Linux, Ceph, Openstack and Privacy Tech

Moving on from PGP

3rd August 2017

PGP does a great thing in some ways. It can help verify your identity in some shape or form over almost any platform and assuming some basic skill in development and an API available; you can likely also use it to communicate across those platforms securely. It also plays a fundamental role in verifying software downloads in Linux distributions. So, why would I, as an activist heavily campaigning for greater privacy, move to abandon it all together?

My reasons are quite simple, for my use case it offers few benefits, and gives a false sense of comfort to those using it to contact me. PGP, or more correctly, GnuPG, has a fatal flaw, which is that it offers a provable record of communication through signatures. This does have a use case, but for people trying to contact me about sensitive issues, they must consider while it may give them some privacy initially, it also has the side effect of luring people into a false sense of security as to how protected they are. If my computer were seized in an unencrypted state, it is very possible whoever took it may also be able to extract my key. This key would then be able to unlock all previous communications.

As an alternative, I am switching exclusively over to OTR as a secure means of communication. No logging by default and forward secrecy built in - so assuming I lose my private key, as least it cannot be used to discover past communications.

The real problem with privacy has rarely been hiding the information. If you are a target of the state, encryption will almost certainly be rendered useless through endpoint exploitation. The real problem which needs addressing is data retention or better phrased, the need to not retain data. All encryption will eventually become weak and obsolete, but that will never matter if there is no data for them to decrypt.


Thomas White

View Comments