After major security vulnerabilities or data breaches, "security people" show up and tell you to delete your account immediately. "Oh, time to delete your account! Switch to service/product … instead!"

Such statements totally ignore that security vulnerabilities are widespread and the vast majority of data breaches won't become publicly-known. Full control over your data and devices requires 100% isolation from the internet, not just arbitrarily switching services or products.

#infosec

@infosechandbook yeah, rather then pointing at what people should use, we are better of educating people why one would want to use a service or why not.

@blacklight447 @infosechandbook teach people that everything they store might end up in public. Do not store unnecessary data no matter what platform or technologically you use.

Follow

@Bobo_PK @blacklight447 @infosechandbook Even encrypted data with proved secure ways? Like gpg encrypted with a asymmetric key?

@sam

You can accidentally leak your private GPG key, or the endpoints of end-to-end encryption can be compromised. GPG also offers no perfect forward secrecy. An attacker can just record encrypted data, and may have the ability to decrypt everything in future.

As @Bobo_PK suggested, cryptographic algorithms change over time. Years ago, DES was considered secure …

@blacklight447

Sign in to participate in the conversation
Mastodon 🔐 privacytools.io

Fast, secure and up-to-date instance. privacytools.io provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on Patreon and Liberapay!