Interesting OpEd from Ars Technica on PGP

encryption

(Full Snack Developer) #1

His main premise is that the web of trust model fundamentally breaks several important things, such as encouraging long-lived keys. I’m a fan of GPG for encryption, but I’ve always found it unwieldily for communication. Thoughts?


(oaktree) #2

Just use protonmail. Services should encrypt by default without your even noticing.


(Command-Line Ninja) #3

That is super surprising. PGP has been an industry standard for so long. I would surely trust PGP more than Signal. IMO.

Nice share!


(Not a N00b, but still learning) #4

Of course as it has been established for a longer time (and therefore more people should have looked over the code), it should be more trustworthy. He does state that PGP for encryption is secure, it is rather about the entire design of long term key usage. My interpretion is that for everyday messaging, Signal is better than GPG


(Command-Line Ninja) #5

For everyday messaging of course.


(Full Snack Developer) #6

Exactly. His beef is that it encourages bad behavior with the key management and WoT.