On Fri, Jun 7, 2013 at 8:25 AM, Joe Abley <jab...@hopcount.ca> wrote:
> > On 2013-06-07, at 11:14, Jeroen Massar <jer...@massar.ch> wrote: > > > On 2013-06-07 06:50, Dan White wrote: > > [..] > > > > A nice 'it is Friday' kind of thought.... > > > >> OpenPGP and other end-to-end protocols protect against all nefarious > >> actors, including state entities. > > > > If you can't trust the entities where your data is flowing through > > because you are unsure if and where they are tapping you, why do you > > trust any of the crypto out there that is allowed to exist? :) > > Defence in depth. PGP-encrypt your transport stream and send it over TLS > with client- and server-side certificate validation with a restricted CA > list on each endpoint. Using IPSec. Through tor. With the plain-text > littered with code words that are meaningless except to your intended > recipient, taken from a pre-shared (in-person) code book that changes every > day. > > Then your facebook sessions will be secure. > I was most of the way there, except I couldn't figure out how to get a pre-shared codebook to all 5,000 of my facebook friends with minimal overhead... And then it hit me...DIANETICS! Thanks to you, L. Ron Hubbard, my code distribution challenges are a thing of the past. Just keep churning out the endless volumes, and the rotating cypher-key system will last for decades! Matt (for the humour-impaired: ;-P )