Use of any online or digital programs and/or devices for comsec/infosec should be avoided unless completely enclosed and transmitted with non-online or non-digital means. There are a number of non-onlne and non-digital means available, the first and most reliable is your brain so long as it is not contaminated with belief in online and digital prejudice now over a century in promulgaton. The principal efforts for this promulgation is computers, coding, obfuscation, propaganda, arcanity, scientism, residual astrology, confidence gaming, spouting mantras, i.e., "cypherpunks write code." https://www.google.com/search?q=cypherpunks+write+code&rlz=1C1AOHY_enUS708US708&oq=cypherpunks+write+code&aqs=chrome..69i57.5595j0j7&sourceid=chrome&ie=UTF-8 This oh so cool mantra derives from the magicial, bewitching lodestone "national security," the abiding weapon of nations governed as royalty, heirarchical, the few overlording the many with force, elections, education, faith and trivializing deriviatives of entertainment, media, chat, parties, militants, rebels, revolutionaries, independents, intellectuals, geniuses, "democracies" ruled by kingdoms of presidents, congresses, courts. Nonetheless, always a nonetheless apologia for top-down regimes, far more rewarding to cooperate with authorities than to defy them, more lucrative too. So backdoors in crypto, each and every version, must be inherent code, along with outpourings of assurances there are workarounds to escape the many and be one of the few. Today, that is marketed as "smart." At 06:23 AM 10/12/2020, Stefan Claas wrote:
Karl wrote:
[...]
After finding a good candidate airgapped device, you'll want to be careful with how you use it. Remember, whenever a new vulnerability is found, trojans cover the world taking advantage of it, and then try to find a way to hide inside the corners of all the systems they find. So, any drive you put in your new device, anything you plug into it, any update you apply, could be filled with computer-measles that would find a way to trick it into giving remote control to them. Keep it isolated until you have things set up for use.
The next step after getting a reasonable airgapped device, maybe a pi zero, and ideally keeping it isolated, would be to install gnupg on it. Maybe in a forthcoming email!
GnuPG should be already installed with Linux (Raspberian OS etc.). The thing I would like ask you, how would you communicate securely with your air-gapped device?
What I did in the past was to install on the online device and offline device the free (cross-platform) software CoolTerm and I connected both devices with an FTDI USB to USB cable, so that I could do serial communications and was also able to see how many bytes (from a PGP message) was transfered.
Another approach I am currently playing with is to play with NFC tags and a reader/writer device, which can be used offline as well.
Regards Stefan
-- NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675 The computer helps us to solve problems, we did not have without him.