this post was submitted on 20 Sep 2024
193 points (97.1% liked)

Privacy

32130 readers
618 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] MigratingtoLemmy@lemmy.world 22 points 2 months ago (2 children)

If I understand correctly, stream isolation will route different connections through different circuits. If you're doing two different things of a sensitive nature, open different browsers and applications, use random user-induced delays in your actions/responses and PGP-encrypt everything. And listen to what the TOR project says about the mitigations. I have some reading to do myself I guess

[–] chappedafloat@lemmy.wtf 7 points 2 months ago (1 children)

whonix docs is very good to learn about this stuff

[–] delirious_owl@discuss.online 3 points 2 months ago

Heh, whonix docs for privacy have become the arch wiki for Linux

[–] possiblylinux127@lemmy.zip 1 points 2 months ago (1 children)

PGP? That's for email and isn't great

[–] MigratingtoLemmy@lemmy.world 7 points 2 months ago (2 children)

That's for encrypting text, regardless of the medium. Explain "not very good"?

[–] unconfirmedsourcesDOTgov@lemmy.sdf.org 7 points 2 months ago (1 children)
[–] MigratingtoLemmy@lemmy.world 3 points 2 months ago (1 children)

Possiblylinux127 seemed like he had founds faults in PGP's encryption which got me interested

[–] unconfirmedsourcesDOTgov@lemmy.sdf.org 3 points 2 months ago (1 children)

Oh, I was just interested in making a pun based on the name. 😂

To be perfectly honest I was under the impression that we had collectively bailed on PGP in favor of GPG, but based on the Wikipedia article it seems like PGP is still getting updates so maybe that's not the case?

[–] MigratingtoLemmy@lemmy.world 3 points 2 months ago (1 children)

PGP is the protocol, GPG is the implementation. People tend to use GPG because it is FOSS.

Thank you for distilling that down, cleared up all of the confusion I had. Cheers.

[–] possiblylinux127@lemmy.zip 1 points 2 months ago (1 children)

It uses the same public key unless you manually change it. You don't get the rolling keys provided by other systems

[–] MigratingtoLemmy@lemmy.world 2 points 2 months ago (1 children)

I don't think I understand what you're implying. Are you arguing that PGP implements less secure operations because it doesn't have perfect forward secrecy? As far as I know there's not much out there in terms of encryption schemes for data at rest which includes PFS. Even AGE didn't have it last time I checked. If you know about something that does provide PFS for data at rest, let me know

[–] possiblylinux127@lemmy.zip 1 points 2 months ago* (last edited 2 months ago) (1 children)
[–] MigratingtoLemmy@lemmy.world 1 points 2 months ago (1 children)

This is a good read. I think it's a good solution if it can be implemented properly. Are there applications you know of that allow you to personally (manually) encrypt text and communicate with another person like GPG does?

[–] possiblylinux127@lemmy.zip 1 points 2 months ago* (last edited 2 months ago) (1 children)

https://simplex.chat/

https://signal.org/

You should not be doing manual communications as that opens the door for human error and is time consuming. Also these cryptography protocols are far to complex to easily be used for text.

[–] MigratingtoLemmy@lemmy.world 1 points 2 months ago* (last edited 2 months ago) (1 children)

And using these apps is not always an option. I like simplex, but sometimes email is one of the only options. PGP can be used agnostic of the technology used for transmission, and that's exactly what we need to keep more people private instead of forcing them into a few select applications. If Diffie-Helman can't be used in a transport-agnostic fashion then I do not see much progress in this direction.

[–] possiblylinux127@lemmy.zip 1 points 2 months ago (1 children)

Just keep in mind PGP is weaker in the sense that it is easier to break due to its shared key.

Email itself is not exactly a secure protocol

[–] MigratingtoLemmy@lemmy.world 1 points 2 months ago (1 children)

Shared key???? PGP works on a public-private key-pair, and unless you're giving out your private key, it's not shared with anyone. This is blatant misinformation

[–] possiblylinux127@lemmy.zip 1 points 2 months ago (1 children)

The public key is public and there is a single vulnerable private key. Someone can identify you with the use of your public key and if someone gets access to your private key (maybe a solen device) they can decrypt logged messages that used that key. This means they can still get access even if you deleted the messages off your device.

[–] MigratingtoLemmy@lemmy.world 1 points 2 months ago

That is indeed a disadvantage of PGP. Unfortunately, it is the most portable method of encryption text at rest at the moment. The moment somebody manages to figure out a way to use the Diffie-Hellman algorithm in a portable manner, I'm sure a lot of people will consider that a viable alternative. Till then, learn about disk encryption to keep your keys safe