On Thu, Nov 21, 2013 at 12:31 AM, elijah <eli...@riseup.net> wrote: > I don't need to beat a dead horse, but nearly every email from carlo > contains one or more logical fallacies. This email contains two: the > strawman fallacy (enigmail has poor security, so no usage of OpenPGP can > have good security) and the composition fallacy (hkp keyservers are part of > how OpenPGP works, and they leak metadata, so you can't protect metadata > with OpenPGP).
So, "A spherical user in harmonic motion could use the system safely on alternative Tuesdays. Q.E.D." ? Common, recommended applications and usage patterns have this problem. It isn't a strawman to argue out that PGP is widely unsafe in practice, and to support that position with specific examples. AFAICT every complaint he makes is rooted in real limitations in the technology or the surrounding ecosystem as deployed, and the limitations are substantive and of a kind which could cause people harm. They may not apply universally, but that they apply at all is a problem. Instead of spending your time pattern matching his messages with prefabricated excuses to ignore them... why not also work on trying to improve the ecosystem so that the security of PGP in practice is unimpeachable, even by arguments 'merely' grounded in an assumption that a user isn't using perfect software or engaging in perfect usage? -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
