[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cryptography] Avoiding PGP
- From: Ondrej Mikle <ondrej.mikle AT gmail.com>
- Subject: Re: [Cryptography] Avoiding PGP
- Date: Mon, 19 Mar 2018 01:42:18 +0100
- Arc-authentication-results: i=1; mx.google.com; dkim=neutral (body hash did not verify) firstname.lastname@example.org header.s=20161025 header.b=mTT7VZJo; spf=pass (google.com: best guess record for domain of cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com designates 126.96.36.199 as permitted sender) smtp.mailfrom=cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:to:dkim-signature:delivered-to :arc-authentication-results; bh=xgOKCE0RbLOAcy7JYsgUkn5ZcPqKpaMc5F14RwXUJbk=; b=cBcqSFRAY5BXi97F2HSIdNLqTeN6Ij/FPEtuGjuLf+l8p+1yfr87N9teUyAveWLUCW QXGaMiCakhLkcOt4NjRemMhBzZ5Ha8TAEq7w7EP4VlLrEigsk0Vgg//towaG2ia7PRhj 9UKm/pwXsSd7VHMMMKKzK5QOaRfa8dVXA0rok1WmelGOgIxOarb4QpNdplSI/rxjiVQ/ 16y59j2OdS27Sb9nKrLG77sFcTNlaBXlcdZPekZHP9+eiS+KrqVEL2iQVjt0MV6dCAFm wmsxURM0ZkZPWoODVpavt1Cvx3wPTNwqSOln4YLQA4ekqLikYbZJ2NqrwARHmkUGmPVd +wkg==
- Arc-seal: i=1; a=rsa-sha256; t=1521423066; cv=none; d=google.com; s=arc-20160816; b=T339Zkhm3/T0nOaBGqjEcsPYetjH0Nw+OTAXqkqgzuCqWO8kjNfi1tPY3nLrLmwaF3 ++/WWBPck2DmM7JDcuGqgyZr7t3sdLaYHdL6ufeEhMQZWFAV0WaRC/nqPk6cUMmCr+O+ CSWAXZqM/gxXRU/BvPqTeKVq0Xg1rBjATc3EY5ADuoc6UVaXjwjPXMH6N8T1iG2IBim9 YyQ8TWe7h2olQtSlWA2Rve1QDOyY4pRLTSvRuzfpjoF3bJlm6GkZmKZYkex7IGILeA+K e6mfChP5quvnej3bRXzC0ONTdb7lhyGeL81dbLyochgdEaO8IbnNZCPjiRi+tqSi08HG HVDw==
- List-archive: <http://www.metzdowd.com/pipermail/cryptography/>
- Sender: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>
- To: cryptography AT metzdowd.com
On 03/18/2018 04:56 PM, Phillip Hallam-Baker wrote:
> Perfect? Good grief... only if you haven't used any application developed since
> 1995 or so.
I think the only perfect use is in package managers in linux that do the
signature checking for you.
> If you think it is perfect you understand nothing about usability. When people
> blame the users rather than the developers, they are always wrong because the
> users have no ability to change anything, only the developers do.
> I was utterly dumfounded when I used the GPG plug in and received my first
> encrypted email and had to tell the app to decrypt it. No, that is not acceptable.
Currently, Enigmail Thunderbird plugin kind of works. By "kind of" I mean it's
still easy to make mistakes like sending unencrypted emails or saving
unencrypted draft if you don't have the settings correct.
However, we have had a few success stories in teaching non-tech people (e.g.
medicine professionals) to use it correctly.
> WoT sounds great until you realize that most people just use the keys on the MIT
> key server and make no effort to validate them whatsoever. So really good trust
> has been downgraded to none.
Yes, web-of-trust is a failed concept. What I usually do if I can't get a
fingerprint from other channel, is to google for it and check google cache
whether a person put it on their webpage (then check whois, etc). Keybase.io is
a tool that can make this work, but it's not as well known.
> Neither is fit for purpose today. If not for the standards war, I would say lets
> fix one or the other but that isn't possible when one has mindshare and the
> other has deployment. We never really got past the VHS/Betamax standards war
> either, that was ultimately decided when Sony started work on DVD.
Usability of PGP/GPG for emails/personal communication is definitely a UI
problem (and also the reason PKI exists at all in the first place). That is the
reason why people suggest applications like Signal that make communication
encrypted by default.
Signal uses TOFU + GSM checking, but that has two vulnerabilities:
- if your target does not use Signal, you can impersonate him by exploiting SS7
or similar hack (however, SS7 manipulation is not exactly easy)
- changing of phone without restoring the original key means a warning that the
key has changed, so you now have to do the fingerprint checking again
Bottom line: GPG works well when it has been provisioned with keys for you, like
package managers in Linux. Not so well for personal email.
The cryptography mailing list
cryptography AT metzdowd.com