Welcome to the new forum!
Started by Rose, August 16, 2013, 03:31:23 PM
Quote from: Rose on August 16, 2013, 03:31:23 PMI think my question will not be answered to a satisfactory degree. Nevertheless the NSA and other secret agencies have sparked through the public media recently. I've been always concerned about my data and secured docs. Now, let me put it simply: do you have a backdoor in your software? This aint no softball question. Since you are a U.S based company, and I assume you are all American citizens living there, you are obliged to U.S laws. Thus you may provide the government either a direct or indirect access.
QuoteThe whole concept of encryption with Espionage will be nullified, if the government is able or capable to simply use a switch, to have an insight into our encrypted folders. No decryption is required, just an easy path for agencies. This would make literally, absolute no sense in encrypting anything with your software.
QuoteAs many people already noted, I am as well, very disappointed how Espionage scrapped the full application encryption like we got with E2.
QuoteThe transition, that's how I would call it ^^, was very fishy to me- speaking of Espionage V2 to V3. Even though your official statement might be valid, I still feel a bit unwell in my belly.
QuoteOfficially key points have been revealed already. Everything that goes to the US is under direct surveillance. If that's not enough entire Emails and traffic of Non-Americans are also under the all seeing eye. We all have it through: Google, Microsoft, Facebook and what not. All major U.S companies are subjected by LAW to either provide data or access. Lavabit's gone, because the founder did not want to kill the privacy of his users. He simply refused to cooperate and decided to better shut down the servers.
Quote from: Bruce Schneier4) Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It's prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software. Systems relying on master secrets are vulnerable to the NSA, through either legal or more clandestine means.
Quote from: gpgtoolsnewbie on September 14, 2014, 01:23:43 PMForgive me if this question seems dumb but please would you explain how to use GPG Tools to verify the signed message in the page source from Safari? I've tried copying and pasting it to a text file but receive a verification error when I try to use the OpenPGP: Validate service.
Quote from: gpgtoolsnewbie on September 17, 2014, 01:08:02 AMPersonally I find it easier to copy the text from the web page source, paste it into an editor, select it all and use the OpenPGP: Verify service from the app menu. The use of services instead of the command line seems to be more consistent with the techniques encouraged in the gpgtools kb articles and I suspect a large proportion of your intended user community would find it easier too.
QuoteBy way of a bit of constructive feedback, I think an FAQ explaining how to "verify the signature of this watch zone" would be very helpful to newbies like me. Especially if the answer to the question explains why verifying the signature should enhance one's trust in what is written.
QuoteI make this point because it is the first time I've ever tried to verify a PGP signature and was lead into the exercise by the text on your page. Instead of begin reassured as intended, I ended up confused and, bizarre at it might seem to you, I'm still not sure why I should now attach any increased level of belief to what is written there. Particularly when the words "undefined trust" come up in the results of the verification.
Quote(Incidentally, the page source link doesn't "work" on my standard installation of Safari 7.0.6. I get a dialog with the error: "There is no application set to open the URL view-source:https://www.espionageapp.com/".) I don't know if there is a way to overcome that or not.
QuoteAnyway, keep up the good work. I really appreciate the effort you are making to simplify encryption for us.