[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: smartcard configuration in openbsd

Ben Goren <ben_(_at_)_trumpetpower_(_dot_)_com> writes:

> That does you no  good if the keylogging is done  in the OS rather
> than  keyboard firmware.

That's a fundamental problem with smart-card readers without built-in
PIN pads.  Smart-card systems relying on PINs should have PIN pads in
the readers, as trusted hardware.  You could still be vulnerable to
some MITM scenarios involving a trojan horse on the host computer
acting as middle-man *with* a PIN pad, of course.