You're looking at Less Wrong's discussion board. This includes all posts, including those that haven't been promoted to the front page yet. For more information, see About Less Wrong.

roystgnr comments on Procedural knowledge gap: public key encryption - Less Wrong Discussion

3 Post author: Solvent 12 January 2012 07:35AM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Article Navigation

Comments (18)

Sort By: Best

You are viewing a single comment's thread.

Comment author: roystgnr 12 January 2012 04:33:40PM 4 points [-]

I'd also recommend GPG, especially if you use (or could switch to) an email client with a decent plugin for it.

One note: you still need to securely establish common keys beforehand; public key encryption just makes "securely" easier. To attack a symmetric key encrypted communication, you just need to be able to eavesdrop on the key and the encrypted content. To attack a public key encrypted communication, you need to be able to eavesdrop on both public keys, block the true public key messages from reaching their recipients, inject false messages with your own public keys, and then eavesdrop on the encrypted content. None of the industrial-scale solutions for preventing this (certificates, web-of-trust, etc.) are very satisfying to me, but "call your buddy on the phone and spend 20 seconds reading key hashes out loud" is fine for personal security.

roystgnr comments on Procedural knowledge gap: public key encryption - Less Wrong Discussion

Article Navigation

Comments (18)

Nearest Meetups

Virtual Study Room

Recent Comments

Recent Posts

Recent Open Threads

Recent Rationality Diaries

Recent Wiki Edits

Top Contributors, 30 Days

Recent Karma Awards

Comments (18)

Top Contributors, 30 Days

You'll need to login or register to do that

(Don't worry, it only takes a few seconds)

Create

Login