In case you use OpenPGP on a smartphone ...

Stefan Claas sac at
Wed Aug 12 00:24:23 CEST 2020

vedaal at wrote:

> There is already a simple existing solution.
> [1]  Encrypt and decrypt on a computer that has internet hardware disabled.
> [2] Use an Orbic Journey V  phone that gets and sends *only text*
> [3] Use a microsd expansion card on the orbis phone
> [4] set up the phone to save encrypted texts on the microsd 'storage' card
> [5] Take out the microsd card and use a card reader in the computer in [1] transfer text only (encrypted or decrypted) 
> Any file can be sent as encrypted text by using the armor option -a on the GnuPG command line.
> (this includes audio, video .jpg, .png, pdf,  etc.    literally any and all possible file types.)
> Even if the Orbic uses the *unknown* system, if your are encrypting and decrypting on a separate air-gapped computer, and
> transferring only text to a microsd, it is hard to see how it can be compromised. (Yes *Anything* can happen, but without
> evidence, there is no end to paranoia)

(I only replied to you and not the list)

Thanks for the detailed description, much appreciated!
> It is not the place of the FAQ to solve the transmission issues of an already perfectly formed GnuPG encrypted .asc file.
> The manual and/or FAQ, tells how to use GnuPG to encrypt or decrypt the file, and armor it.
> The rest is up to the User's threat model.

Well, yes and no. It should be a least discussed and if to many people write from old FAQs new tutorials then
new users will never know these dangers, when using online devices.

> (btw,   
> There is, [afaik], no protection available in GnuPG
> against a Clairvoyancy attack vector on an encrypted file even in an air-gapped computer,
> and there is a rumour that any Witch or Wizard can instantly behold the plaintext of an encrypted message 
> by flicking a wand at it, and using the simple charm   'Revelato'    )      

I think I know what you mean. But I think it does not scale well for the masses due to manpower shortage.

> but not really in my threat model   8^))))

Mine neither. :-)


my 'hidden' service gopherhole:

More information about the Gnupg-users mailing list