On 10/17/11 5:18 PM, takethe...@gmx.de wrote: > what is the best way to protect your private key from getting > stolen?
Smartcard and a good PIN. That's pretty much the gold standard. It's not the best way (there is no 'best way'), but it's generally an excellent place to start from. > 1. Using gnupg on a windows PC with internet connection is not good, > because there are too many trojans out there. Let's be cautious here: if using GnuPG on a Windows PC with an internet connection is not good, then using GnuPG on a Linux machine with an internet connection is not good, either. Turenne once wrote, "when a general makes no mistakes in war, it is because he has not been at it long." The same can be said of system administrators: when a sysadmin has never lost a box to an exploit, it is because he or she has not been at the job very long. > 2. Using gnupg on a linux PC with internet connection (like privatix, > see http://www.mandalka.name/privatix/index.html.en ) is better since > there are fewer(?) security holes and trojans out there. I emphatically disagree with this. > 3. The best way "The best way" is almost always a misnomer. Everyone has different needs and is targeted by different threats: what's "best" for you will likely be very bad for someone else. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
