- #SURGEMAIL PASSWORD WRONG OR NOT A VALID USER PATCH#
- #SURGEMAIL PASSWORD WRONG OR NOT A VALID USER SOFTWARE#
This stuff was just too complex for the average user in 1999, and it sounds like it's even more complex now. I forgot about it soon after, and in the intervening years have never had a need to send or receive an encrypted email. This without any complex key management or web of trust - just key exchange between myself and a friend. I think it took the better part of a day to create the keys, configure the email clients - and in the end a friend sent me an encrypted email that I could decrypt. I remember back in 1999 I set about creating a PGP setup to send/receive encrypted email. I still use GPG to encrypt sensitive logs and stuff (for archival purposes), but it just doesn't have the promised impact on my communications. Apple Mail seems to helpfully hide the signature parts so I don't even notice the signatures unless I'm reading email on my phone. My email has been GPG-less since I upgraded to macOS Sierra in October, since GPGMail hasn't caught up yet.
#SURGEMAIL PASSWORD WRONG OR NOT A VALID USER PATCH#
And indeed, for most of my communications, it doesn't even matter who's on the other end, as long as the discussion makes sense and we eventually arrive at a patch that works Neither party would be suspicious if some of the messages were not signed the other end could be replying from their phone, for instance. Signed messages have been much more common in my correspondence with other developers off GitHub, but to me it feels more like the "I use PGP/GPG!" "me too!" kind of rapport building. Not sure why it had to be encrypted, might as well be plain text (said open source work wasn't shady at all, not like he was thanking me for Popcorn Time). I got exactly one encrypted email this whole year, from a stranger, who emailed me to thank me for some open source work I did. Lol, that perfectly matches my experience. I get, at most, two encrypted e-mails a year. If the security practices are strong enough to last a couple of centuries you should be safe.įirst, there's the adoption issue others talked about extensively. Also, realize the information security often only needs to be for a limited time (might be a few decades). The best option for most is to use a service/device that handles the security in the background as much as possible by default. I have looked PGP a few times and each time came away with the distinct impression I would screw it up. The rest of us, unless the tools hide the grunt work correctly, have no chance. The general problem with security is it is hard to do right by experts.
are much more promising but they have the challenge of adoption to get to a critical mass. Platforms like Protonmail, Signal, Wire, etc. All the stuff about web of trust and the correspondjng, uh.challenges.well, that's window dressing. Anytime you give people a complex solution to a problem they don't understand, and make its usage an option (rather than something that happens reliably and without requiring their input) you have a big security fail.
#SURGEMAIL PASSWORD WRONG OR NOT A VALID USER SOFTWARE#
The single biggest issue with crypto software for end users is that the implementation has been just terrible.
0 kommentar(er)
