What to Use Instead of PGP

16 pointsposted a year ago
by luxpir
(soatok.blog)

23 Comments

udev4096

a year ago

Every time someone brings up PGP issues, it's always something to do with the usability rather than blaming the protocol itself. If people are too reckless, no matter what protocol you use, it will always be insecure in that sense

Analemma_

a year ago

Security experts don’t consider this a valid excuse anymore. The first task was making encryption primitives that are secure when used perfectly— it took a while, but we’ve pretty much done that: nobody expects a serious break in e.g. AES any time soon. But the next task after that is making crypto systems that are free of footguns and as hard as possible to misuse, especially when wrapped in layers of libraries, which in practice they always are.

This is what’s phasing out RSA, for example— it is possible to use RSA in a completely secure way, but it’s very easy to get it wrong and it can fail catastrophically when you do. PGP has the same problem: yes, it can be used securely, but that’s not sufficient in 2024.

palata

a year ago

> PGP has the same problem: yes, it can be used securely, but that’s not sufficient in 2024.

Does that justify saying "it sucks shit", though? Especially considering that it was written in 1991, and not in 2024?

I feel like I don't regularly read blog posts from aerospace engineers that sound like "The Apollo mission sucked shit. Those morons had no idea what they were doing. We younger aerospace engineers who have not had a fraction of the impact Apollo did have been saying it for years: use our new stuff because we are the smart ones".

Hackbraten

a year ago

> Note: I’m deliberately being blunt in this post because literally more than a decade of softspokenness from cryptography experts has done nothing to talk users off the PGP cliff. Being direct seems more effective than being tactful.

I hate PGP, too. However, I’ve spent money on five YubiKeys and several months of tinkering to make them somewhat work on Linux and WSL. I use them to sign my commits and Debian packages I build.

If your goal is to convince me to throw *all of this* away and sink another shitload of money into an alternative and re-do months of tinkering to make it actually work, then being deliberately blunt and condescending is not going to help your case.

wirelessloop

a year ago

ok. So, it is not just me that find this article condescending...

Now, I believe you article is not totally futile, as it's not. But....

I would definitely drop the condescending to, give example with details as why with comparison. If you did, I did not get there, again, because of the tone.

bdjsiqoocwk

a year ago

Isn't this sunk cost fallacy?

palata

a year ago

It would be if PGP was not secure. But used properly, it is actually secure.

Condescending people saying "it sucks shit, I'm 10x smarter than the author of PGP" usually say that the UX of PGP is hard, which makes it prone to errors.

I have security keys and I use PGP. Unless someone can teach me why it's not good enough for me (and "it's too hard to use" doesn't convince me, given that I actually use it fine), I won't spend hours learning how to use the new cool tools of those condescending people, just for the sake of it.

antisocialist

a year ago

> Now, there exists a minority of extremely technical computer user for which Signal is a nonstarter (because you need a smartphone and valid phone number to enroll in the first place). > there presently isn’t really a good recommendation for private messaging that meets their constraints.

You don't need a phone number or a phone for https://haven.xx.network and there are others.

If nothing is recommended, fine, but it's simplistic to not recommend or even consider the 3-4 apps that don't have those limitations. If you didn't have time to investigate or couldn't find anything else, say so.

some_furry

a year ago

> If nothing is recommended, fine

You could've ended your sentence there.

Just because other apps don't have those limitations doesn't mean they also offer comparable cryptographic security.

Haven appears to be a blockchain project, built with Next.js, and doesn't appear to implement any cryptography.

If it isn't end-to-end encrypted, it's not in the same league.

udev4096

a year ago

For emails, there's autocrypt which works great. You don't have to deal with managing keys anymore

claudiojulio

a year ago

I don't understand the issue with encrypted emails. Is Proton Mail not secure?

some_furry

a year ago

"Is _____ not secure?"

What. is. your. threat. model?

palata

a year ago

I genuinely wonder for ProtonMail (and anything web-based, really): isn't it a fact that if I use ProtonMail, my browser will download and execute a client every time? In the sense that I don't actually know what code my client is running. ProtonMail could totally decide to serve me a client that actually leaks data, and I would not know it unless I somehow save and audit the client every. single. time.

If I use e.g. Signal, I can of course build it from sources I trust, or download it from the Play Store and trust that Google won't send me a modified version of it (at least it seems less likely and harder to pull).

Am I wrong in considering that web-based clients cannot really be considered secure?

claudiojulio

a year ago

Assuming full security, on Signal someone can also copy and paste my message, just as on Proton Mail they can forward it. I don't see any difference.

some_furry

a year ago

From the article:

> Finally, miss me with the “but someone can screenshot Signal” genre of objections.

> As Latacora noted, people accidentally fuck up PGP all the time! It’s very easy to do.

> Conversely, you have to deliberately leak something from Signal.

claudiojulio

a year ago

Ok. I read it without paying attention. Sorry. I got lost in the translation.

palata

a year ago

Do cryptographers really have to keep saying things like "PGP sucks shit" and give the impression that the author was completely stupid?

The author wrote this in 1991 and humbly called it "pretty good privacy". 30 years later, kids say "it sucks shit" and call their stuff "actually good encryption", hinting that they believe they are so much better than the PGP author more than 3 decades ago.

I don't know, can we show some respect, or is it too much to ask?

some_furry

a year ago

The blog post did not attack the people that created it in 1991. It criticizes what we have today.

What we have today is a mess of legacy cruft that is still heavily evangelized by people that don't know better.

Enough with tradition. Enough with reverence for the past. What matters more is what's the better solution. If we continue to insist on this veneer of "respect", it will just make the PGP evangelists think they're in the right.

palata

a year ago

> It criticizes what we have today.

I understand that. But the tone does feel very condescending to me. And this article is not isolated in that sense.

Let me just give one example from another article of this blog:

> But before I do, a quick reminder that me criticizing XMPP+OMEMO isn’t an endorsement of weird or stupid alternatives, like using PGP.

I don't know, if I was the PGP author, it would not make me feel good.

some_furry

a year ago

The PGP author doesn't read furry blogs.