PGP is like memory management: a very useful technology that is functionally impossible to give to end-users directly in responsible manner.https://twitter.com/sarahjeong/status/933427775632846848 …
-
-
The best part is the mistakes are retroactive. So you use PGP securely for 11 months, and then accidentally send the private key once? Those last 11 months are now no longer secure. Security failures that can time travel!
-
If you key is not in a hw token you made sin #1 and everything else is just a consequence of that.
- 1 more reply
New conversation -
-
-
Thoughts on
@KeybaseIO in this regard?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Private key locked inside a Yubikey 4 is a decent experience that prevents those kind of mistakes.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I argue that s/PGP/RSA/. RSA is great foundational tech. PGP is a failed implementation.
-
‘Failed’ is perhaps too harsh; the best implementation 1991 could produce. It worked well in the use cases it was designed for, for a long time, but our needs are much greater now, and a better implementation is needed.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.