Comment on [deleted]
CrayonRosary@lemmy.world 2 months agoYou need the private key to sign anything. The public key is only for encrypting outgoing emails which only the person with the private key can decrypt.
People have been using PGP over email for literally decades. You do not know what you’re talking about.
horse_battery_staple@lemmy.world 2 months ago
blog.mobilehelix.com/…/secure-email-is-cracked-ef…
CrayonRosary@lemmy.world 2 months ago
Did you even read that article? It has nothing to do with what I said. I pointed out that you don’t understand how public key encryption works, and you replied with an article about an exploit that does not refute what I said. An exploit that can be avoided by simply not clicking “load images”. An exploit that has probably been fixed in a client like Thunderbird anytime over the past six years.
I don’t know why I’m wasting my time with you. You can’t even argue in good faith.
horse_battery_staple@lemmy.world 2 months ago
So you agree that an unsolicited message from someone, asking you to email them could be suspect.
CrayonRosary@lemmy.world 2 months ago
How about you address my actual reply instead of changing the topic constantly?
That sentence is incorrect. Just admit it.
hendrik@palaver.p3x.de 2 months ago
Nice attack. But does this have any real-world consequences? I mean the attacker is decrypting their own email here, as far as I understand. This shouldn't be possible. But it doesn't really do harm, does it? I mean they wrote that text themselves, so they already know what's in there?!
horse_battery_staple@lemmy.world 2 months ago
It’s a problem with the local email client and PGP not being securely handled locally. I’m learning a lot about email in this thread.
hendrik@palaver.p3x.de 2 months ago
Yeah, this thread is weird. Completely different up/downvote ratio than the other one. And seems it's now entirely about email and PGP 🤔