I just read into gnupg and private key management. My plan that if I ever start to use gnupg I should start with a really securely stored master private key. Well a compromised smart card reader or pinpad can't extract the private key from the card (supposedly), however it could sign/decrypt documents silently while it has access to the card.

However I didn't find any source for the relationship between card readers and badusb. I found a product which offers a "feature" of "USB firmware upgradeability" [1]. It could be secure if you had to confirm the firmware upgrade on the pinpad.

So my questions are: Do you own a smart card reader? Is its firmware silently upgradeable from a computer?

[1] http://www.acs.com.hk/en/products/176/acr89u-a1-handheld-smart-card-reader/