A Matrix server is one of the applications that I’m running, but I don’t let any random Joe into my place of work. Manually PGP’ed messages over email is perfectly viable for first contact.
Comment on [deleted]
horse_battery_staple@lemmy.world 2 months agoEmail is insecure comms, it is required to be stored in plain text. Any keys or cryptographic elements you share over email are already compromised as soon as it’s emailed.
There are a multitude of encrypted ways to communicate. If you are attempting to reach people on lemmy I would suggest setting up a matrix server and element instance much like what was done on db0.
MidnightMan@lemmy.world 2 months ago
horse_battery_staple@lemmy.world 2 months ago
The PGP key has to be shared plaintext… that makes it useless as anyone can sign it after that. Again email is the worst way to do this.
If you cannot host a secured and sandboxed Matrix server, I personally do not trust your security hygiene.
JD Vance was Peter Thiel’s best little buddy and he’s running Palintir.
DO NOT USE EMAIL FOR THIS.
CrayonRosary@lemmy.world 2 months ago
You need the private key to sign anything. The public key is only for encrypting outgoing emails which only the person with the private key can decrypt.
People have been using PGP over email for literally decades. You do not know what you’re talking about.
lordnikon@lemmy.world 2 months ago
This is so wrong you don’t share anything with PGP you never share a private key with anyone and you can shared your public key with anyone it’s useless without the private key.
horse_battery_staple@lemmy.world 2 months ago
You can verify that I have your public key. Great, I still have no way to verify you. You’re a 22 hour old account spamming DMs asking to move to a less secure platform. It’s not the way this is done.
MidnightMan@lemmy.world 2 months ago
Fuck. I thought I was paranoid.
If you cannot host a secured and sandboxed Matrix server, I personally do not trust your security hygiene.
At every step of the way, you’ve managed to speculate and assume that I’m using the worst security practices possible. Stop.
lordnikon@lemmy.world 2 months ago
I don’t have skin in this game but Email itself can be clear text all you want. By using pgp with email is very much secure as the text encryption is not transparent you see the encrypted message you encrypted with their public key and need their private key to decrypt the message.
horse_battery_staple@lemmy.world 2 months ago
csoonline.com/…/i-can-get-and-crack-your-password…
lordnikon@lemmy.world 2 months ago
The link has nothing to do with PGP
horse_battery_staple@lemmy.world 2 months ago
Correct it has everything to do with emails