On 16/08/12 10:29, gn...@lists.grepular.com wrote: > It can attempt to initiate decryption/signing, but it still requires the > user to enter their pin, so some sort of social engineering is also > required. It could wait for you to try to decrypt/sign something, and then > send some alternative data to sign/decrypt to the reader instead, but at > least the user would see that something went wrong, and that would only > work for one sign/decrypt operation.
This is correct for signing, when using the "signature force PIN" flag. Unfortunately, there is no equivalent flag for encryption (or authentication), so once a user has entered the PIN, the malware can just request additional decryptions and authentications. The user probably won't notice. A LED on the reader might flash when accessing the card, but if you do those additional encryptions and authentications directly after a user-initiated action, they probably won't notice that it flashes for a little longer than normal. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
