misusing USB keycards?

Posted Oct 5, 2017 12:57 UTC (Thu) by anarcat (subscriber, #66354)
In reply to: misusing USB keycards? by tao
Parent article: Strategies for offline PGP key storage

if you're connected anyways, where's the gap then?

I could have written a whole article about air-gapped computers - that wasn't my purpose here. It's one of the approaches you can use, and i know it has its merits. the problem is the tradeoffs seem off to me. if you're connected to the internet anyways, how does it differ from a workstation behind a LAN?

the definitions of "air-gapped" sure seem pretty flexible around here... :p which is another problem: if we don't have a clear definition of what an "air gap" is, you're going to have trouble creating a proper threat model analysis...

to post comments

misusing USB keycards?

Posted Oct 5, 2017 15:05 UTC (Thu) by nybble41 (subscriber, #55106) [Link]

> if you're connected to the internet anyways, how does it differ from a workstation behind a LAN? ... the definitions of "air-gapped" sure seem pretty flexible around here...

It doesn't. You and tao are both saying that an "air-gapped" system is not connected to either the Internet or a LAN. The difference is that tao's definition of "air-gapped" (reasonably, IMHO) does not encompass protection against a local attacker with physical access to the system, e.g. the BadUSB attack. That threat model requires a system which is "tamper-proof", which is a separate consideration from "air-gapped". A "tamper-proof" system can have network links (e.g. ATMs) and an "air-gapped" system can have USB ports. (Suitably restricted, of course—you don't your air-gapped system to automatically establish an Internet connection just because someone plugged a USB network adapter into the port intended for security keys. However, that can be addressed by limiting the USB drivers available, and/or configuring a whitelist of allowed devices.)