By the way, I haven't used PGP for a while beyond bootstrapping better forms of authenticated encryption or signing. I do occasionally deal with looking at the backlog of PGP encrypted emails, and I will sign emails as needed to confirm my identity, but I won't encrypt my mail.
Conversation
It's a completely garbage legacy technology with awful usability and poor security. I have no reason to encrypt emails to strangers because I'm not going to write anything I wouldn't write publicly here anyway. For anyone I want to talk to privately I switch to using Signal, etc.
3
4
Replying to
Do you think there is no value in what you, as a dev of highly secure software, write in emails?
1
Replying to
Email isn't suitable for private communication. At most, I'll sign an email to bootstrap proper secure messaging tools. It doesn't make sense to rely on something as poorly designed and implemented as PGP to provide encryption and it's too painful to deal with it anymore too.
1
I don't want people emailing me asking so many questions anyway. PGP encrypting them is just an annoyance. I greatly prefer answering questions publicly where other people can see the answers. If an attacker looks at my response, great, one less person I need to respond to.
1
Replying to
Do you think we should also use an encryption only for sensitive coms? Wouldnt this open up options for the adverdary to see with whome, when and where we are having somethimg to hide?
1
Replying to
That's not what I said. PGP has terrible security and is not at all usable. It's harmful to have people wasting their time and energy dealing with awful technologies like this. It provides a false sense of privacy / security and it's encryption doesn't need to be that hard...
1
Email is not how I prefer to communicate with people. As I explained, I generally don't want to be receiving email. I can accept that I need to deal with emails from my dentist, etc. but there is not much reason for strangers to email me generic questions that aren't private.