Category Archives: Cryptography

One step forward, two steps back

According to the powers that be end-to-end encryption as we know it might be one of those things like the prosperity of the 1990’s that we can only reminisce about in the near future. Now as, always the most secure way to transit messages over a secure channel (i.e. any sort of online service, even one which implements end-to-end encryption is to handle encryption yourself.) For those of you that use Mac OS X, there’s not a better, simpler way to do it than NouveauPG.

NouveauPG is a mature product that has been out for many years and is compatible with virtually all other PGP software on the market the one caveat (and I cannot stress this enough) you can not import private keys from another PGP program. There are really good reasons for doing so, not to get technical but PGP has been around since 1993. I’m not even young and I was in grade school back then. AES, the gold standard for symmetric encryption was not even invented back then! The patent for RSA didn’t expire until 1991. Most existing implementations are still under coded under the assumption that memory is far, far more expensive than it is now.

I’m planning a promotion in honor of this current attention given to crypto (I remember this came up in the Bill Clinton administration!) Stay tuned!

DSA keys deprecating/ELIMINATING DSA keys in in openssl 7.0

https://security.stackexchange.com/questions/112802/why-openssh-deprecated-dsa-keys

You don’t have to take my word for it, but when I was begin developing NouveauPG years ago I found that, 1.) DSA is just hours of testing debugging, etc. with little return on invest. Don’t get this twisted, this was never designed to make me a millionaire but I thought is was something that should exist. We’re only here for a short time and we really have to think beyond the fleeting riches which so many in the current tech industry base their self worth. Just sort of proud that I saw that coming years ago. 🙂

pgp instractructure under attact

https://www.vice.com/en_us/article/8xzj45/someone-is-spamming-and-breaking-a-core-component-of-pgps-ecosystem

Apart from the due to the limited role of NouveauPG’s ‘eco-system’ it is safe for the secure transmission of text messages of any length across insecure medium. Social media etc. NouveauPG was written from the ground up and shares no code with the c. 1994 code-base. Apart from myself accessing this site via Tor which could be AWS nonsense, all is secure.