Post
The #39C3 “To sign or not to sign” (https://gpg.fail) talk is excellent. 👏
IMHO: Avoid PGP altogether, especially #GnuPG. Avoid memory unsafe programming languages, wherever feasible.
It is mind boggling, that the gpg team / g10 Code GmbH refuses to fix all vulnerabilities, given that their @bsi certification and thus their business model being at risk.
Also goes to show, that BSI certifications are worthless. Quel surprise?
GnuPG having opinions on #Rust: https://www.gnupg.org/blog/20250117-aheinecke-on-sequoia.html
> In my view, GnuPG and OpenPGP are extremely mature and basically done.
> After collectively quitting their jobs at g10 Code […] former employees […] began inventing new problems and features to justify competition [by creating sequoia]
> *But we don't want to change*
> At GnuPG, we understood that unnecessary changes to a secure system pose risks that in our case nearly always outweigh the benefits.
Hey, GnuPG: You’re wrong! Grow tf up!
Sequoia – being written in Rust – isn’t nearly as affected as GnuPG, mostly because it isn’t written in C.
I know this is gonna offend people, but I think, that all GNU C software should be rewritten in Rust (or any other mem-safe language). 😅
BT Free is a non-profit organization founded by @ozoned@btfree.social . It's goal is for digital privacy rights, advocacy and consulting. This goal will be attained by hosting open platforms to allow others to seamlessly join the Fediverse on moderated instances or by helping others join the Fediverse.
