In light of all of the hullabaloo about PRISM and other spying technology, I thought it'd be good to remind all of your dear readers that we've had the technology to ensure private communications on the Internet for 22 years in the form of Pretty Good Privacy (and the much-more-commonly-used implementation, GnuPG). Ars Technica had an okay article about e-mail encryption with PGP which I recommend reading, although you should keep in mind that most security professionals would consider infrastructural PKI like SSL and S/MIME to be compromised by nation-state-level adversaries (and all associated MIC contractors).
Anyhow, my GPG Key ID is 0x568427E9480196A4
and it's in all of the
regular keyservers (as well as being at
files.roguelazer.com/roguelazer.asc), and my previous key
() has been revoked with revocation information
also pushed to all regular keyservers. Obviously, you shouldn't trust my
key unless its signatures fall in your Web of Trust, but I'd be glad to
participate in any bay-area signing parties (or perhaps a key-signing
Google Hangout). If only software companies would start producing
software that properly supports end-to-end encryption and signing...0xFE082A4CFD5AB3E6
Want to comment on this? How about we talk on Mastodon instead? Share on Mastodon