undefined | Better HN

0 pointsjolmg7y ago0 comments

> Don't use pgp/openpgp/gpg email, use signal. You can use gpg to sign packages and encrypt backups, but the email integration and UX will kill you.

Is there any problem with the crypto that gpg uses, or is it just a matter of the UX?

0 comments

3 comments · 2 top-level

wolf550e7y ago· 1 in thread

You can configure it to use crypto that is ok (and then use it to sign software packages or encrypt backups, like I wrote above, especially when interaction with gpg is done by scripts, not manually by humans, and key distribution is out of band and PFS is not needed).

For back and forth messages between two or more people, lack of forward secrecy is a problem, integration with the email program is a problem, email metadata is a problem (not just to and from but also the subject line), teaching your confederates to not reply in the clear quoting the entire decrypted message you sent is a problem, etc.

Security practitioners basically believe email cannot be saved, it cannot be used securely by regular people and its only use is to bootstrap something else.

Boulth7y ago

> not just to and from but also the subject line

Subject is hidden in newer software e.g. Enigmail and K9 (it's moved to encrypted part and replaced with a placeholder see https://github.com/autocrypt/memoryhole).

marcosdumay7y ago

Gpg can use a lot of different crypto primitives. Some do have problems, some are kinda broken but still good enough for use, some are too easy to make mistakes so gpg is probably bugged, and some are top of the line.

Gpg email also leak some more metadata than signal does. But it leaks to different parties, so this is not clear-cut.

j / k navigate · click thread line to collapse