users at chiraag.me.asc.pgp
Type: application/pgp-key
Size: 651 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200811/5cc49930/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 233 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200811/5cc49930/attachment.sig>


More information about the Gnupg-users mailing list