In case you use OpenPGP on a smartphone ...
sac at 300baud.de
Wed Aug 12 13:51:37 CEST 2020
Andrew Gallagher wrote:
> On 11/08/2020 19:57, Stefan Claas wrote:
> > So, to sum it up (I know you prefer Tails) would you agree that
> > sooner or later the community should develop strategies, in form of a
> > best practice FAQ (cross-platform), to no longer use encryption
> > software on online devices and work out strategies to use offline
> > devices and how to handle this data securely over to an online
> > device, until proper and affordable hardware encryption devices for
> > online usage are available?
> The problem with best practices is that they are context-dependent. Any
> FAQ that steps outside the purely technical domain into operational
> security will be misleading at best, and outright dangerous at worst. I
> am a Tails user, but I only use it for specific things - I don't boot it
> up for my everyday work (that would be insane, given my job). But my
> threat model is very different to that of others, so I would never
> presume to tell them that my best practice should be theirs.
> Hardware encryption devices are already plentiful. The problem is that
> secure hardware comes at a huge cost in flexibility, meaning that only a
> small part of our computing landscape will ever be "secure hardware".
> That's why we have Yubikeys, smartcards, HSMs, Nitrokeys, etc. A small,
> limited-functionality device is much more likely to be secure because it
> is much easier to audit. Anything with the breadth of functionality of a
> general-purpose computer will never be fully trustworthy. Your CPU is an
> entire GP computer, buried in another computer. Same with your SSD
> drive. A USB-C *cable* now has more computing power than the Apollo moon
> mission. It's software all the way down.
Thank you very much for your reply, much appreciated!
> No, you should not stop using encryption software on online devices.
> That would be insane. We should be adding more encryption at multiple
> levels, so that compromise of one layer of encryption does not mean a
> compromise of the entire system. Defence in depth is the only long-term
> sustainable strategy.
While I personally stopped using online encryption, long ago, after my
Linux system was hacked, I like to mention (in case people do not know)
that YubiKeys and Nitrokeys allow also login-in protection via 2FA and
that than sudo usage requires also tapping on the YubiKey, besides pw
usage. Not sure if it is the same procedure with a Nitrokey.
my 'hidden' service gopherhole:
More information about the Gnupg-users