176
Tor says it’s "still safe" amid reports of police deanonymizing users
(www.bleepingcomputer.com)
this post was submitted on 20 Sep 2024
176 points (96.8% liked)
Privacy
31279 readers
709 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
PGP? That's for email and isn't great
That's for encrypting text, regardless of the medium. Explain "not very good"?
It uses the same public key unless you manually change it. You don't get the rolling keys provided by other systems
I don't think I understand what you're implying. Are you arguing that PGP implements less secure operations because it doesn't have perfect forward secrecy? As far as I know there's not much out there in terms of encryption schemes for data at rest which includes PFS. Even AGE didn't have it last time I checked. If you know about something that does provide PFS for data at rest, let me know
https://en.m.wikipedia.org/wiki/Signal_Protocol
https://en.m.wikipedia.org/wiki/Double_Ratchet_Algorithm
https://en.m.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman
The signal protocol works on double ratchet that works on Diffie Hellman
This is a good read. I think it's a good solution if it can be implemented properly. Are there applications you know of that allow you to personally (manually) encrypt text and communicate with another person like GPG does?
https://simplex.chat/
https://signal.org/
You should not be doing manual communications as that opens the door for human error and is time consuming. Also these cryptography protocols are far to complex to easily be used for text.
And using these apps are not always an option. I like simplex, but sometimes email is one of the only options. PGP can be used agnostic of the technology used for transmission, and that's exactly what we need to keep more people private instead of forcing them into a few select applications. If Diffie-Helman can be used in a transport-agnostic fashion then I do not see much progress in this direction.
Well it's not very good, it's just pretty good.
Possiblylinux127 seemed like he had founds faults in PGP's encryption which got me interested
Oh, I was just interested in making a pun based on the name. 😂
To be perfectly honest I was under the impression that we had collectively bailed on PGP in favor of GPG, but based on the Wikipedia article it seems like PGP is still getting updates so maybe that's not the case?
PGP is the protocol, GPG is the implementation. People tend to use GPG because it is FOSS.
Thank you for distilling that down, cleared up all of the confusion I had. Cheers.