Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

PGP isn't user friendly, but from the Snowden leaks we learned it is one of the few encryption standards the NSA hasn't been able to break. TLS and most configs of VPN protocols were shown to be easily compromised. PGP was basically shown to be a show stopper.

1. http://m.spiegel.de/international/germany/a-1010361.html



Agreed. It has many problems but it's still one of the only games in town.


> TLS and most configs of VPN protocols were shown to be easily compromised.

This is a major claim to be making, and it is false. It is not helpful to spread misinformation like this.


Easily was, perhaps, not the correct adverb, but the linked article above as well as this one below go into it more. It does not appear to be false.

http://www.theverge.com/2014/12/28/7458159/encryption-standa...

Bruce Schneier has said while large government actors may be able to exploit it, it's still recommended: https://www.theguardian.com/world/2013/sep/05/nsa-how-to-rem...


Perhaps older versions of SSL, but there is no evidence that anyone has compromised TLS.

There is evidence that encrypted traffic was stored and research was done on the metadata of these connections but that is no surprise. That may be what they were referring to.


Also, threat models are important here...not everyone includes needs to include the five eyes as your threat model.


Of course. I am just using it as a yardstick for security strength.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: