causalscience 5 days ago

Sorry, I don't pay attention to anyone who disses PGP. I don't care if it's easy to misuse. I focus on using it well instead of bitching about misusing it.

If there's one thing we learned from Snowden is that the NSA can't break PGP, so these people who live in the world of theory have no credibility with me.

Reply View 9 replies
  • ddtaylor 5 days ago

    Before my arrest (CFAA) I operated on Tor and PGP for years. I had property seized and I had a long look at my discovery material, as I was curious which elements they had obtained.

    I never saw a single speck of anything I ever sent to anyone via PGP in there. They had access to my SIGAINT e-mail and my BitMessage unlocked, but I used PGP for everything on top of that.

    Stay safe!

    Reply View 4 replies
    • michaelmcdonald 5 days ago

      Would be curious to know (if you're willing to share) how you were found if you were working to obscure / encrypt your communications. What _was_ it that ultimately gave you away or allowed them to ID you?

      Reply View 1 reply
      • causalscience 5 days ago

        I'd be curious as well, though I completely understand if they don't want to talk. Someone should write a book just listing the usual mistakes.

        Reply View 0 replies
    • OhMeadhbh 5 days ago

      if you sign PGP messages with a key you associated with your identity, the have high confidence you sent emails signed with that key. i.e. - PGP does not offer group deniable signatures as a default option.

      Reply View 1 reply
      • causalscience 4 days ago

        So what? Whether this matters depends on your threat model, but you present this as a universal concern. Yes, we know, and we use it appropriately.

        Reply View 0 replies
  • OhMeadhbh 5 days ago

    wow. that's a phenomenally bad policy. There are many legit critiques which can be leveled at PGP, depending on your use case. [Open]PGP is not a silver bullet. You have to use it correctly.

    Reply View 3 replies
    • causalscience 5 days ago

      "You have to use it correctly" is true for everything. Stop parroting garbage you read and exercise some critical thinking.

      Reply View 2 replies
      • OhMeadhbh 4 days ago

        says the 8 day old sock puppet.

        Reply View 1 reply
        • causalscience 4 days ago

          It's not a sock puppet in the usual sense. Every time I log in I create a new account, and it lasts until I get logged out for whatever reason. But I'm not having conversations between multiple accounts that I control, if that's what you mean.

          Reply View 0 replies