This is a message to confirm that my previous PGP key was compromised and should be considered compromised since its creation one week ago. I have made a new PGP key and have already uploaded the revokation of the old one, as well as the new one to the MIT Keyserver. I will begin to upload these keys to more servers to speed up its distribution. The revocation message explains in more detail. A Proof of Identity <https://freespeechextremist.com/notice/9tVhrbvPE0PLFrLBx2> -- |-----/ | Se7en / The One and Only! | se7en@cock.email / | 0x0F83F93882CF6116 / | https://se7en-site.neocities.org
On Sun, 29 Mar 2020 14:27:35 -0700 Se7en <se7en@cock.email> wrote:
A Proof of Identity <https://freespeechextremist.com/
site is completely broken "To use Pleroma, please enable JavaScript."
On Sun, Mar 29, 2020 at 11:24:41PM +0100, Peter Fairbrother wrote:
On 29/03/2020 22:27, Se7en wrote:
This is a message to confirm that my previous PGP key was compromised and should be considered compromised since its creation one week ago.
Then either PGP is crap at security, or you are.
Any bets?
The hardware is buggy. The firmware (remote control) is buggy. The kernel is buggy. The userland is buggy. The operator might be buggy. Cert chaining to root certs are known. How do you imagine to keep secret in this situation?
Digital encryption is inherently faulty due to the incompatibility of physical and electromagnetic. At the electron level there might be electronic security but getting from that level to the human accessible level is insurmountable. Encryption products fudge the linkage with smoke and mirror analogues. "Pretty good" is one of the few crypto products which accurately describe what is possible. All the others exaggerate, exculpate for inevitable failures, prevaricate, slickly market, promise to do better with upgrades and/or new. Lately, comsec wizards market claims that's the best we can do, live with it, agitate for privacy legislation. Or cite Snowden's racketeering, SecureDrop, Signal, and continuous snake oiling. Full Disclosure web site covers this endless apologia pretty good. Background for the skeptical: The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments (NSA, 1998) https://cryptome.org/jya/paperF1.htm
participants (5)
-
Georgi Guninski -
John Young -
Peter Fairbrother -
Punk-Stasi 2.0 -
Se7en