use pgp now!

[Daddy]

what is this

Iit's a way 2 send encrypted messages
Hillary should have used it

AFAIK you need to escrow your private key to comply with FOIA requests.

Though hillary doesn't care about those
and she'd "lose" the key if she even bothered to escrow it

or she just would claim she can't figure out PGP and she can ask paul to post to reddit about it

[C.Mongler]

heh heh sick burn

[squirrelfriend]

more like overreaction

[squirrelfriend]

http://www.cjr.org/analysis/answers_to_all_the_questions_journalists_might_have_about_hillary_clintons_emails.php

“Without it, emails directed to a certain mail server can be snooped on at any point between the sender’s mail provider and that of the recipient,” Gallagher wrote, “and eavesdroppers can obtain the entire contents of the email, assuming PGP isn’t being used.” PGP is another common encryption tools for digital communications.

Gallagher said a similar test showed the server hosting clintonemail.com does support STARTTLS encryption.

“Searching public key servers, there are no @clintonemail.com addresses that are associated with PGP keys, so we can say they have probably not been using that form of encrypted email,” Gallagher added in an email.

[C.Mongler]

heh heh sick burn

[Daddy]

http://www.cjr.org/analysis/answers_to_all_the_questions_journalists_might_have_about_hillary_clintons_emails.php

“Without it, emails directed to a certain mail server can be snooped on at any point between the sender’s mail provider and that of the recipient,” Gallagher wrote, “and eavesdroppers can obtain the entire contents of the email, assuming PGP isn’t being used.” PGP is another common encryption tools for digital communications.

Gallagher said a similar test showed the server hosting clintonemail.com does support STARTTLS encryption.

“Searching public key servers, there are no @clintonemail.com addresses that are associated with PGP keys, so we can say they have probably not been using that form of encrypted email,” Gallagher added in an email.

I don't get what point you're making here or if you're just copypasting an article that has a very poor interpretation of security and isn't exactly right.

[squirrelfriend]

I'll take Columbia journalism review over a boyah security wonk for 500

[Daddy]

Lack of a public key on a keyserver doesn't imply PGP wasn't being used.  It just means that a public key wasn't published to a keyserver, which would make sense for a user whose email shouldn't be for public use.

It's easier to search the messages for {BEGIN, END} PGP MESSAGE for evidence of PGP usage.

S/MIME can also encrypt messages and wouldn't require PGP, it uses digital certificates.

STARTTLS only encrypts messages in transit and not at rest. It is not the same as PGP or S/MIME Encryption

but i mean shite media articles are more knowledgable than actual experts in security k

[C.Mongler]

good news jmv Kelly J O'Brien is in boston u can go punch him in the jaw!

[Daddy]

https://www.linkedin.com/in/kellyjobrien

https://www.linkedin.com/in/jamesmvalente



gee that freelance journalist is more knowledgeable than a director of security

[squirrelfriend]

so you are actually a security wonk

[C.Mongler]

ummm he was also the associate editor at boston.com!!

[squirrelfriend]

cool I don't want to log into linked in can you just post your CV pls and how the journalist's source may be more qualified than you

[squirrelfriend]

Let's actually ask Gallagher

[C.Mongler]

heheheheh now i can connect to jmv on linkedin hehehehe