@arstechnica yes, password-protected zip files are just an illusion of privacy.
In fact, these researchers were not using them for privacy, but as a way of sending malware samples to each-other without being stopped by the malware scanners.
What I don't understand is why so many banks and financial institutions are so fond of them. They keep sending sensitive information via email on password-protected zip files where the password is your ID or your birthday... 🙄
Proper end-to-end encryption has been around for decades. 🤷♂️
In case it helps someone else: To change the #OpenPGP smartcard PIN on my #YubiKey, gpg --change-pin does NOT work for some reason. Using gpg --card-edit and putting admin and then passwd into the prompt lets me do it though.
"SSH key-based authentication is tried-and-true, but it lacks a true public key infrastructure for key certification, revocation, and expiration. #Monkeysphere is a framework that uses the OpenPGP web of trust for these PKI functions."
Sounds like a cool project, is the monkey still alive? The homepage linked on that page is dead, and the only code I could find doesn't look like it's been touched in a while.
Those of you who use PGP for email, do you typically generate a sign and an encrypt RSA subkey - and use those? Or what's the best practice?
Wanting to publish my PGP public key on my profile and website and start rocking that far more aggressively, but don't want to do stuff less-than-ideal and then have to change and re-publish keys again later and etc.
RPM uses OpenPGP to protect software updates. In the fall of 2022, it switched from using its own internal OpenPGP implementation to Sequoia. Last week, Fedora 38 was released with a version of RPM that uses Sequoia. I've written about the 1.5 year journey in a blog post.
#OX (XEP-0373, XEP-0374: #OpenPGP for #XMPP, without security problems of historical XEP-0027) implementation has been merged to #Libervia, thanks to Syndace again, and #NLnet for their funding.
OX doesn't have PFS (https://en.wikipedia.org/wiki/Forward_secrecy) but that means that new devices can access archives, which may be desirable. Also, it can encrypt arbitrary elements.