OMG, this thread has gotten completely out of hand. I will reply to my own message in an attempt not to add too much to the hate and discontent already present. This is exactly why I normally only lurk, rarely comment, and only ask a question when I absolutely have to. I'm sorry that I bothered. I was trying to be brief when I made the "key under the door mat" analogy. But, I stand by the idea that I believe allowing physical access to your private key is a very *BAD* idea. Given enough time and resources, any system can be compromised. I don't believe that smartcards are the answer to all security issues, but, I do believe that a smartcard can *HELP* to reduce *SOME* of potential exposure, especially if used in a reader with a built-in pinpad. If the idea of smartcards gets somebody to start asking questions about security, and doing *SOMETHING* about their security, aren't they much better off than before? Anyway, please just let this particular fork of this thread die, and forget that I tried to contribute, I won't make that error again.
On 04/08/2017 10:30 AM, Roy A. Gilmore wrote: > I've been watching this thread for a while, and felt the need to chime > in. Are smartcards (or USB tokens) a PITA? Sometimes. BUT, leaving your > private key on your laptop, tablet, or phone is about as secure as > leaving a spare key to your house under the door mat. I cringe every > time soft tokens are brought up. Laptops, tablets, and phones are > hacked, lost or stolen frequently. If a physical smartcard or USB token > seems like too much of an inconvenience, then your data probably isn't > worth taking the time to encrypt in the first place. How much is your > data worth to you? > > On 04/08/2017 01:29 AM, Robert J. Hansen wrote: >>> Smartcards are a pain in the ass. >> A funny but completely accurate way to put it: >> >> When your private key is on your laptop, you never put it through the >> wash by accident. >> >> (I can tell you from personal experience most smartcards handle being >> washed just fine, but the static charges they're exposed to in the dryer >> will often fry them.) >> >> Once you make a smartcard into a credit card, or a dongle you hang off >> your keychain, you open yourself up to some very interesting failure >> modes -- many of which you won't see coming. For instance, I once tried >> to pay for a hotel with my kernelconcepts card, because it was located >> adjacent to my credit card and I pulled it out by accident. >> >> _______________________________________________ >> Gnupg-users mailing list >> [email protected] >> http://lists.gnupg.org/mailman/listinfo/gnupg-users > > _______________________________________________ > Gnupg-users mailing list > [email protected] > http://lists.gnupg.org/mailman/listinfo/gnupg-users _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
