We have GOT TO make things simpler

Jeff Allen jrallen at runbox.com
Thu Oct 10 15:05:42 CEST 2019

On 10/9/2019 Tony Lane <codeguro at gmail.com> wrote:
> On 10/8/19 9:21 AM, Jeff Allen via Gnupg-users wrote:
>> Sure it's a solution.  I have accounts at both.  Most of my email is not
>> encrypted because, as the original poster pointed out, most people I
>> communicate with are not particularly interested in privacy.  When a
>> private discussion _is_ required, I suggest that we have it on one of
>> those platforms.
> That seems terribly inefficient. Do you intend to maintain accounts on
> each of these platforms and take all of the risks of each into account?
> You must have a lot more trust than I do, but I digress. I think his whole
> point is "We should use e-mail as an insecure transport protocol and do 
> secure end-to-end encryption on an agnostic encryption module such as GPG".

Of course we should.  I'm happy to do that when the person with whom I
want to communicate privately is willing to do the same.  Most aren't,
and I am unwilling to let the perfect be the enemy of the good.

> And it makes sense to do things this way if you want to be secure.
> And before you point me to how PM stores your private keys (I've read it),
> remember that all of that salting and hash/password storage is done using
> business logic they developed, which means anytime there's an update,
> hidden or announced, you are running a risk of a backdoor being introduced.
> Can you even audit that code?

Personally, I am not capable of auditing code, including that of GnuPG.
 It is unrealistic to think most users, even most power users, have the
time and ability to audit the code of their security software.

My threat model is not overly demanding.  Mainly I want to avoid getting
targeted pharma ads or being denied insurance if I discuss a medical
issue in an email.  I'd prefer that Google not be able to surmise my
income sources and net worth based on information I share with family
members.  Were I worried about being targeted by NSA, law enforcement or
a civil court order, I'd be a lot more demanding of my correspondents
and myself.

I have used PGP since at least version 2.6.x.  I can do OpenPGP via
Thunderbird/Enigmail, mutt, GPGShell, Geany, Kleopatra or the command
line and don't find any of them to be particularly daunting.  What I
haven't been able to do is convince many people to do the same.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20191010/997e4ec2/attachment.sig>

More information about the Gnupg-users mailing list