[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: smartcard configuration in openbsd
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: smartcard configuration in openbsd
- From: "Arvid Grøtting" <arvidg_(_at_)_netfonds_(_dot_)_no>
- Date: Fri, 29 Nov 2002 18:51:12 +0100
- Cancel-lock: sha1:V/EApSozur1MRYoojg1rpMMSCPg=
- Mail-copies-to: never
- Organization: No such thing.
Ben Goren <ben_(_at_)_trumpetpower_(_dot_)_com> writes:
> That does you no good if the keylogging is done in the OS rather
> than keyboard firmware.
That's a fundamental problem with smart-card readers without built-in
PIN pads. Smart-card systems relying on PINs should have PIN pads in
the readers, as trusted hardware. You could still be vulnerable to
some MITM scenarios involving a trojan horse on the host computer
acting as middle-man *with* a PIN pad, of course.