[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] PGP fiddly-diddly - action required

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

El 15 de mayo de 2018 3:01 AM, I <beatthebastards@xxxxxxxxx> escribió:

> https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now

I respect the EFF for all of its work, but I don't understund this one. So if I have PGP to protect my email, their solution is to stop using PGP because someone could read my encripted mails. So now everyone would be able to read all of may emails. Wouldn't be better to ask people to disable HTML on email and to upgrade their email clients to stay protected.

I know PGP is not perfect, but it is the best we have for email. I know email is not perfect but it is more or less descentralize. Why should be stop using email in favor of something such as Signal (recomendation from EFF article) that is centralize and we should trust the guys running the server are good guys. I understund that Signal has great security features like foreward secrecy that PGP doesn't. I know it is open source, but you are forbid to installed from free repostiories such as Fdroid.

Also you can not use Signal if you don't have a phone number. How great is that for anonymity. In the country where I am living you can not activiate a mobile phone number without your national id. 

I am writing this email from Protonmail wich I only connect from Tor. I don't really trust  Protonmail, but I can be anonymouse to them thanks to Tor. 

Is Signal the replacement to email? I do like the way the Signal protocol negociate offline the keys and that each message is encrypted with a different key. That idea of encryption for asynchronous communication can actually be a good replacement for email, but in a distirbuted network.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to