Robert J. Hansen
rjh at sixdemonbag.org
Sun Apr 23 13:25:56 CEST 2017
> I also tell them that using encrypted mail on an Internet connected
> general purpose OS computer is good for practice and "fun factor",
> but not much else.
This is the kind of "advice" we can do without. Whether encrypted email
is of use to someone depends entirely on their threat model.
Years ago, my best friend was engaged to be married. He and his fiancée
(now wife) were discussing wedding and honeymoon plans via email, up
until she walked into the IT department at work and found the sysadmin
reading her email aloud to someone else for purposes of gossip and
entertainment. Emily was horrified; Doug was red with rage.
Do you mean to tell me OpenPGP on internet-connected computers wouldn't
have been useful to them?
Some people have major nation-state agencies, multinational
corporations, or organized crime syndicates as enemies. These people
have extreme needs and need to take extreme measures. But most people
have much different needs.
There are very few one-size-fits-all answers in communications security.
There are slightly more, but still few, one-size-fits-most. What you
are doing is peddling a one-size-fits-some as a universal
recommendation. What I'm worried about is that people whose security
could be vastly improved by simple and painless measures will listen to
this gospel you're preaching, decide clearly there's too much work
involved, and give up altogether!
More information about the Gnupg-users