tallship, 15 days ago to privacy

#e2ee is a goal, not a promise. As far back as I can remember, forums like those supporting #Enigmail and #gpg were staffed with volunteers from the privacy community who repeatedly insisted on answering questions, like, "Is <this> (whatever this might be) totally secure?" with stock questions like, "What is it that you consider 'totally secure?" or answers such as, "Secure is a relative term, nothing is completely secure, how secure do you need your mission's communications to be?"

Phrases such as, reasonably secure should be indicators of how ridiculous it is to assume that any secure platform is EVER completely, and totally secure.

That begs the question, "Exactly how secure do you require your communications to be?" The answer is always, ... relative.

Which means that you should always believe Ellen Ripley when she says, "Be afraid. Be very afraid!"

https://www.city-journal.org/article/signals-katherine-maher-problem

#tallship #encryption #PGP #secure_communication #Privacy #FOSS

⛵

.

hko, 16 days ago (edited 16 days ago) to rust

Meet oct-git, a new #OpenPGP signing and verification tool for use with the #Git distributed version control system:

https://crates.io/crates/openpgp-card-tool-git 🦀

oct-git focuses exclusively on ergonomic use with OpenPGP card-based signing keys

It is designed to be easy to set up, standalone (no long running processes), and entirely hands-off to use (no repeated PIN entry required, by default). It comes with desktop notifications for touch confirmation (if required)

#RustLang #PGP #GnuPG #gpg #Nitrokey #YubiKey

purism, 22 days ago to linuxphones

The long sought after secure communication of end-to-end hardware encrypted (HWE) chats is now available.
https://puri.sm/posts/hardware-encrypted-comsec-bundle-by-purism/?mtm_campaign=status_update&mtm_source=organic&mtm_medium=librem_social&mtm_content=ls-hardware-encrypted-comsec-bundle-by-purism
#librem5 #Purism #smartcard #pgp #encrypted

hko, 23 days ago (edited 23 days ago) to rust

I just released version 0.3.1 of https://crates.io/crates/rsop, a stateless #OpenPGP ("sop") card tool based on #rPGP.
rsop natively supports OpenPGP card (hardware cryptography) devices

SOP is a standardized, vendor agnostic, CLI interface for the most common OpenPGP operations.
See https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/ for more on SOP.

rsop is featured in the "OpenPGP interoperability test suite" at https://tests.sequoia-pgp.org/ (under "rpgpie", which is rsop's high level OpenPGP library).

#PGP #GPG #GnuPG #rustlang

hko, 28 days ago to rust

I just released version 0.10.1 of https://crates.io/crates/openpgp-card-tools, the general purpose "oct" #OpenPGP card tool.

This release adds the "oct admin signing-pin-validity" subcommand, to configure if a card requires User PIN presentation for each signature operation, or if User PIN presentation is valid for the full duration of a connection to the card.

(#GnuPG calls this flag "forcesig")

#rustlang #PGP #gpg

sequoiapgp, 28 days ago to random

Sequoia PGP's paid development is financed by @sovtechfund (❤️ ). In addition to writing code, they also support our standardization work, and community outreach. In this blog post, I discuss some of our community engagement (presentations and collaborations with sett, @securedrop, and @fedora) that have happened over the past few months.

#pgp

https://sequoia-pgp.org/blog/2024/04/25/202404-community/

blueghost, 29 days ago to email

Proton Mail automatically encrypts/decrypts messages between Proton Mail accounts via OpenPGP/PGP.

Proton Mail supports automatically encrypting/decrypting messages between Proton Mail accounts and external email accounts that support OpenPGP/PGP or GnuPG/GPG.

Instructions: https://proton.me/support/how-to-use-pgp
GnuPG: https://mastodon.online/@blueghost/111974048270035570

Website: https://proton.me
Mastodon: @protonprivacy

#Proton #ProtonMail #ProtonPrivacy #OpenPGP #PGP #GnuPG #GPG #Email #Encryption #E2EE #InfoSec #Privacy

hieronymus, 2 months ago to random German

Is #PEP #PrettyEasyPrivacy dead?