[tptacek]

This is like the engine underneath PGP, but modernized and with the misfeatures stripped out. You'd use it, instead of PGP (which is bad) for encrypting files, and as a building block for the operational tools that really are just straightforwardly encrypting files (ie: not messaging, which has its own distinct needs and has purpose-built cryptosystems for).

More on this: https://latacora.micro.blog/2019/07/16/the-pgp-problem.html

[defanor]

There seems to be quite a few light contradictions (or perhaps just varying views exposed) in both the post and the way it's referenced here.

I assume that OP's question implied that there generally are downsides to using separate tools (such as fragmentation, and then mostly UX ones: obtaining/installing them on all the machines that need them, managing keys differently, learning/using additional software, etc) when a task can be achieved with commonly available ones. But then the article criticizes GnuPG's UX, and suggests to use a bunch of different tools.

Then the article says "let's call both GnuPG and OpenPGP `PGP`", and proceeds to criticizing "PGP" standing for both GnuPG and OpenPGP.

Then it criticizes OpenPGP metadata leaks (possible attachment of a key to an identity), but suggests to use services such as Signal and WhatsApp (certain attachment of a key to an identity via a phone number, AFAIK). Or the ones using similar algorithms (I've only tried OMEMO out of those myself, which led to messages not even being shown in IM clients, apparently due to implementation inconsistencies).

Then it goes on suggesting to not encrypt email. I guess it's implied that one shouldn't use email for secret data, but a much more common practice seems to be actually using it for secret (but not "life and death" kind) data, and sending plaintext passwords and such; using PGP would still be a step forward. Perhaps it's the contrast between such criticizm (both here and of various other technologies) and common practices that makes me rather skeptical about the former: we can do better than X, but not doing even X.

WOT/PKI criticizm is present there too, but the suggested software either doesn't do/need it at all, or relies on a safe channel and direct verification (which is usable with OpenPGP as well).

I'm not advocating use of OpenPGP for everything, but finding those arguments to be rather strange.

[tptacek]

I'm sure there was a question in there somewhere, but I'm not seeing it. I'm the author of the article that you're responding to. I'm happy to answer questions that I can parse as such.

You can do a lot better than OMEMO. Just use a serious secure messaging application: Signal or Wire are both fine options. Virtually every secure messaging application, including OMEMO, is better than attempting to make email cryptographically secure.

[defanor]

I didn't have a question, though perhaps not quite seeing where those advices are coming from (what are the threat model and underlying assumptions) can be stated as a question, as well as the definition of "better" here. For instance, phone number exposure and centralized systems (in case of Signal) or unreliable message delivery (in case of OMEMO implementations) seem rather bad to me, while properties such as deniable authentication seem to be useful in rather specific and rare cases (they still wouldn't harm if they were better supported though). It's also challenging to use OpenPGP, even with widespread email usage and the standards being around for a while, since people rarely care about encryption, and the most common case (AFAICT) is to send just plaintext emails with private/secret data. Given that, it seems counterproductive to advice not using it, but using systems with more obstacles instead. Do you view some of the properties they add as particularly useful in common cases, and/or as worthy trade-offs?

[cwyers]

I've read that article before and really enjoyed it. I don't know if it answers the question, though. So, if I want to message someone I use Signal, if I want to send someone a file I use Wormhole, if I want to sign something I use Minisign, if I want backups I use tarsnap. Is this for "if someone compromises this machine there's still something else they need to do to access this file?"

[kick]

Your comment on purpose-built systems makes me want to ask a question I've been wondering about for a while:

What would be the best way to encrypt something with a lot of files in it (like, say, a home directory), assuming you wanted to access it across the network on multiple devices?

Sorry if this question's annoying, it seems like something you might get a lot.

[pknopf]

Encrypted LVM, or any other block-device-level method.

[kick]

I admit I grievously misworded my query, but (something like) Magic Wormhole seems to be the answer to the question I was meaning to ask.

[yandrypozo]

in practice "the best" and securest way of encrypting a folder is zip-compressing it several times with passwords.

[dependenttypes]

Wait what, excuse me?

I don't mean to insult you or anything but how did you came up with that idea?

[upofadown]

OK, the linked article talks about a downgrade attack and then uses that as an excuse to talk about a whole lot of OpenPGP stuff that no one actually uses anymore. But the article entirely fails to show how a downgrade attack is possible. I mostly just skimmed the article after that but did not see any real attacks even against the old stuff. So not really a strong argument against the OpenPGP standard.

[tzs]

From the linked blog:

> A Swiss Army knife does a bunch of things, all of them poorly.

Counterexample: the Phillips head screwdriver in my Swiss Army knife is actually the best Phillips head I've ever found. It can easily turn without slipping a wider range of screw head diameters and depths than any other screwdriver I've used.

(Does anyone else have way more screwdrivers around than they can explain? I cannot think of any reason I would own more than two or three full sized screw drivers, and one set of small of jewelers screwdrivers...but I've got more than a dozen full sized ones and a couple sets of jewelers screwdrivers. I cannot remember buying, inheriting, finding, stealing, borrowing and not returning, or being gifted any of them--but there they are. Glitch in the matrix?)

[xxs]

One thing about the Phillips screw driver - perhaps it's Pozidriv[0] type, that's compatible with Phillips but different/better.

"Phillips" was originally designed to slip to prevent over-tighten. One more PH. screwdrivers come in various sizes (read the listed article for more). Using the correct one works significantly better for: flat/ph/pz, etc. For stuff like torx is not even possible to use incorrect screwdriver. Last screwdriver quality greatly varies, with some brands being exceptionally expensive or even pride material to own.

[0]: https://en.wikipedia.org/wiki/List_of_screw_drives#Pozidriv

[jdeibele]

I went to replace the memory in a 2018 Mac Mini yesterday. I have small Torx screwdrivers from doing this older Mac Minis and MacBooks. I have bigger security Torx bits (they have a pin in the center so ordinary Torx bits won't work) that I bought when replacing the fuse in a microwave.

What I don't have are small security Torx bits or screwdrivers. Which is what you need for the 2018 Mac Mini.

I had bought the small Torx screwdrivers as part of a kit with small Phillips, pentalobe, etc. Major use case was replacing broken screens on Chromebooks when the kids were littler. Secondary use was replacing hard drives in Mac Minis (2011, 2012) with small SSD/1 TB combos.

[andynic]

I buy most of my tools from jumble sales, the older tools are the best and with a bit of restoration work better than any new screw driver. I always carry a pocket knife and knife sharpener like the one here https://www.gearassistant.com/best-pocket-knife-sharpener/ but rarely use the screwdriver on it