Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Monday December 26 2016, @11:37AM   Printer-friendly
from the it's-still-pretty-good dept.

An Op-Ed piece from ArsTechnica:

Every once in a while, a prominent member of the security community publishes an article about how horrible OpenPGP is. Matthew Green wrote one in 2014 and Moxie Marlinspike wrote one in 2015. The most recent was written by Filippo Valsorda, here on the pages of Ars Technica, which Matthew Green says "sums up the main reason I think PGP is so bad and dangerous."

In this article I want to respond to the points that Filippo raises. In short, Filippo is right about some of the details, but wrong about the big picture. For the record, I work on GnuPG, the most popular OpenPGP implementation.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by takyon on Monday December 26 2016, @09:29PM

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Monday December 26 2016, @09:29PM (#446158) Journal

    ProtonMail is outside the scope of the Swiss Federal Act on the Surveillance of Postal and Telecommunications Traffic. This act governs lawful Swiss interception of electronic communications.

    As for the Crimea comment, I suspect it was a joke! Not sure though because I can't find it on the fucked search or Google sitesearch.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by butthurt on Monday December 26 2016, @10:22PM

    by butthurt (6141) on Monday December 26 2016, @10:22PM (#446177) Journal

    They explain why:

    In the SPTT, the obligation to provide the technical means for lawful interception is imposed only on Internet access providers so the Company, as an Internet application provider, is not subject to this obligation and cannot be compelled to build in the technical means to intercept customer communications.

    -- https://protonmail.com/privacy-policy [protonmail.com]