On Thu, 21 Jan 2021 10:48, Andrew Gallagher said: > It is important to remember what PGP is for, and what it is not > for. It is most definitely NOT for hiding metadata. No system based on > email can ever do that, so it is safer not to pretend otherwise.
Full Ack. There are ways to hide meat data and they exists for a long time. Use them or helpt to get them back to live. Tor is one option but it does not really target mails because it is designed as a low-latency service. > If you need to hide your metadata from the state on pain of torture > and death, PGP is NOT the solution. Use Tor, use Signal. And even then That is not corrct. OpenPGP can and is in the real world part of a solution. But communication in a hostile environment requires training and creative methods to convey the data. Signal for example is not a solution because it is a centralized service, requires easy to subvert OSes, backdoored updates can easiliy be pushed to users, easuy to block, and so forth. It may be part of a solution. > likely that your endpoint is rooted, and no security software can > protect you from an pwned endpoint. There are ways to mitigate this but again training is required. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
