You know, if you had just said right from the start "I know that a smartcard is supposed to protect theft of the private key but what is the use of that given that they can still sign and decrypt", the discussion might have progressed a /lot/ quicker. Also, it doesn't help that you eloquently refute things people never said in the first place, and hence didn't need to be refuted.
I think the answer to it is the timespan, by the way. If I'm working on a compromised computer with a smartcard now, hackers can access my encrypted files and sign stuff with my key. But let's say in a week I will be using a new computer, then they will lose the ability to sign and can no longer decrypt any new documents encrypted to me. If they had compromised my PC with the keys on disk, they would have copied them, and as long as I use the key, they can access the data and sign new stuff as well. And given the many escalate-to-root security bugs that are constantly found and fixed, I do not think any software measure is going to prevent a determined attacker from gaining full control of your system once they get a hold of your user account. Your scenario of the attacker doing a key rollover, revoking your actual key and substituting their own, can be prevented by using an offline master key so the attacker only has access to the subkeys. Also, if I'm concerned this might have happened, I can check with my correspondents to see if they are under the impression I recently changed keys. Given a secure channel to them, I can detect this. It's not nearly as stealthy as simply copying the key material. The attack form popularized by the BadUSB people is a genuine problem; what if, by plugging in the card reader I used on a compromised PC into a clean PC, it immediately compromised that clean PC? Similarly, if I think I'm cleaning my PC from infection by wiping the hard disk, but the attacker modified the firmware of the hard disk, I'm still screwed, as shown by Sprite_TM on OHM2013. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
