Hacker News new | ask | show | jobs
by dale_glass 1017 days ago
> Which communication methods leak no metadata?

All leak something, but there are differences in what and how much.

> If two people are communicating, the message always needs to know where it's going and in most cases where it's coming from.

Yes, but in this case it'd be actually better to use something like Signal. You want something that's plausibly used often, is always encrypted, and is used for random chit-chat all the time, so that it's hard to tell if anything odd is going on from the outside.

GPG just screams "an important conversation is happening"

> Not encrypting the email subject is an implementation detail really.

And it's still unfixed, despite being a serious problem (it's easy to slip up and put something interesting in the subject).
2 comments
mikro2nd 1017 days ago
> GPG just screams "an important conversation is happening"

is just another argument in favour of all email being encrypted.

And yes, there's side-channel/metadata still in the clear, and that's a problem, but still a smaller problem. The only crowd I know working on solutions to minimise/eliminate that problem is the Cwtch project (not product!)

link
dale_glass 1017 days ago
> is just another argument in favour of all email being encrypted.

And that makes GPG unsuitable, because it's such a pain in multiple ways.

> And yes, there's side-channel/metadata still in the clear, and that's a problem, but still a smaller problem.

Absolutely not a "smaller problem". Using GPG in an actually serious scenario like in occupied parts of Ukraine is quite likely to get you imprisoned, tortured, killed or all 3.

GPG mail is only suitable for "polite society" -- situations where your only problem is to securely email documents and account numbers to your accountant, and nothing else.

And that's actually a very narrow application. It's trivial to run into situations where that becomes extremely inadequate.

link
l72 1017 days ago
Sure, but sometimes we don't care about knowing who is communicating. For example:

I don't care if someone knows my bank sent me a message, but I want the content of the message to be secure (not just in transit, but also at rest)

I don't care if someone knows my primary care physician sent me a message, but I want my lab results to be secure.

I don't care if someone knows I communicated with my CPA, but I want my tax and receipts to be secure.

link
dale_glass 1017 days ago
True, but that's incredibly user unfriendly. The average person isn't good at doing that level of risk evaluation. What's important and what not isn't intuitive.

And we have a much friendlier than GPG system for that: putting that on a website protected by HTTPS.

link
l72 1017 days ago
But that puts all the data on a 3rd party site where I _might_ be able to make a copy of it for myself. It is annoying to get an email from my bank about an "important message", and instead of just sending me the message, I now have to go to the bank's app to read it. Oh, and it disappears after 30 days, so I have no way to archive it or look back on important messages from a year ago.

A government system could easily implement s/mime transparently for all emails sent within that system (meaning any other government agency or registered providers).

link