On Thu 2015-01-22 13:44:12 -0500, Robert J. Hansen wrote:
>> To prevent such an attack, I imagine a device where I have to
>> confirm every transaction with a simple push on a hardware button.
[...]
>
> Once you lose control of the hardware, you're done.
The attack you describe is significantly more complex and more visible
than the attack the original poster outlined.
Yes, in the long run, if you can't trust your endpoint, you can be
compromised.
But this is a game of defense in depth, and the proposed changes seem
like a useful step in raising the bar for an attacker.
--dkg
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
