Karl wrote: [...]
After finding a good candidate airgapped device, you'll want to be careful with how you use it. Remember, whenever a new vulnerability is found, trojans cover the world taking advantage of it, and then try to find a way to hide inside the corners of all the systems they find. So, any drive you put in your new device, anything you plug into it, any update you apply, could be filled with computer-measles that would find a way to trick it into giving remote control to them. Keep it isolated until you have things set up for use.
The next step after getting a reasonable airgapped device, maybe a pi zero, and ideally keeping it isolated, would be to install gnupg on it. Maybe in a forthcoming email!
GnuPG should be already installed with Linux (Raspberian OS etc.). The thing I would like ask you, how would you communicate securely with your air-gapped device? What I did in the past was to install on the online device and offline device the free (cross-platform) software CoolTerm and I connected both devices with an FTDI USB to USB cable, so that I could do serial communications and was also able to see how many bytes (from a PGP message) was transfered. Another approach I am currently playing with is to play with NFC tags and a reader/writer device, which can be used offline as well. Regards Stefan -- NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675 The computer helps us to solve problems, we did not have without him.