Notices tagged with pgp

What was the moment when you started to use Nitrokey? 🙂

#opensource #itsecurity #pgp

@vidakYou wrote your #PGP and #email,I couldn't help but be impressed,But I've tried now every keyserver,They all tell me #BadRequest.

(Bad Request oouu oouu)

I wanna #dance to the rhythm of your algorithm,Wrap my words in your #entropy,How can I do that if I just can't find em,I need your #PublicKey,– privately.

@vidakNew idea for a #song.

"I wanna talk to you,I had to write something,But its that time again,When all the #keyservers are dowwwn

(Down Down Down Oouu Oouu Oouu)"

#techSong #skit #funny #GPG #pgp #fediLyrics

I remember reading a criticism of pgp’s interaction model (ie, issues around expanding the web of trust, and what is implied when a key is signed), but I can’t recall the exact nuance of it, and can’t seem to find what I’m thinking of when searching online. Anyone on here have a link for me? #pgp #cryptography

You think #PGP using #Java is complicated?You hesitate to introduce #OpenPGP encryption in your #Android app because you fear the complexity of #Bouncycastle?

Try PGPainless! An easy to use wrapper library that makes generating PGP keys and doing #encryption easy as pie!

https://pgpainless.org

@allo

> #PGP needs key distribution

This is a problem that we should have solved decades ago.

Still, works well in a business context, though nowhere near as much support as #X509, which is another option if you don't mind the hierarchical #CA model.

Not perfect either, I know, but I'd prefer a few well supported options rather than everybody jumping onto a different bandwagon every five years or so. 🤷

@amenthes @jz

Part 2 of my email options for secure email along with providers that I personally use. Bare in mind do to my uses all of these are onion services that only use the Tor network; you will not be able to use these services without using Tor, please bare in mind that you will not be able to send or receive from a non Tor network email address, currently protonmail is one of the few exceptions however they do not meet my criteria as a proper hidden service to be listed in my list. These services can be slightly more complicated to use however they do offer vastly better anonymity and when used with PGP offer very good security for your communications.

Oh and I threw in an onion WordPress hosting provider for anyone interested in making uncensored blogs, remember payment is only accepted through crypto.

I would recommend saving these links and checking the pgp signatures to avoid getting a phishing link commonly used to steal credentials for these services.

Oh and a friendly warning some of these services have ads on there homepages, please do not fall for the scam ads. Absolutely all of the ads seen on these services are fake DO NOT FALL for them.

TorProjecthttps://torproject.org

TorCheckhttp://check.torproject.org

Elude Mailhttp://eludemaillhqfkh5.onion/

Mail2Torhttp://mail2tor2zyjdctd.onion/

TorBoxhttp://torbox3uiot6wchz.onion

SecMailhttp://secmailw453j7piv.onion

Torpress (unsencored blog creation)http://torpress2sarn7xw.onion

#tor #privacy #security #pgp #anonymous #email

thanks @solene for sharing your experience.

quite similar to www.passwordstore.org using #PGP key to protect text

I've always thought that #pgp was pretty good, but I just came across this seemingly reasonable article that is *very* critical of it: https://latacora.micro.blog/2019/07/16/the-pgp-problem.html

The tldr:

* pgp has weak security options and code complexity for backwards compatibility with the 90s

* because of that, pgp is really easy to misconfigue with poor security

* pgp doesn't provide forward secrecy

* pgp encourages you to have one master key that you never change, instead of rotating

Any thoughts/rebuttals?