A Matrix server is one of the applications that I’m running, but I don’t let any random Joe into my place of work. Manually PGP’ed messages over email is perfectly viable for first contact.
Comment on [deleted]
horse_battery_staple@lemmy.world 1 week agoEmail is insecure comms, it is required to be stored in plain text. Any keys or cryptographic elements you share over email are already compromised as soon as it’s emailed.
There are a multitude of encrypted ways to communicate. If you are attempting to reach people on lemmy I would suggest setting up a matrix server and element instance much like what was done on db0.
MidnightMan@lemmy.world 1 week ago
horse_battery_staple@lemmy.world 1 week ago
The PGP key has to be shared plaintext… that makes it useless as anyone can sign it after that. Again email is the worst way to do this.
If you cannot host a secured and sandboxed Matrix server, I personally do not trust your security hygiene.
JD Vance was Peter Thiel’s best little buddy and he’s running Palintir.
DO NOT USE EMAIL FOR THIS.
CrayonRosary@lemmy.world 1 week ago
You need the private key to sign anything. The public key is only for encrypting outgoing emails which only the person with the private key can decrypt.
People have been using PGP over email for literally decades. You do not know what you’re talking about.
lordnikon@lemmy.world 1 week ago
This is so wrong you don’t share anything with PGP you never share a private key with anyone and you can shared your public key with anyone it’s useless without the private key.
horse_battery_staple@lemmy.world 1 week ago
You can verify that I have your public key. Great, I still have no way to verify you. You’re a 22 hour old account spamming DMs asking to move to a less secure platform. It’s not the way this is done.
MidnightMan@lemmy.world 1 week ago
Fuck. I thought I was paranoid.
If you cannot host a secured and sandboxed Matrix server, I personally do not trust your security hygiene.
At every step of the way, you’ve managed to speculate and assume that I’m using the worst security practices possible. Stop.
lordnikon@lemmy.world 1 week ago
I don’t have skin in this game but Email itself can be clear text all you want. By using pgp with email is very much secure as the text encryption is not transparent you see the encrypted message you encrypted with their public key and need their private key to decrypt the message.
horse_battery_staple@lemmy.world 1 week ago
csoonline.com/…/i-can-get-and-crack-your-password…
lordnikon@lemmy.world 1 week ago
The link has nothing to do with PGP
horse_battery_staple@lemmy.world 1 week ago
Correct it has everything to do with emails