Message: Safester, anyone?

Home Message Groups Fidonet Public-Key Discussion EchoReading Messages

Who's Online Login New User Message Groups

Main DOVE-Net BattlNet GatorNet Fidonet ILink DoRENET League 10 CombatNet

File Libraries

Subject:

Safester, anyone?

Date:

Mon Jan 31 2022 01:20 am

From:

August Abolins

To:

Wilfred van Velzen

Hello Wilfred!

** On Saturday 29.01.22 - 17:24, you wrote to me:

 AA>> However, it is somewhat astonishing that SHA-1 was/is
 AA>> even used in the design.

 WvV> Indeed. Which makes you question if they made other
 WvV> mistakes.

Or.. purposeful compromises based on poor judgment.


 AA>> In Safester, the decoded hash would reveal the
 AA>> passphrase, but the decrypting of the messages would be
 AA>> useless without the user's key which would reside in the
 AA>> local Safester prog or app.

 WvV> Well if your life depended on it, would you rather use
 WvV> Safester or Opengpg?

Every email doesn't need to originate on the basis that my life  
depended on it. But I get your point.  A journalist or a  
reporter communicating a breaking story may like to steer away  
from Safester, that's for sure.


 WvV> The biggest drawback to me is you depend on a commercial
 WvV> company for your secure mail. What if someone pays them a
 WvV> big sum for being able to eavesdrop on your
 WvV> conversations, will they make a backdoor? What if they go
 WvV> bankrupt? Is your mail lost forever?

The backdoor matter is pretty cool. It would seem unethical,  
but it's not unlike a locksmith's ability to unlock any door he  
wants with a manufacturer's master key and get into your house.

Re: Bankrupt... all messages would certainly be *poof*.  In  
that case, Protonmail, Startmail, Tutona would also fit in that  
category. But those 3 seem to offer pop/smtp options inorder to  
pull your mail off the servers.

However, Safester still seems like a good way to get people who  
are opengpg-illiterate accustomed to appreciating private mail.

I am surprised how difficult it is to accomodate private mail  
in iOS!  There are some free opengpg apps that come close to  
working well, but those have been a frustrating experience for  
a friend of mine. There is one app that he agreed to try (after  
I sent him a $25 creditcard giftcard) for 1.99USD. ipgmail.   
That one finally proved to be better than any of the free ones.  
He's also testing Safester for a while longer too.
--
  ../|ug
--- OpenXP 5.0.51
 * Origin: Key ID = 0x5789589B (2:221/1.58)


In Reply To: Re: Safester, anyone? (Wilfred van Velzen)

Section One BBS