Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
@saagar@signalapp@retr0id Even then I'd say this is flaky at best, since one can't really evidence that to be the case if tuere's neither FLOSS clients nor Server implementatioms to test against...
I recommend #XMPP - #OMEMO for most users [#Gajim and #monoclesChat are excellent clients for that!] but if you are an organization then consider #Zulip and if you already have a #Mailserver and use #PGP / MIME then @delta / #DeltaChat may be a good option [tho I'd recommend using a seperate eMail account for that!]...
Ich bin mit dem Wechsel von #Outlook zu @thunderbird mehr als zufrieden. #Thunderbird hat sich in den letzten Jahren sehr gut entwickelt. Ins besondere das Verschlüsseln mit #PGP Key ist jetzt super einfach. Wenn Ihr also mit Outlook oder einem anderen E-Mail Client unzufrieden seit, kann ich Thunderbird nur empfehlen.
I am more than satisfied with the switch from Outlook to Thunderbird. Thunderbird has developed very well in recent years. #Encryption with PGP Key in particular is now super easy. So if you are dissatisfied with Outlook or another e-mail client, I can only recommend Thunderbird.
The pgpkeys.eu test swarm (a set of four containerised hockeypuck keyservers) is now running the hockeypuck 2.2 development branch, to test eventual consistency. Waiting to see if they will stabilise overnight. 🤞
Hockeypuck 2.2 will include several updates:
drop support for deprecated algorithms (and therefore sync compatibility with sks-keyserver)
Dropping sks-keyserver backwards compatibility should get rid of several long-running sync issues. Hockeypuck validates self-sigs but sks-keyserver does not, and maintaining sync consistency with sks-keyserver means storing and propagating unverifiable self-sigs made with unsupported algorithms (in particular elGamal/RSA encrypt-and-sign, which are long deprecated). This has never worked reliably, and sks-keyserver compatibility is no longer a priority for the keyserver operators. Removing this support also significantly simplifies the code.
Dropping support for images will reduce the storage footprint of a keyserver, and will eliminate an obvious abuse vector.
Hard (i.e. retrospective) revocation of a key (e.g. by publishing the revocation certificate saved at key generation time) will cause all User IDs attached to that key to be deleted. This allows key owners to remove their personal information from the entire keyserver network without having to contact individual operators (which can still be done, your rights are not affected).
The timestamp-aware merge strategy will allow key owners to remove spammy third-party signatures from their published key by creating a fresh self-signature (e.g. by updating the expiry date) and republishing. This works similarly to attestation signatures, but is compatible with clients that don’t yet support attestations.
v5 (GnuPG) and v6 (RFC9760?) signatures will soon start appearing in the wild. Several changes will need to be made in the codebase to enable support to be added in the future.
These vital developments will help keep the #openpgp keyserver network stable, relevant, and compliant, into the foreseeable future.
🤓 Heute ausnahmsweise eine Mail mal wieder mit einem öffentlichen PGP-Schlüssel verschlüsselt versendet, und zwar an die Aufsichtsbehörde Niedersachen, die ihren PGP-Schlüssel vorbildlich auf ihrer Website veröffentlicht.
#Encrypted notification #emails are going away on December 5. This means that, soon, emails you receive from Facebook will no longer be encrypted.
If you have previously set up a #PublicKey, you can still view it under settings on Facebook (or in the Accounts Center under Password and security) until December 5.
#Facebook will no longer send #encrypted#emails
You used to be able to use your #PGP key in order to have your emails sent by Facebook encrypted. This is one of the features I liked the most about this platform. Now it's turning into another nail in its coffin.
If you had the pleasure if seeing #Outlook crash and die once the Inbox reaches 2 GiB you'll beg for @thunderbird - espechally since the only #GUI-based #eMail Client that does #PGP/MIME out of tue box and just works noob-proof in that regard.
Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
Finally figured out the PGP stuff. Turns out Keybase, at some point without telling me, just forgot the private key they generated for me at the beginning. Good thing I had exported and backed it up years ago. Looks like it's really easy to update the expiration of sub keys, and then push that (mine was already on pgp.mit.edu). Keybase wasn't actually helping with anything, the signing key they generated just had a really long expiration to begin with. #pgp#KeyBase
We released version 1.17.0 of sequoia-openpgp! It includes new fuzzing infrastructure, a secret key leak detector, and integration with sequoia git, which enforces a signing policy. Read our release announcement for more details.
I have no idea if I should keep using KeyBase to manage PGP. I know nothing about PGP, I just need the key for git commit signing, so in that regard it's helping. They added crypto wallet junk a long, long time ago, but no longer seem to mention it on their home page. They got sold to Zoom in 2020, which seems to have stopped development. But it still works, and is still encrypted the same way as always. #KeyBase#pgp#git
@dostalcody I am also using s/mime, but mostly work related. PGP is more for personal use, but I am having some customers using it, too. The few people using s/mime privately have their cert from Volksverschlüsselung. I am using it, too.
The big advantage of s/mime is the better support. It is in more or less all email clients, PGP often needs a plugin. The security of s/mime is reasonable, so if you are having trouble using #GPG or #PGP give #smime a try.
Anyone out there with a love for #PGP / #GPG want to take a look at my website where I explain my PGP keys and see if you can think of anything else useful to add?
Bonus points if everyone has any suggestions of stuff to add that isnt pgp specific as well.
a client made by an enterprise who will willingly backdoor your messages
a client made by 3 people that get random breaking changes that completely obliterate flow
a client that is one giant html5 canvas that uses 100% of your browser gpu power
a client that requires systemd
way too many abandoned android and ios clients
please use fedi we have:
an instance software which is so popular but so feature deprived it makes no sense why it exists, also it's trademarked in a bad way
an instance software that has so much code rot it spawned 500 forks to try and fix it only to become rotten themselves
an instance software that doesn't really know what it's doing and instead implemented 3 different api standards, and this is the fork i'm talking about. no one should talk about the upstream project.
🇩🇪Zum heutigen #GlobalEncryptionDay möchte ich daran erinnern, wie wichtig sichere #Verschlüsselung für unsere digitale Privatsphäre ist. Ohne Verschlüsselung ist unsere Kommunikation nicht mehr vertraulich. Gegen eine verdachtslose #Chatkontrolle & für ein sicheres Internet!💻🔒 https://t.co/YHkP3JMRpK
@echo_pbreyer Leider verhallt dieser Ruf nach #Verschlüsselung und dem Schutz der #Privatsphäre immer öfter ungehört. Ich praktiziere seit nunmehr 25 Jahren die Verschlüsselung mittels #PGP, muss aber von Jahr zu Jahr immer mehr feststellen, dass Gesprächspartner kein Interesse mehr daran haben. Neben diesem bescheuerten „ich habe nichts zu verbergen“ kommt immer öfter die selbst konstruierte Furcht, sich durch Verschlüsselung „zur Zielscheibe von Untersuchungen und Repressalien“ zu machen. #GPG
How do I manage and update my PGP key? I started with Keybase years ago, but not particularly interested in them anymore. I have no idea how they were managing it, but the current key expires in 2024. Is there some way I renew it? Do I create a new one? What happens to things signed with the old one? All I want is for my GitHub commit signatures to continue to remain valid. Is there any simple guide for this? #git#pgp#gpg#KeyBase#GitHub
Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
Where I speak some advantages Signal has over the bigger richer rest of tech:
“We don’t have to be full of shit. We’re not a surveillance company. I’m not trying to pretend Facebook is good. I don’t have to toe a party line that is divorced from reality”