It still needs to be kept updated too, and there would be massive attack surface simply for that. Simple update verification, full verified boot and downgrade protection with minimal state are important. The entire point is not having the attack surface of a general purpose OS.
Conversation
I think you're just misinterpreting that post and drawing the wrong conclusions. It's about a hardware attack, and a general purpose computer running Linux is far more vulnerable to the same kind of attacks. It ignores the passphrase feature and is unnecessarily dishonest too.
2
1
It's far better to not have a general purpose OS when it's totally unnecessary. Only a tiny embedded application with thousands of lines of code, not millions, is needed. Running that tiny application on top of a massive general purpose OS would be a step backward in every way.
1
1
I completely agree with - this is the wrong conclusion. Hardware keys are the go to for maximum security. Your 'no' responses are incorrect for "implementation of software or device 100% Libre Software" and "can be independently reproduced and audited".
1
1
1
The comparison table is wrong when it comes to Nitrokey Start / Gnuk. Keys are encrypted, it is 100% libre software, can be audited, auditing isn't harder than GnuPG.
2
2
Except, by your own admission, your software is not 100% free and users can't flash the hardware to get an identical copy of the final product... twitter.com/nitrokey/statu ^HU
Quote Tweet
Replying to @ioerror
@ioerror Source code is in "Software" section further down. It's fully functional. Only internal NDA-covered sections had to be removed.
1
I was wondering why I was having trouble figuring out the smart card used in the devices (twitter.com/RobertSpigler/)
Why did certify this device then?
Quote Tweet
Replying to @RobertSpigler @DanielMicay and 5 others
Entering a password on device (like you mention) is a big plus for Trezor though, as is their open CPU. (What smart card does nitrokey use?)
1
1
. , what about using device like discusses? Wouldn't the comparison table still be incorrect? They have a fully open design (no smart card)
1
I think it would be best included as an alternative to traditional HSMs since it works differently. It's a superior approach in most ways but can't do all of the same things like importing an existing key.
1
1
i.e. maybe having an extra column in the table