As a cipherpunk, I obviously felt the need to post this. Note that this is not an advertising plug. It's legitimate news. Our email encryption is done by one guy in Germany, and some random contributors (about six I think) to his Git. Werner Koch is the wonderful German guy who brought the OpenPGP standard to the free software world. GPG is an interesting project, and the PGP standard on which it is based also has an interesting history. PGP itself was written by Phil (not George) Zimmermann, a guy some company actually tried to have prosecuted for his work creating the famous email encryption system that protects our privacy. It's also an interesting time in history. GPG has seen very little development, and it could have died entirely if not for the Global Surveillance Disclosures of 2013, Forward. Those have obviously generated massive public interest not just in the United States but around the world on the issues of computing security and privacy. Without Edward Snowden, I'm confident we wouldn't be talking about GPG now at all. And that's sad. RSA, the public key algorithm, has been around for a long time, and advances in factoring should give us pause about the security of it in the next 20 years. Elliptic curves provide great security with smaller key sizes and resist all of the mathematical tricks currently threatening (albeit slowly) RSA. But that's the other part of where this point in history is interesting. The NSA, through NIST, is promoting a "Suite B" standard of crypto for public and governmental use, and it includes some elliptic curves. Obviously, in the wake of what Snowden unleashed on us, nobody trusts those particular curves. So, while elliptic curves are the way to go for privacy in the future, we're also having a hard time deciding which ones to use, since obviously anything NIST (the NSA's proxy) comes up with has to be total and utter crap. All of this is to say I think that encryption, privacy and computer security are natural extensions of fundamental human rights, and I think we need to provide support where we can. Even educating yourself about internet safety or teaching your friends the same will help the global effort. Teach your friends GPG! Have a crypto pen pal!
GnuPG is very nice! but... no one of my friends is using pgp... the usability from googlemail and facebook is much higher and cheaper than a own mailserver with SSL, DNSSEC & PGP I am about to host my own mailserver with all that stuff, just need to find a cheap way to host it... What are you using @Pret Allez ?
Hey sweetie! :3 I just use a gmail account and Thunderbird with the Enigmail plugin. So I don't have to host anything. (Obviously, I can't post my key fingerprint here. :lol
I really like hosted solutions... accessing your mails from your phone, your pc and some webbrowser in the middle of nowhere... with PGP I have to have my private key with an usb drive or something else if I want to access mails on the go... I will be migrating all my mails stored in gmail to my own Exchange 2013 in the next few weeks at least I am the only one who has access to this harddrive & with SSL that should be fine May I ask if you work in the IT business? or are you just a concerned citizen with a nerdy/techy side?
