|
|
|
|
|
|
by Reelin
2306 days ago
|
|
|
PGP most certainly _does_ provide data at rest encryption. Efail isn't relevant here - it's a live exploit against an active target, not something that can be used against data at rest for which you lack the keys. And forward secrecy is hardly relevant to the point I made either (other than being a generally desirable feature). > You need to treat email (encrypted, or not) as if there are copies cached all over the place forever. That's my _entire point_. Assuming there are copies cached all over the place forever, I would strongly prefer that they were encrypted. How is this not an obviously desirable thing?! > the moment they do start caring, they can go back and read all of your emails, encrypted or not I do not believe that this claim is correct. Given a block of PGP encrypted text for which one lacks the private key, I am not aware of the existence of any practical attacks against the algorithm. If such an attack does exist, please point me to it - I would very much like to know about it. |
|
|