Surveillance cameras were

I cannot say the same from an OS bloated with Google stuff out of the box.

I don't think you can upload SSH keys to cameras can you?

Surveillance cameras were

Well, idk, they were made to look for. Openly. Spying means concealment.

Well, idk, they were made to look for. Openly. Spying means concealment.

Ok how about disguised pen cameras

I don't think you can upload SSH keys to cameras can you?

If IP cameras have SSH though. :D

Or spy drones!

You can always use AOSP though, if you're afraid of backdoors and stuff.

lol

even then theres a chance of hardware backdoors, though normal computers have such a risk too

No gapps, that appstore for foss software.

RISC-V smartphone when

No gapps, that appstore for foss software.

fdroid

Yeah, that one.

Smartphone plays a role of a poket computer for me now

Can't say that I am any satisfied.

@sin_over_cos is sounding more like a Techno-nihilist...

how so

But even Nokia N900 would've fit me and my needs better.

Sadly, used N900 is more expensive than used Asus Zenfone 2 here.

I think, if I had one, I'd not even think of OpenPandora.

https://krypt.co/ Kryptonite - The new way to protect your private key. (Log in to your SSH server by authenticating with your smartphone.)

Store private key in cloud or mobile phone? No way!

how so

Read your own comments :^)

I don't trust the OS installed in my phone.

Same.

If you want a secure storage for your private keys, buy hardware token like this: https://shop.nitrokey.com/shop/product/nitrokey-hsm-7 Nitrokey is fully opensource (both hard and soft).

Store private key in cloud or mobile phone? No way!

What cloud are you talking about?

Also sure but that requires additional investment

Read your own comments :^)

ooh good one(!)

Kryptonite is free for anyone having a smartphone

And still more secure than storing it in a computer.

Kryptonite is free for anyone having a smartphone

But this is not safe. Every application on rooted device can access private keys.

And still more secure than storing it in a computer.

No. Just encrypt your /home with LUKS and enable SELinux.

But this is not safe. Every application on rooted device can access private keys.

So don't root your phone or handle it with knowledge.

No. Just encrypt your /home with LUKS and enable SELinux.

Yes. That fixes nothing.

SELinux can't sandbox GUI apps.

So don't root your phone or handle it with knowledge.

No way to use proxy for apps then.

So don't root your phone or handle it with knowledge.

I prefer to root every mobile phone to completely drop pre-installed shit.

SELinux can't sandbox GUI apps.

Don't use proprietary GUI apps then.

I prefer to root every mobile phone to completely drop pre-installed shit.

Then you obviously are highly vulnerable.

Don't use proprietary GUI apps then.

Huh?

Don't use electronic devices then

Then you obviously are highly vulnerable.

That's why I don't use software authenticators, only hardware.

Don't use electronic devices then

This TBH.

That's why I don't use software authenticators, only hardware.

If you can afford it sure.

Don't live your life then

I have a few Yubikeys too TBH

Huh?

I don't think that you have any app looking for keys in yout .ssh directory now other than ssh itself.

But kryptonite is definitely more secure than storing it in your computer.

But kryptonite is definitely more secure than storing it in your computer.

Not on Android.

I don't think that you have any app looking for keys in yout .ssh directory now other than ssh itself.

Sure. But if you put it in your phone, even then, it wouldn't be an issue.

Not on Android.

Yes on Android.

I don't think that you have any app looking for keys in yout .ssh directory now other than ssh itself.

Python: >>> f = open(".ssh/id_rsa") >>> f.readlines()

But ok.

and tada, my whole private key is read out

Sure. But if you put it in your phone, even then, it wouldn't be an issue.

It would though, a reason I listed above.

Hope you don't bring iOS to the table as a secure OS now.

Yes on Android.

Android is very vulnerable OS. Such applications like King's Root can gain root rights even in usermode.

Python: >>> f = open(".ssh/id_rsa") >>> f.readlines()

And why would anyone run it?

It would though, a reason I listed above.

Nah, not really.

Android is very vulnerable OS. Such applications like King's Root can gain root rights even in usermode.

If your phone is obsolete sure.

And why would anyone run it?

because its just tucked away in the thousands of lines of code an ordinary app has

Python: >>> f = open(".ssh/id_rsa") >>> f.readlines()

If this do the trick you have serious problem in your fs

because its just tucked away in the thousands of lines of code an ordinary app has

In a foss app? Hardly.

hell, ffmpeg could have that code and people might not even notice

because its just tucked away in the thousands of lines of code an ordinary app has

This

ERROR: S client not available

If your phone is obsolete sure.

It can hack new Samsungs too.

If this do the trick you have serious problem in your fs

lmao why?

i bet you can do it on your system

i bet you can do it on your system

How many??? I need money

It can hack new Samsungs too.

Such as a fully up to date Samsung S8?

Your encryption keys against mine

No.

Such as a fully up to date Samsung S8?

Yes.

Yes.

Please show me.

How many??? I need money

what?

Such as a fully up to date Samsung S8?

So, now we need a fully up to date smartphone to run that soft.

So, now we need a fully up to date smartphone to run that soft.

What :3

Not a $15 smartcard.

All I'm saying is if you have an obsolete OS then you'll have security issues.

Please show me.

Show what? Hacked Samsung S8? I don't have such phone.

this has got to be among the dumbest internet conversations ive seen in the last month

Show what? Hacked Samsung S8? I don't have such phone.

Then how can you tell me it's possible to root an S8?

If you can't prove it...

All I'm saying is if you have an obsolete OS then you'll have security issues.

Well, I have a P7500 that cannot be updated by samsung, so I'm vulnerable because they want me that way

Well, I have a P7500 that cannot be updated by samsung, so I'm vulnerable because they want me that way

It's literally your fault to be honest.

If you want a secure device the first rule is keep it up to date.

It's literally your fault to be honest.

Of yeah, I have a eeePC surf at least 5 years older than that tablet and has the latest updates from F25

And will have the F26 too

What :3

You said that this app is a secure way to store keys and that it only needs a smartphone to run. Now it already needs a new smartphone that recieves security updates to run. :3

If you want a secure device the first rule is keep it up to date.

It's not that I don't have it updated, There are no updates for that Tablet, just like that

I have it updated because I put my inner hacker to play with it

You said that this app is a secure way to store keys and that it only needs a smartphone to run. Now it already needs a new smartphone that recieves security updates to run. :3

Uh...

If you're running obsolete software you already have problems.

Not just private keys. Everything in your phone is at risk.

Of yeah, I have a eeePC surf at least 5 years older than that tablet and has the latest updates from F25

Ok?

Well, not everybody can afford to run up to date software on their phones. Yet, it is easier to do so on PC.

Ok?

PC better than phone