GPG (2013 Update)

Posted Fri 14 June 2013 09:30 under category tech

In light of all of the hullabaloo about PRISM and other spying technology, I thought it'd be good to remind all of your dear readers that we've had the technology to ensure private communications on the Internet for 22 years in the form of Pretty Good Privacy (and the much-more-commonly-used implementation, GnuPG). Ars Technica had an okay article about e-mail encryption with PGP which I recommend reading, although you should keep in mind that most security professionals would consider infrastructural PKI like SSL and S/MIME to be compromised by nation-state-level adversaries (and all associated MIC contractors).

Anyhow, my GPG Key ID is 0x568427E9480196A4 and it's in all of the regular keyservers (as well as being at, and my previous key (0xFE082A4CFD5AB3E6) has been revoked with revocation information also pushed to all regular keyservers. Obviously, you shouldn't trust my key unless its signatures fall in your Web of Trust, but I'd be glad to participate in any bay-area signing parties (or perhaps a key-signing Google Hangout). If only software companies would start producing software that properly supports end-to-end encryption and signing...