π New article: Security Theater: Why "Easy Crypto for Foolish People" is Killing PGP
-
New article: Security Theater: Why "Easy Crypto for Foolish People" is Killing PGPHow 'easy crypto' tools like FlowCrypt and Thunderbird's built-in PGP are fracturing OpenPGP standards, forcing security downgrades, and why NeoMutt with GnuPG remains the only sane choice.
https://www.virebent.art/blog/EasyCryptoforFoolishPeople.html -
New article: Security Theater: Why "Easy Crypto for Foolish People" is Killing PGP
How 'easy crypto' tools like FlowCrypt and Thunderbird's built-in PGP are fracturing OpenPGP standards, forcing security downgrades, and why NeoMutt with GnuPG remains the only sane choice.
https://www.virebent.art/blog/EasyCryptoforFoolishPeople.html@virebent A couple of comments.
Assuming a good passphrase, it is perfectly OK to store your secret key information in a place that attackers can get to. The actual problem here is that most systems that use passphrases don't have good enough usability so that users can reliably create and use such a passphrase.
AFAIK, OCB mode is for performance, not security. For something like email, good old OCFB-MDC mode is fine. Otherwise you subject the users to the stupid OpenPGP standards schism/war. Ironically, it appears that OCFB-MDC is actually more secure than at least one of the proposed new modes (GCM):
-
R relay@relay.mycrowd.ca shared this topic
