An Op-Ed piece from ArsTechnica:
Every once in a while, a prominent member of the security community publishes an article about how horrible OpenPGP is. Matthew Green wrote one in 2014 and Moxie Marlinspike wrote one in 2015. The most recent was written by Filippo Valsorda, here on the pages of Ars Technica, which Matthew Green says "sums up the main reason I think PGP is so bad and dangerous."
In this article I want to respond to the points that Filippo raises. In short, Filippo is right about some of the details, but wrong about the big picture. For the record, I work on GnuPG, the most popular OpenPGP implementation.
(Score: 2) by jmorris on Monday December 26 2016, @09:05PM
Yup, security sucks. It shouldn't and doesn't have do, but it does.
Flippo Valsorda sounds like the typical crypto weenie I slag on often. Hours and hours studying the details, attending key signing parties, standalone Pi to hold the keys, all that effort and then realizes after the fact he doesn't seem to actually need any of it. Only a couple of emails per year encrypted. Huge Homer Simpson DOH! time.
Walfield's rebuttal is mostly the same 'if we sperg harder it will work' nonsense but stumbles onto the truth in a few places. One is in noting the ACLU lawyer who receives dozens of encrypted emails per day. PGP was originally designed for that sort of target audience, so it makes sense. Some people actually NEED secure email, most not so much. We care more about signed software downloads, SSL wed traffic, etc. He also seems to be on the right track that the solution is to make key discovery automatic and via email itself. Something I have went on about a few times.
But the threat of Signal and WhatsApp should not be dismissed. Trusting a closed source app is idiocy. One government order and you are done, they push down an update targeted to your device, it blasts out the key material to the government and everything you ever sent or received is compromised. And you would never have even a possibility of knowing it happened.
It is still amazing to realize that the number of mail clients which to automatic crypto is zero. Not even Emacs Mail does it. Zero is a special number, anytime it appears you should ask why. Almost like some vast government conspiracy to make it just hard enough that nobody does it and most people end up on apps which can be broken. Nah, that is crazy talk.
(Score: 2) by hemocyanin on Monday December 26 2016, @09:34PM
Signal is open source.
https://github.com/WhisperSystems/Signal-iOS [github.com]
https://github.com/WhisperSystems/Signal-Android [github.com]
(Score: 2) by jmorris on Monday December 26 2016, @09:56PM
Delivered through platforms hostile to it. All iOS and any Android apps from Play are signed with the Apple or Google key + the developer key. Build all the binaries you want, it won't install (by the time you are done describing side-loading you have lost 99% of the audience) and if you read the article Signal "discourages" third party applications (which would include any outside build of the 'open source' that annoys them) from interfacing with their servers. When builds show up on f-droid.org I'll try it.
(Score: 2) by hemocyanin on Wednesday December 28 2016, @03:03PM
Fair point.
(Score: 2, Informative) by EETech1 on Tuesday December 27 2016, @07:27AM
Too bad you can't get a keyboard that doesn't send every key you press to the cloud!
For spell checking, Swype analysis, and predictive words.
Do these apps have their own secure keyboard?
(Score: 2) by hemocyanin on Wednesday December 28 2016, @03:03PM
Fair point too.