On 31 Aug 2016, at 15:20, Chad MILLER chad@cornsilk.net wrote:
But it can never look in your ~/.gnupg/ dir or grab your scanner or wipe your yubikey or turn on your camera or whatever, as another program, rogue or compromised, could do. None of that even seems to exist.
If it shares physical RAM with other processes or VMs, it can modify their RAM, under certain conditions:
https://www.schneier.com/blog/archives/2016/08/powerful_bit-fl.html
Unfortunately, VMs and similar isolation techniques aren't great at preventing hardware-based side-channels.
But in most cases, for most threat models, yes, it's quite secure.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org