In case you use OpenPGP on a smartphone ...

Andrew Gallagher andrewg at andrewg.com
Wed Aug 12 11:42:47 CEST 2020


On 11/08/2020 19:57, Stefan Claas wrote:
> So, to sum it up (I know you prefer Tails) would you agree that
> sooner or later the community should develop strategies, in form of a
> best practice FAQ (cross-platform), to no longer use encryption
> software on online devices and work out strategies to use offline
> devices and how to handle this data securely over to an online
> device, until proper and affordable hardware encryption devices for
> online usage are available?

The problem with best practices is that they are context-dependent. Any
FAQ that steps outside the purely technical domain into operational
security will be misleading at best, and outright dangerous at worst. I
am a Tails user, but I only use it for specific things - I don't boot it
up for my everyday work (that would be insane, given my job). But my
threat model is very different to that of others, so I would never
presume to tell them that my best practice should be theirs.

Hardware encryption devices are already plentiful. The problem is that
secure hardware comes at a huge cost in flexibility, meaning that only a
small part of our computing landscape will ever be "secure hardware".
That's why we have Yubikeys, smartcards, HSMs, Nitrokeys, etc. A small,
limited-functionality device is much more likely to be secure because it
is much easier to audit. Anything with the breadth of functionality of a
general-purpose computer will never be fully trustworthy. Your CPU is an
entire GP computer, buried in another computer. Same with your SSD
drive. A USB-C *cable* now has more computing power than the Apollo moon
mission. It's software all the way down.

No, you should not stop using encryption software on online devices.
That would be insane. We should be adding more encryption at multiple
levels, so that compromise of one layer of encryption does not mean a
compromise of the entire system. Defence in depth is the only long-term
sustainable strategy.

-- 
Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200812/a9b8d6d9/attachment.sig>


More information about the Gnupg-users mailing list