[0rjf83]

Your reply is... confusing.

You tell people not to use PGP, then recommend using Signal.

Signal requires a phone number and phone to sign up. The Signal backend server is run by Signal Messenger LLC. As far as I understand, you can't run your own backend server, there's some restriction there. Signal's encryption is open and audited/auditable, and is convenient however it's not widely implemented in a public manner (Whatsapp and some other sites apparently use it; have consulted with Signal.)

I know PGP has flaws, the other replyee posted a link even. But in less than 5 minutes, for free, and without violating my privacy to captchas or barbaric service terms, I can:

- Sign up for a brand new email address from a privacy respective service, on (almost) any device/system

- Generate a PGP keypair on (almost) any device/system

- Share the pubkey with a receiver

- Instantly send encrypted content

Is it more inconvenient than installing Signal? Yes, but it's far more flexible.

And I agree with the other replyee, this reply sounds more like a dislike of SHA-1, which is fine, rather than "don't use PGP".

Anyway, yes everyone who uses proprietary or anti-user messaging platforms should move to Signal/Matrix.

[dfabulich]

Signal isn't just more convenient; it's also more secure than your PGP encrypted emails. https://latacora.micro.blog/2020/02/19/stop-using-encrypted....

* The encrypted emails you send will transmit the headers in plaintext, including the sender, the recipient, and the subject line (which is message content!)

* Anyone who replies to your email unencrypted (which is the default way to reply, because email is insecure by default) will leak not just their own message but your encrypted message as well

* Every archived message will eventually leak

PGP offers you more control over the infrastructure, which might be valuable to you, but that control comes at a cost of reduced security. That's not an appropriate tradeoff for anyone who actually needs to send a secure message.

SHA-1 is just the cherry on top.

[ekianjo]

> Signal isn't just more convenient; it's also more secure than your PGP encrypted emails. https://latacora.micro.blog/2020/02/19/stop-using-encrypted....

since when does Signal support emails? Sorry but a chat application is no replacement for async messaging.

> * Anyone who replies to your email unencrypted (which is the default way to reply, because email is insecure by default) will leak not just their own message but your encrypted message as well

This is major bullshit as they would have to know how to setup encryption to be able to decrypt your message in the first place, and all email clients I know will default to making the reply encrypted if the first message was encrypted in the first place.

> Every archived message will eventually leak

Even if that were remotely true, and it's not, the point is that you are able to TRANSMIT it over email in a safe way regardless of which provider you use. Archiving is besides the point.

[bigiain]

> Signal isn't just more convenient; it's also more secure than your PGP encrypted emails.

Sure, but person to person email is not the only or even primary (for me) use case for GPG/PGP encryption.

The second line of the linked article says: " ... and a program to verify detached signatures geared towards software distribution systems called sqv." - a use case for which Signal is completely useless.

Signal is great for what it does, so long as you're prepared to accept it's current "needs to use real phone numbers and spams your Signal signup to everyone with your phone number in their contact list" behaviour. But keep in mind those are thew tradeoffs it's making for key distribution (and not everybody considers them to be "the right" tradeoffs). PGP/GPG ket distribution is a complete mess, which is why it's such a poor thing for cold-call person to person encrypted messages (even ignoring all the unencrypted metadata issues), BUT there's no way for me to use Signal in a bunch of scripts mailing database backups from servers, or to send intrusion detection notification emails, or to verify software repo downloads. Those are all areas where PGPs key distribution nightmare are not problems, and where PGP's "old school" long lasting keys are less of a problem. And there's _lots_ of those kinds of things in the world using PGP right now. new clean PGP implementations are a good thing for those - even though I'm not about to get all 1994 again and start emailing my friends using PGP...

[c22]

Come on, it's true that sender, recepient, and time is valuable metadata that you may wish to obscure depending on one's security context, but if you are leaking sensitive information in the subject line of your pgp-encrypted emails that's on you... Why not just encrypt the subject?