Op-ed: I’m throwing in the towel on PGP, and I work in security

Discussion in 'privacy technology' started by Minimalist, Dec 10, 2016.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    http://arstechnica.com/security/2016/12/op-ed-im-giving-up-on-pgp/
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Me, I just use GnuPG to keep stuff private out there. No verifiable identities. No expectation of wide-spread use. People who won't use it don't get anything beyond what I'd write here. And actually, nobody gets anything that would compromise me, in any way. Because it's prudent to assume that everything that leaves my control becomes public.
     
  3. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    511
    Location:
    Earth .... occasionally
    That is an excellent article from Filippo Valsorda , and it echoes many of my own feelings about PGP.

    Sure , it is a great concept , but as for implementing it .....
    Storing offline keys on a Raspberry Pi , and traveling hundreds of miles ( or more ) to key-signing parties ?
    There is a Pythonesque aspect to the whole thing ( I refer to Monty , not the programming language :) ).

    It just should not be so difficult !

    Much as I value my privacy , there is a practical limit to how much time and effort I can afford to put into it .

    Ars longa , vita brevis
    .
     
  4. guest

    guest Guest

    i just use it to locally encrypt my files , i don't need anything else , if i want send sensitive files i use protonmail lol
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,402
    Spot on with how I am using GPG. We differ in that I don't even place my public key on a server. I will dispatch it when warranted directly to the person with whom I intend to pass encrypted messages. Same as you, my individual keys only traceback to a moniker matching the psuedo indentity that is communicating with the other person (compartmentalization). To protect all sides I never get closer than that.

    I would completely abandon PGP for real name simply because my real name friends are too lazy and don't care about internet privacy!
     
  6. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Op-ed: Why I’m not giving up on PGP
    http://arstechnica.com/information-technology/2016/12/signal-does-not-replace-pgp/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.