[ethbro]

If one is going to be paranoid, then one should at least be consistently paranoid.

v1 of the internet as used now seems wildly naive of state surveillance.

v2 may be better, but if most traffic goes encrypted, then there are going to be a lot more attacks (both legal and extra-legal) against the nuances of implementations.

v2 is certainly an improvement on v1. But one of the reasons v1 was deployed is because we believed things like "The US government would never tap traffic at the backbone" or "The US government would never tap private links between data centers."

Valuing both, I think it's important to keep eyes on the future so in 10 years we don't look back on statements like "The US government would never compell Google / Microsoft / Facebook / Whisper to distribute a poisoned version of their application" with the same amount of surprise.

[tptacek]

I don't understand what this has to do with whether we should use risky, leaky cryptosystems like PGP over things like Signal that were designed specifically to deal with these threats.

[ethbro]

I'd agree with the top of Unman's comment about striving for more, while disagreeing with the bottom.

Signal is better than PGP.

Running crypto without PFS in this threat environment is an irresponsible bet to make with data.

My point was that failing to continue to maintain vigilance, even if it sounds paranoid, is also irresponsible. Unless one is willing to be that we have a perfect crypto system, some amount of humility (as evidenced by Moxie's speech) is warranted. Else we'll be talking about Signal in 20 years in the same way we're talking about PGP.