On 2013-06-07, at 11:14, Jeroen Massar <jeroen@massar.ch> wrote:
On 2013-06-07 06:50, Dan White wrote: [..]
A nice 'it is Friday' kind of thought....
OpenPGP and other end-to-end protocols protect against all nefarious actors, including state entities.
If you can't trust the entities where your data is flowing through because you are unsure if and where they are tapping you, why do you trust any of the crypto out there that is allowed to exist? :)
Defence in depth. PGP-encrypt your transport stream and send it over TLS with client- and server-side certificate validation with a restricted CA list on each endpoint. Using IPSec. Through tor. With the plain-text littered with code words that are meaningless except to your intended recipient, taken from a pre-shared (in-person) code book that changes every day. Then your facebook sessions will be secure. Joe