“you can have backwards compatibility with the 1990s or you can have sound cryptography; you can’t have both.”

Cryptography engineers have been tearing their hair out over PGP’s deficiencies for (literally) decades. When other kinds of engineers get wind of this, they’re shocked. PGP is bad? Why do people keep telling me to use PGP? The answer is that they shouldn’t be telling you that, because PGP is bad and needs to go away.

Source: Latacora – The PGP Problem

I knew PGP was bad and had avoided it cos I knew of its eldritch complexity of integration but I didn’t know about the rest.

Figures that Thunderbird is planning on integrating it as a built-in function.

They should probably use something else, methinks.

Hacked! – Magazine – The Atlantic

As email, documents, and almost every aspect of our professional and personal lives moves onto the “cloud”—remote servers we rely on to store, guard, and make available all of our data whenever and from wherever we want them, all the time and into eternity—a brush with disaster reminds the author and his wife just how vulnerable those data can be. A trip to the inner fortress of Gmail, where Google developers recovered six years’ worth of hacked and deleted e‑mail, provides specific advice on protecting and backing up data now—and gives a picture both consoling and unsettling of the vulnerabilities we can all expect to face in the future..

Now I’m getting all itchy about changing my passwords.