PGP trust model doesn’t work

It’s been several years since I used GPG to PGP-sign and encrypt and to verify the authenticity of PGP-signed email messages.

So it was interesting to read why the PGP trust model doesn’t improve security:

http://arstechnica.com/security/2016/12/op-ed-im-giving-up-on-pgp/

I believe that confidentiality isn’t a binary thing — if one desires it, one must continually stay up-to-date on what approaches work and what is economically feasible, and what is no longer effective.

The article recommends Signal or WhatsApp for instant messaging, Magic Wormhold or OnionShare for file sharing, etc. It also recommends the use of Yubikey 4 for authentication.

Article: Why it’s likely impossible to restore online privacy

An article from the Deseret News is worth sharing. Here are a few snippets:

Most people don’t understand how much information is being collected.
Dryer said personal information is gathered into massive databases
regularly “and to a far more pervasive extent than most people
realize, either voluntarily or involuntarily.”

… Asay notes, “…Everyone says they’re concerned about privacy, but if you give them 20 cents, they tell you whatever you want. … All the information allows us to do some amazing things.”

Europe also codified a “right to forget.” America has not.