Szczepan Zalega | Nitrokey via Gnupg-users wrote: > On 4/27/20 3:15 PM, Stefan Claas wrote: > > maybe interesting for some of you. > > > > I just noticed that, after installing Golang under Termux > > that Termux has also GnuPG already installed. > > > > https://ibb.co/hyG8q4Y > > > > Would people recommend using pure GnuPG on a smartphone, > > compared to a (compromised?) PC? > > > > I ask, because I have not read yet what attacks (remotely) > > are possible with smartphones, to obtain the secret keys. > > > > Any pointers to articles would be very welcome! > > > > Hi! > > I would not keep the secrets on the mobile, but rather offload the > computation to a simple device and communicate via USB/NFC. Reason is > that this is a complicated communication device, which has a big attack > surface. > Here is a fresh remote code exploitation done over Bluetooth for Android > 8/9 [1]. Fix was released in February 2020 as far as I see. > In the past there were some issues with the WiFi as well AFAIR. > > > [1] > https://insinuator.net/2020/04/cve-2020-0022-an-android-8-0-9-0-bluetooth-zero-click-rce-bluefrag/
Thanks for the info, much appreciated! I see in your address 'Nitrokey' and I was wondering (I have USB on my Samsung A40) that a Nitrokey USB device would work properly with my Termux set-up, i.e. Nitrokey drivers which must be detected via Termux, so that it would work? Are you aware of if this was ever been tested? Regards Stefan -- Signal (Desktop) +4915172173279 https://keybase.io/stefan_claas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
