1. 14
  1.  

  2. 8

    Encryption scheme does not hide information it was not designed to hide. Let’s write an article about it!

    Let’s also make sure we say that PGP is good for the peeping toms, 2 or 3 times, OK? Let the readers stick with plaintext.

    1. 2

      The NSA has invested massive resources into metadata collection programs precisely because metadata is incredibly valuable for traffic analysis. One is almost guaranteed that they use GPG metadata, given its fidelity and non-repudiability.

      Remember, it’s not the GNU Confidentiality And Integrity Guard. It’s the GNU Privacy Guard. Metadata is more than enough to expose people despite their expectations of privacy. “You encrypted a 10MB document for an investigative reporter the night before you quit” needs to be private in the same way that “oh, you got a call from an STD clinic and then right afterwards you called your doctor” should be private.

      1. 1

        That’s not the choice given to the common email user. The choice is whether to encrypt or not the body of the email. And the criticism is that by encrypting the body, there’s still info visible in the rest of the email? It doesn’t make sense.

        It’s like saying that locking your door won’t protect you from intruders through the windows, in an article titled “your door locking is leaking” with observations like “thieves love locked doors”, hint-hint, nudge-nudge.

        It’s a disservice to the users, that’s what it is.