Am Montag 06 Dezember 2010 20:21:36 schrieb Marcio B. Jr.: Sorry, spam filter...
> Hello, > sorry for this insistence. I just want to get it clearly. > > So, you mean those devices certainly protect information better than a > regular computer (even if making proper use of disk encryption > software)? In general that is correct. In detail that depends on the kind of attack and the computer usage. If the computer has a network connection with not completely secure systems then the discussion ends at that point. Disk encryption does not protect against online attacks. With regard to every normal PC a smartcard is the better solution. You need a hardware attack in order to get keys out of a smartcard. If you can spend millions of dollars for that then it's possible. If you have an offline PC which never runs complex software with data from outside then disk encryption can be even safer than a smartcard. If the integrity of the hardware is not an issue and only obvious attacks are an issue (stealing and siezing) then only software attacks against the disk encryption are possible which can easily be made as hard as the key itself (making an attack a waste of time, no matter how much money you throw at it). But can you be sure that this is the only kind of attack? ;-) It would usually be much cheaper to get access to the system and manipulate the hardware, with a hardware keylogger e.g. than to get a key out of a smartcard. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
