• AES@lemmy.ml
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    3 years ago

    Ok… that is a bit over the top. What about digital messaging.

    • aexiruch@lemmy.ml
      link
      fedilink
      arrow-up
      9
      ·
      3 years ago

      Fair enough, I was feeling a bit cheeky ;) I guess you really mean digital, electronic, semi-instantaneous, text-based communications, aka “instant messenger”. I tend to be very careful with recommendations, they always can turn out to be bad advice… For what it’s worth I use either email with GnuPG or Signal. I have a long list of caveats for both, but I do use them…

      • Randoom@lemmy.mlOP
        link
        fedilink
        arrow-up
        3
        ·
        3 years ago

        I read somewhere (on lemmy) that signal might not be a safe and secure option. and i have deleted my account. 😑

        and i use the openPGP app. is this good enough to protect my missile launch codes?

        • aexiruch@lemmy.ml
          link
          fedilink
          arrow-up
          7
          ·
          3 years ago

          As I said, I have reservations about Signal, but I have not found one where I have fewer, so… As to “the” openPGP “app” and literal missile launch codes, it really depends on what exactly that app is (there are many implementations of RFC4880) and on what environment it is running. Most likely it’s adequate for normal people though ;) I use GnuPG 2.x on QubesOS, and OpenKeychain on GrapheneOS, but I’m a cryptology-nerd who enjoys coming across slightly paranoid ;)

            • Hagels_Bagels
              link
              fedilink
              arrow-up
              10
              ·
              edit-2
              3 years ago

              Not to blow anyone’s trumpet, but this may actually be less secure, as there is always the possibility that the postman/postwoman/postperson will open your letter and read them, then replace them in a different envelope. They could also shine bright light through the envelope to get a better view of the writing, or possibly use some form of scanning such as MRI?

              Please read some of these methods that people have suggested on the internet from 2008, which I have found through Google.

              i think the actual “classic” way probably doesn’t involve a microwave… try ironing the letter with a lot of steam. but of course opening a sealed envelope is very easy. reclosing it once you’ve opened it is the real trick. consider the attentiveness of your audience. will the person whose mail you’re reading notice if you open really carefully and then re-seal with a glue stick? probably no…

              If it’s not a heavy or security-print envelope, throw it on a backlit scanner (any flatbed scanner with a nice, bright transparency lamp should work) and get a 24-bit color scan. Open the scan in Photoshop and manipulate the gamma correction or color correction curves to maximize the contrast between the envelope and the text inside. Rotate as necessary. You can usually get something and you don’t even have to break the seal. This, of course, is unlawful and unethical, and should never actually be done.

              Just open it up, read it, then destroy it. The recipient doesn’t need to know that they had a piece of mail.

              Upside down can of computer duster air works wonders in making the envelope transparent. Then it evaporates, leaving no traces.

              Edit: Dentists can also discreetly read your mail.

    • Hagels_Bagels
      link
      fedilink
      arrow-up
      7
      ·
      3 years ago

      You could use end to end encryption which uses one of the more secure and complex encryption/decryption methods available, and only give the private key to that one individual, and using a device which you know does not contain any hardware or software backdoors for any government or business entity. Rotating encryption keys on a scheduled basis can also help verify that only the recipient has access to the correct keys.

      I haven’t done any real project which uses encryption, so don’t call me an expert on different algorithms or methods of implementation. However I’d also stress that being excessively paranoid about people wishing to steal your information is not necessarily healthy. If the information you are communicating is important enough that people may try to use highly technical ways of breaking the encryption, it is always easier and more practical for them to make you give them access to that information yourself, through social engineering, rather than through hacking.

      • Randoom@lemmy.mlOP
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        Thank you. I will follow these steps. and I completely agree with you on the 2nd para.