GnuPG cryptographic defaults on the 2.2 branch [was: Re: [Announce] GnuPG 2.2.1 released]
ineiev at gnu.org
Thu Sep 21 18:40:17 CEST 2017
On Thu, Sep 21, 2017 at 11:32:11AM -0400, Daniel Kahn Gillmor wrote:
> I'd prefer to not be attacked at all -- if i were able to choose. :)
> Do you think we should avoid the use of cryptography entirely, so that
> network-based adversaries can monitor us from a distance without getting
> too close? Your adversary being able to secretly attack your data from
> a distance without touching you doesn't somehow protect you from being
> attacked "IRL" in the long run.
There are adversaries and adversaries. I met people who were happy
with adversaries like their government reading all their data, but not
with adversaries like their ISP logging the sites they accessed
(and vice versa).
> In many cases, surveillance and privacy violations are the first step
> toward other negative consequences to the surveilled party, up to and
> including physical attacks against your person.
In that context, it becomes a matter of beliefs.
> Keeping your data cryptographically protected, whether at rest or in
> motion, is a way to defend yourself from physical attack, not to
> encourage it.
IMVHO it depends.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: Digital signature
More information about the Gnupg-devel