@raucao @Haydar This is a common failure mode of security specialists. They make perfect the enemy of the good, and start building or promoting systems that are secure but deficient in some other way: too centralized, or too difficult to use, or too difficult to implement. And ironically, those defects often make their systems less secure.
Conversation
Notices
-
silverpill (silverpill@mitra.social)'s status on Tuesday, 19-Nov-2024 21:15:33 JST silverpill -
Râu Cao ⚡ (raucao@kosmos.social)'s status on Tuesday, 19-Nov-2024 21:15:34 JST Râu Cao ⚡ @Haydar Looks like the whole article boils down to an ad for their private key directory thing. And the first half is basically just "listen to me, I'm an expert, all these other people are dumb".
-
Râu Cao ⚡ (raucao@kosmos.social)'s status on Tuesday, 19-Nov-2024 21:15:35 JST Râu Cao ⚡ @Haydar "Don't encrypt email, because there's always metadata! But do use Signal (with metadata on one central server, tied to KYCd phone numbers), because some XMPP clients let you turn off OMEMO!!"
Logic, how does it work? ¯\_(ツ)_/¯
-
Senioradmin (haydar@social.tchncs.de)'s status on Tuesday, 19-Nov-2024 21:15:36 JST Senioradmin Oha, das ist provokativ: Dieser Blogartikel sagt:
- Nutzt kein #PGP / #GPG
- Nutzt kein #XMPP + OMEMO
- Nutzt kein #Matrix (im Sinne: verlasst euch nicht auf die Verschlüsselung)
- E-Mails verschlüsseln ist sinnlosIch kenne den Autor nicht und würde ihn nicht erwähnen, würde der Artikel nicht in ernstzunehmenden ITSec-Newslettern zitiert
-