On 2013-06-07 06:50, Dan White wrote: [..] A nice 'it is Friday' kind of thought....
OpenPGP and other end-to-end protocols protect against all nefarious actors, including state entities.
If you can't trust the entities where your data is flowing through because you are unsure if and where they are tapping you, why do you trust any of the crypto out there that is allowed to exist? :) Think about it, the same organization(s) that you are suspecting of having those taps, are the ones who have the top crypto people in the world and who have been influencing those standards for decades... Oh, yes, the fun thing is that likely one is not able to do 'better' crypto either, unless it is not to talk. With PGP/SSL/TLS I of course mean primarily the underlying crypto, not the mechanism that they exist as, the mechanisms are quite well understood, the crypto though is a whole bunch of hocus spocus for most folks. And remember that when you are good enough with the crypto you are likely quickly enough to join on of those orgs ;) /me doles out tin foil hats for one to safely think this over on the weekend. Greets, Jeroen