|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Robert, >> Since we know that our computers are being hacked so often by >> persons and organisations that are curious about our >> communications... > Do we? That seems like rather a leap to me. ... If you're doing something high-risk then yes, > ... Yes we do. Encryption is not only for those who are doing something highly risky, but for all who have to protect secrecy for their own good or for their profession. We are technology developers who communicate with patent attorneys, we are patent attorneys who communicate with patent bureaus, we are medical practitioners who communicate with patients and with colleagues, we are legal advisers, we are ..., we are who we are and we have secrets, and there are those who want to know those secrets. >> Is it a good idea to store our private keys on a USB stick instead of >> having it permanently operational inside Enigmail or GPGWin etc.? > No. USB is inherently broken as far as security goes. If you want to > go this route, use a smartcard. I do not get your point here. My proposal is to operate the keyring from a USB stick. What is the difference with operating it from a smart card? If a smart card gets lost, it can be used by the finder if she knows the pincodes. Doesn't the same apply to a USB stick? Best regards, Roland On 06/08/2014 13:52, Robert J. Hansen wrote: > On 8/6/2014 6:44 AM, Roland Siemons wrote: >> Since we know that our computers are being hacked so often by >> persons and organisations that are curious about our >> communications... > > Do we? That seems like rather a leap to me. There are a couple of > *billion* home computers on the internet right now: even if you assume > tens of thousands of high-end attackers who want to compromise your > communications, it seems unlikely that they would be able to target a > significant fraction of those couple of billion. > > If you're doing something high-risk then yes, you should definitely be > extremely concerned about someone compromising your system in order to > read your email traffic. But otherwise, the people compromising your > system are generally more interested in sending spam than reading your > email. > > By all means, use OpenPGP to secure your email traffic. I think it's a > good idea. But let's try and keep our paranoia connected to reality, > okay? :) > >> a good idea to store our private keys on a USB stick instead of >> having it permanently operational inside Enigmail or GPGWin etc.? > > No. USB is inherently broken as far as security goes. If you want to > go this route, use a smartcard. > > > > _______________________________________________ > enigmail-users mailing list > [email protected] > To unsubscribe or make changes to your subscription click here: > https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJT4i4rAAoJEK7sXi7Ydij1xOAIAIJnkayIPftn3t/lnKgn3fU9 ov30KNCa5+wc6qQZSCsEWwUXFjU6C4u5pwrjYOWD0agtsbl9WSO6R847TzOoRFeK DfBOxbOkeMe4cBOKpoEEF+z3EZZFvyxWlCi6qtLYWZQAZpsK3pOW0oJ4JjRHh8vJ D4n54GiVyqdE+77HE5LiYI4oyAVEqqTeLwwJxUa7g9SwqgXBqvjOtKBS13i73CYs PrUDC2AnDSuRHOlpYd+QlFbBDIuc1c+UsFbPzSKdep9o2GrfvzpYRaGcR4ILdN7u 73SCNLcWPRO8HtzMgZ9ug5oezVJPG56qsqsUe+nJAn5MfMzq0TK0+e3l0VuCY1Y= =99zU -----END PGP SIGNATURE----- |
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
