Re: Essay on PGP as it is used today

2019-07-25 Thread MFPA via Gnupg-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Wednesday 24 July 2019 at 2:36:36 AM, in , vedaal via Gnupg-users wrote:- > but for the default size GnuPG key of 4096, The default key size is 2048. That is the size generated if you use the --quick-generate-key command. - -- Best

Re: Essay on PGP as it is used today

2019-07-23 Thread vedaal via Gnupg-users
On 7/22/2019 at 7:12 AM, "Robert J. Hansen" wrote: >Mathematicians have come up with different ways to estimate how >many >primes there were under a certain value ... >The first estimate for π(x) was "x divided by the natural >logarithm of x". ... >If we do that same equation for a 2048-bit

Re: Essay on PGP as it is used today

2019-07-23 Thread Ryan McGinnis via Gnupg-users
It seems kinda cheeky to find one (fixed) bug in the least secure implementation of the program and act like that disqualifies it.  All programs have bugs.  Most implementations of GPG have had some pretty bad bugs over the years.  No programs are going to be free of security flows - the

Re: Essay on PGP as it is used today

2019-07-23 Thread Procopius via Gnupg-users
Again, Signal is touted as better than PGP.Why?Look at this problem with signal. Looks really serious. Signal Desktop Leaves Message Decryption Key in Plain Sight https://www.bleepingcomputer.com/news/security/signal-desktop-leaves-message-decryption-key-in-plain-sight/ I don't think PGP does

Re: Essay on PGP as it is used today

2019-07-22 Thread Robert J. Hansen
> I think that’s the point security researchers like Schneier have been > trying to make: it is easy for all people — from grandparents who > still think they need AOL to chipheads who can install Arch without > watching a YouTube tutorial — to screw up encrypted email in a way > that exposes the

Re: Essay on PGP as it is used today

2019-07-22 Thread Ryan McGinnis via Gnupg-users
I’m not so sure that it does.  I think that’s the point security researchers like Schneier have been trying to make: it is easy for all people — from grandparents who still think they need AOL to chipheads who can install Arch without watching a YouTube tutorial — to screw up encrypted email in

Re: Essay on PGP as it is used today

2019-07-22 Thread Mark H. Wood via Gnupg-users
On Mon, Jul 22, 2019 at 03:46:18PM +, Ryan McGinnis via Gnupg-users wrote: >[1]https://www.schneier.com/blog/archives/2018/05/details_on_a_ne.html > >� 3. Why is anyone using encrypted e-mail anymore, anyway? Reliably and >easily encrypting e-mail is an insurmountably hard problem

Re: Essay on PGP as it is used today

2019-07-22 Thread Ryan McGinnis via Gnupg-users
ndin via Gnupg-users Subject: Essay on PGP as it is used today   More than a bit critical, but a good read all the same.  Found on HN.  https://latacora.micro.blog/2019/07/16/the-pgp-problem.html HN comment thread here:  https://news.ycombinator.com/item?id=20455780 -Ryan McGinnis

Re: Essay on PGP as it is used today

2019-07-22 Thread Stefan Claas via Gnupg-users
Jerry wrote: > On Mon, 22 Jul 2019 07:07:32 -0400, Robert J. Hansen stated: > >> I went to an EFF (Electronic Frontier Foundation) meeting and a big > >> and tall guy came to me and told me that he had a way of Breaking PGP > >> and told me he had been working on a database program that made

Re: Essay on PGP as it is used today

2019-07-22 Thread Jerry
On Mon, 22 Jul 2019 07:07:32 -0400, Robert J. Hansen stated: >> I went to an EFF (Electronic Frontier Foundation) meeting and a big >> and tall guy came to me and told me that he had a way of Breaking PGP >> and told me he had been working on a database program that made this >> possible and

Re: Essay on PGP as it is used today

2019-07-22 Thread Robert J. Hansen
> I went to an EFF (Electronic Frontier Foundation) meeting and a big > and tall guy came to me and told me that he had a way of Breaking PGP > and told me he had been working on a database program that made this > possible and spouted off terms I had never heard before. Yeah, these conspiracy

Re: Essay on PGP as it is used today

2019-07-22 Thread Wiktor Kwapisiewicz via Gnupg-users
On 22.07.2019 11:26, Procopius via Gnupg-users wrote: I searched and determined the author is unknown from from what I could see. The author is Thomas H. Ptacek, here's contact info: https://news.ycombinator.com/user?id=tptacek FWIW he's known for criticizing crypto that he thinks is

Re: Essay on PGP as it is used today

2019-07-22 Thread Craig T via Gnupg-users
antin Boyandin via Gnupg-users Subject: Essay on PGP as it is used today More than a bit critical, but a good read all the same. Found on HN. https://latacora.micro.blog/2019/07/16/the-pgp-problem.html HN comment thread here: https://news.ycombinator.com/item?id=20455780 -Ryan McGinnis https:/

Re: Essay on PGP as it is used today

2019-07-22 Thread Procopius via Gnupg-users
From Elwin in Lloydminster, Alberta, Canada (visiting family) July 22, 2019 Ryan & gnupg-users, Concerning "Essay on PGP as it is used today" When I went to the link it said it said, "The PGP Problem" I searched and determined the author is unknown from from wha

Re: Essay on PGP as it is used today

2019-07-21 Thread raf via Gnupg-users
Ángel wrote: > On 2019-07-18 at 12:13 +1000, raf wrote: > > At work, when a client insists on email, and I (or the law) > > insist on encryption, I provide them with instructions for > > installing 7-zip and send them an AES-256 encrypted zip or 7z > > file as an attachment. It's the simplest

Re: Essay on PGP as it is used today

2019-07-21 Thread raf via Gnupg-users
Stefan Claas wrote: > raf via Gnupg-users wrote: > > > Stefan Claas via Gnupg-users wrote: > > > > > Andrew Gallagher wrote: > > > > > > > * And finally: “don’t encrypt email”? Yes, well. Email is not going > > > > away. > > > > Just like passwords, its death has been long anticipated, yet

Re: Essay on PGP as it is used today

2019-07-20 Thread Stefan Claas via Gnupg-users
Stefan Claas via Gnupg-users wrote: > raf via Gnupg-users wrote: > > > Stefan Claas via Gnupg-users wrote: > > > > > Andrew Gallagher wrote: > > > > > > > * And finally: “don’t encrypt email”? Yes, well. Email is not going > > > > away. Just like passwords, its death has been long anticipated,

Re: Essay on PGP as it is used today

2019-07-19 Thread Ángel
On 2019-07-18 at 12:13 +1000, raf wrote: > At work, when a client insists on email, and I (or the law) > insist on encryption, I provide them with instructions for > installing 7-zip and send them an AES-256 encrypted zip or 7z > file as an attachment. It's the simplest thing I could think > of

Re: Essay on PGP as it is used today

2019-07-18 Thread Stefan Claas via Gnupg-users
raf via Gnupg-users wrote: > Stefan Claas via Gnupg-users wrote: > > > Andrew Gallagher wrote: > > > > > * And finally: “don’t encrypt email”? Yes, well. Email is not going away. > > > Just like passwords, its death has been long anticipated, yet never > > > arrives. So what do we do in the

Re: Essay on PGP as it is used today

2019-07-18 Thread Mirimir via Gnupg-users
On 07/18/2019 04:21 AM, U'll Be King of the Stars wrote: > On 18/07/2019 05:40, Mirimir via Gnupg-users wrote: >> When I need to share stuff among GUI-less VPS, with no Javascript >> capable browser, I sometimes use pastebins. I encrypt with GnuPG, and >> then base64 encode. > > I love pastebins. 

Re: Essay on PGP as it is used today

2019-07-18 Thread U'll Be King of the Stars
On 18/07/2019 05:40, Mirimir via Gnupg-users wrote: When I need to share stuff among GUI-less VPS, with no Javascript capable browser, I sometimes use pastebins. I encrypt with GnuPG, and then base64 encode. I love pastebins. I think they are an excellent "first serious web app" type of

Re: Essay on PGP as it is used today

2019-07-17 Thread Mirimir via Gnupg-users
On 07/17/2019 07:47 PM, Ryan McGinnis via Gnupg-users wrote: > Is that to send them a message or an attachment? > > You might look into Firefox Send -- not sure if this satisfies the legal > requirements, but it is very robust end to end encryption. > https://send.firefox.com/ I also like

Re: Essay on PGP as it is used today

2019-07-17 Thread Ryan McGinnis via Gnupg-users
Is that to send them a message or an attachment? You might look into Firefox Send -- not sure if this satisfies the legal requirements, but it is very robust end to end encryption. https://send.firefox.com/ -Ryan McGinnis https://bigstormpicture.com PGP: 5C73 8727 EE58 786A 777C 4F1D B5AA

Re: Essay on PGP as it is used today

2019-07-17 Thread raf via Gnupg-users
Stefan Claas via Gnupg-users wrote: > Andrew Gallagher wrote: > > > * And finally: “don’t encrypt email”? Yes, well. Email is not going away. > > Just like passwords, its death has been long anticipated, yet never arrives. > > So what do we do in the meantime? > > I think the biggest problems

Re: Essay on PGP as it is used today

2019-07-17 Thread Ryan McGinnis via Gnupg-users
> - And finally: “don’t encrypt email”? Yes, well. Email is not going away. > Just like passwords, its death has been long anticipated, yet never arrives. > So what do we do in the meantime? I think what the author is saying is stop trying to ever think of email as a secure form of

Re: Essay on PGP as it is used today

2019-07-17 Thread Stefan Claas via Gnupg-users
Andrew Gallagher wrote: > * And finally: “don’t encrypt email”? Yes, well. Email is not going away. > Just like passwords, its death has been long anticipated, yet never arrives. > So what do we do in the meantime? I think the biggest problems is how can PGP or GnuPG users tell other users, not

Re: Essay on PGP as it is used today

2019-07-17 Thread Andrew Gallagher
On 17 Jul 2019, at 05:05, Robert J. Hansen wrote: > But all in all? It's a good criticism. Indeed. Backwards compatibility with the 1990s is an albatross. Anyone still using obsolete ciphers is screwed anyway, so why encourage it? Some nitpicking: * Modern PGP does encrypt subjects

Re: Essay on PGP as it is used today

2019-07-16 Thread Robert J. Hansen
> More than a bit critical, but a good read all the same.  Found on HN. Although I largely share in the criticisms, I think the author made a couple of serious mistakes. First, RFC4880bis06 (the latest version) does a pretty good job of bringing the crypto angle to a more modern level. There's

Essay on PGP as it is used today

2019-07-16 Thread Ryan McGinnis via Gnupg-users
More than a bit critical, but a good read all the same.  Found on HN.  https://latacora.micro.blog/2019/07/16/the-pgp-problem.html HN comment thread here:  https://news.ycombinator.com/item?id=20455780 -Ryan McGinnis https://bigstormpicture.com PGP: 5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E