That's a good article and I think it makes a lot of sense in the
context. I still think PGP is valid for sending encrypted emails if you
exchange public keys beforehand (as he also states he still uses it in
that manner). The web of trust also never did anything for me sadly.
On 12/08/2020 20:29,
For example, in this message from Ryan, Enigmail says it has a bad
signature. I think that could be an issue too with it's adoption.
On 8/12/2020 11:29 AM, Ryan McGinnis via Gnupg-users wrote:
> The reasons to abandon PGP for secure communications have been
> accepted in the security community for
Ryan McGinnis via Gnupg-users wrote:
> The reasons to abandon PGP for secure communications have been accepted in
> the security community for years. Here’s one
> security researcher explaining why (there are many others out there with
> similar sentiments):
>
> https://arstechnica.com/infor
The reasons to abandon PGP for secure communications have been accepted in the security community for years. Here’s one security researcher explaining why (there are many others out there with similar sentiments): https://arstechnica.com/information-technology/2016/12/op-ed-im-giving-up-on-pgp/-
Well, more like celebrities (and other types) hire him to keep their personal lives and information from being easily found. He also helps stalking victims disappear. I believe he’s former FBI. He prefers the old iPhone SE. At one time you used to be able to buy them anonymously with cash, whic
I'm not sure that there are solutions orders of magnitude more secure
that are available readily.
Also people tend to get emails on the go as well that might be
encrypted. It's convenient to decrypt emails on a smartphone and not
really that insecure if you're using an external device for actual
k
Stefan Claas wrote:
> Ryan McGinnis via Gnupg-users wrote:
>
> > Well yes I realize that it exists, what I'm saying is why would anyone
> > use it for secure communications on a smartphone when there are
> > solutions orders of magnitude more secure and simple to use. It'd be
> > like buying a
Ryan McGinnis via Gnupg-users wrote:
> If you don't want to be location tracked on a mobile device you just
> power it off and put it in a Faraday bag when not in use.
> https://silent-pocket.com/
Yup, still waiting for my Faraday bags, which I won from the Nym project
giveaway.
>
> If you wa
Ryan McGinnis via Gnupg-users wrote:
> Well yes I realize that it exists, what I'm saying is why would anyone
> use it for secure communications on a smartphone when there are
> solutions orders of magnitude more secure and simple to use. It'd be
> like buying a helicopter but deciding you'd sti
Well yes I realize that it exists, what I'm saying is why would anyone
use it for secure communications on a smartphone when there are
solutions orders of magnitude more secure and simple to use. It'd be
like buying a helicopter but deciding you'd still fly only 2 feet off
the ground and stick to
Well yes I realize that it exists, what I'm saying is why would anyone
use it for secure communications on a smartphone when there are
solutions orders of magnitude more secure and simple to use. It'd be
like buying a helicopter but deciding you'd still fly only 2 feet off
the ground and stick to
Ryan McGinnis via Gnupg-users wrote:
> I guess the real question is: what are people using PGP for on mobile
> devices? If it's for communication, that's silly. There are at least a
> half dozen far, far, far better ways to securely communicate on a
> smartphone.
Well, it is listed by the Ope
I presume the goal of people (who know what they are doing) going
through all these inconvenient steps isn't to build the perfect
impenetrable fortress of security (which doesn't exist) but rather to
make it more difficult or expensive to circumvent from the threat
actor's perspective, hopefully to
Felix wrote:
[...]
apologies for not quoting each paragraph from you!
No doubt that a system tool (like Werner says) like GnuPG or any others for
that matter, which are free and OpenSource, are good tools people rely on.
We all know that threats for online devices exist and mostly bugs or secu
If you don't want to be location tracked on a mobile device you just
power it off and put it in a Faraday bag when not in use.
https://silent-pocket.com/
If you want to deep dive into this sort of thing (it's a really deep
lake), give this book a read:
https://www.amazon.com/gp/product/B0898YGR
I guess the real question is: what are people using PGP for on mobile
devices? If it's for communication, that's silly. There are at least a
half dozen far, far, far better ways to securely communicate on a
smartphone.
Also -- unless you are steeped in the security industry and run a
hardened O
Just adding my 2 cents to this discussion.
I think it doesn't matter what sort of spyware potentially exists
somewhere out there for some phone, what matters is whether it is on
your phone.
This isn't really about the security of OpenPGP either but about a
fundamental trust in the things we use b
Andrew Gallagher wrote:
> On 11/08/2020 19:57, Stefan Claas wrote:
> > So, to sum it up (I know you prefer Tails) would you agree that
> > sooner or later the community should develop strategies, in form of a
> > best practice FAQ (cross-platform), to no longer use encryption
> > software on onli
On 11/08/2020 19:57, Stefan Claas wrote:
> So, to sum it up (I know you prefer Tails) would you agree that
> sooner or later the community should develop strategies, in form of a
> best practice FAQ (cross-platform), to no longer use encryption
> software on online devices and work out strategies t
19 matches
Mail list logo
