-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 19-10-2011 17:54, Peter Lebbing escribió: > On 19/10/11 22:43, Faramir wrote: >> Ok, but if the online computer uses Windows, and the offline one >> uses Linux, then it would be a multiplataform trojan horse... >> that is not likely to be a common case. > > Define your threat model... are we talking random trojan infection > or a focused attacker trying to gain your key? Because in the > latter case, I hardly think commonality matters.
You are right, I was thinking about random trojan infection (maybe not 100% random, since a private key stealing trojan would be focused on OpenPGP users, rather on average users). But if somebody wants MY private key, then probably there would be an attack involving picking my lock, infecting my BIOS, or some other 007-like activity. But in that case, the victim might be involved in some organization that should develop policies to deal with that risk. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJOnzyeAAoJEMV4f6PvczxA7eEH/j3wjkHNcwPNd2hSz1NXmIl0 KCMkE2H2BEqS19AhpDMmYdB4EVddDsDJg1rLa7W+he5o/4g6WPueLoeeh+Rqbj0T IZCNN6KlVWgZ2P9JLt9cc5H9TVU1f3O1HtJUThwQJfsFygDBrk/HqpTvsJcXqU51 yAd2aw2gudI8FtJAz5hawRMABzIKObH3wJGbpQfVR1ih91zsjisPCJXt+4grwg2b lxTS2tR8RnuZJPkmmBZTyAKNkapdGnJ2BiXPKYY8rqtPzM035hqDlsiVAHvea0ie UYtOkTVXGVgW0xQlXY/0j4HKBm/xuNltUiZPja8EIGV2KMvoV16iYmCVa5CpURc= =MJed -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
