On 2013-06-07, at 11:14, Jeroen Massar <[email protected]> wrote: > On 2013-06-07 06:50, Dan White wrote: > [..] > > A nice 'it is Friday' kind of thought.... > >> OpenPGP and other end-to-end protocols protect against all nefarious >> actors, including state entities. > > If you can't trust the entities where your data is flowing through > because you are unsure if and where they are tapping you, why do you > trust any of the crypto out there that is allowed to exist? :)
Defence in depth. PGP-encrypt your transport stream and send it over TLS with client- and server-side certificate validation with a restricted CA list on each endpoint. Using IPSec. Through tor. With the plain-text littered with code words that are meaningless except to your intended recipient, taken from a pre-shared (in-person) code book that changes every day. Then your facebook sessions will be secure. Joe
