aldolat + openpgp   9

Not So Pretty: What You Need to Know About E-Fail and the PGP Flaw | Electronic Frontier Foundation
Don’t panic! But you should stop using PGP for encrypted email and switch to a different secure communications method for now.
PGP  GnuPG  OpenPGP  bug  attack  exploit  email  security  privacy 
11 days ago by aldolat
EFAIL
EFAIL describes vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails.
PGP  GnuPG  OpenPGP  bug  attack  exploit  email  security  privacy 
11 days ago by aldolat
Mail criptate, c'è un bug enorme che permette di leggere i messaggi. Anche quelli già spediti
Un ricercatore europeo ha trovato un enorme bug nel sistema PGP e S/MIME utilizzato per codificare le email end to end: non solo è possibile leggere il testo delle mail crittografate in chiaro, ma si può risalire anche ai vecchi messaggi.
PGP  GnuPG  OpenPGP  bug  attack  exploit  email  security  privacy 
11 days ago by aldolat
Expirybot makes it easier to use PGP
Journalists, human rights defenders, lawyers, developers and proactive citizens rely on open source cryptography to keep us all safe.
OpenPGP  GnuPG  PGP  security 
24 days ago by aldolat
Usare sottochiavi OpenPGP nello sviluppo di Debian - Debian Wiki
Le sottochiavi rendono più facile la gestione delle chiavi.
security  OpenPGP  GnuPG 
27 days ago by aldolat
Op-ed: Why I’m not giving up on PGP | Ars Technica
Every once in a while, a prominent member of the security community publishes an article about how horrible OpenPGP is. Matthew Green wrote one in 2014 and Moxie Marlinspike wrote one in 2015. The most recent was written by Filippo Valsorda, here on the pages of Ars Technica, which Matthew Green says "sums up the main reason I think PGP is so bad and dangerous."
In this article I want to respond to the points that Filippo raises. In short, Filippo is right about some of the details, but wrong about the big picture. For the record, I work on GnuPG, the most popular OpenPGP implementation.
security  OpenPGP  PGP 
january 2017 by aldolat
Op-ed: I’m throwing in the towel on PGP, and I work in security | Ars Technica
After years of wrestling with GnuPG with varying levels of enthusiasm, I came to the conclusion that it's just not worth it, and I'm giving up—at least on the concept of long-term PGP keys. This editorial is not about the gpg tool itself, or about tools at all. Many others have already written about that. It's about the long-term PGP key model—be it secured by Web of Trust, fingerprints or Trust on First Use—and how it failed me.
security  OpenPGP  PGP 
january 2017 by aldolat
Giving Up on PGP - Schneier on Security
Filippo Valsorda wrote an excellent essay on why he's giving up on PGP.
security  OpenPGP  PGP 
january 2017 by aldolat
Creating the perfect GPG keypair - Alex Cabal
You’d think that today, where laptops and world travel are commonplace, there’d be a little more information on how to secure a private key you have to travel with. But I could only find one resource: the Debian Wiki entry on subkeys. Fortunately it turns out this wiki page has exactly the solution we need.
OpenPGP  keypair  subkeys  GnuPG  security 
december 2016 by aldolat

Copy this bookmark:



description:


tags: