In case you use OpenPGP on a smartphone ...

Ryan McGinnis ryan at digicana.com
Wed Aug 12 17:33:02 CEST 2020


I presume the goal of people (who know what they are doing) going
through all these inconvenient steps isn't to build the perfect
impenetrable fortress of security (which doesn't exist) but rather to
make it more difficult or expensive to circumvent from the threat
actor's perspective, hopefully to the point where it's not worth it.  An
iOS 0day used to run over a million buckaroos on the open market (it's
cheaper now, Apple's security has flagged a bit in recent years) so it's
not something Script-Kiddie McHighshoolKid  is going to use to try to
get at your filthy nudes.  But I wouldn't run the SCADA control
interface of my highly controversial uranium centrifuge farm on my
iPhone, because spending a million buckaroos is like dropping a penny in
a pond for the kinds of actors who'd be interested in that sort of thing. 

If you're trying to defeat the amorous advances of the NSA and you don't
have the support and training of an entire nation's intelligence agency
behind you, just accept that you've already lost.  Also, don't post
here, anyone the NSA is actively interested in lives a life way too
interesting to be self-owning any kind of OSINT about themselves in
public. 

For the average bloke, owning an iPhone with a strong passcode and using
Signal or Wire to communicate is going to give them some of the best
hardware and communications security money can buy. 
 
On 8/11/20 3:58 PM, Johan Wevers wrote:
> On 11-08-2020 21:49, vedaal via Gnupg-users wrote:
>
>> There is already a simple existing solution.
> Simple is not how I see this.
>
>> [1]  Encrypt and decrypt on a computer that has internet hardware disabled.
>> [2] Use an Orbic Journey V  phone that gets and sends *only text*
>> [3] Use a microsd expansion card on the orbis phone
> The Iranians though this too. And then someone invents Stuxnet-like
> attack software.
>
> --
> ir. J.C.A. Wevers
> PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

-- 
-Ryan McGinnis
http://bigstormpicture.com
PGP Fingerprint: 5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 839 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200812/209d0e0f/attachment.sig>


More information about the Gnupg-users mailing list