On Fri, Jun 7, 2013 at 8:25 AM, Joe Abley <jabley@hopcount.ca> wrote:
On 2013-06-07, at 11:14, Jeroen Massar <jeroen@massar.ch> wrote:
On 2013-06-07 06:50, Dan White wrote: [..]
A nice 'it is Friday' kind of thought....
OpenPGP and other end-to-end protocols protect against all nefarious actors, including state entities.
If you can't trust the entities where your data is flowing through because you are unsure if and where they are tapping you, why do you trust any of the crypto out there that is allowed to exist? :)
Defence in depth. PGP-encrypt your transport stream and send it over TLS with client- and server-side certificate validation with a restricted CA list on each endpoint. Using IPSec. Through tor. With the plain-text littered with code words that are meaningless except to your intended recipient, taken from a pre-shared (in-person) code book that changes every day.
Then your facebook sessions will be secure.
I was most of the way there, except I couldn't figure out how to get a pre-shared codebook to all 5,000 of my facebook friends with minimal overhead... And then it hit me...DIANETICS! Thanks to you, L. Ron Hubbard, my code distribution challenges are a thing of the past. Just keep churning out the endless volumes, and the rotating cypher-key system will last for decades! Matt (for the humour-impaired: ;-P )