Sorry, the way I read it was "PGP has a bad user interface". Nothing in the original post tells me about anything that has a better user interface. Moxie Marlinspike hates to get PGP-encrypted e-mail because the gnu implementation is hard to use (OK, arguably true). I use Thunderbird with Enigmail. I can agree that Enigmail could be better. The one option I'd like to have is "If there is no encryption key in my list, what should I do? [A:ask, B: ask a keyserver, C:don't encrypt].

I only send encrypted e-mail to correspondents for whom I already have their encryuption key, so I know they can use it. You want enryption that any dumb Windows secretary can use, that's a whole 'nother ball game.

MITM = Man In The Middle? Not likely. There are several other web sites on that server; you get one or another depending on what DNS name you use. Subverting the name requires subversing the DNS system, and I'm on 8.8.8.8 (Google's DNS server). Subverting the IP address will bring down other companies' production sites. And of course MITM requires a man *IN*THE*MIDDLE*, and you have no idea where the cables are.

I use PGP to correspond with two people. I told them about this exchange. One answered "Well, I'd certainly be happy if he create a better alternative. Until then, I'm using what works." If you've got a better tool for end-to-end e-mail encryption, tell me about it. Maybe nobody uses PGP, but I know of no alternative. And I don't care if you use PGP or not; send me your key and I'll use it, otherwise you get plain text like everybody else. I got enough work solving my own problems without solving the world's problems too.

Hey, gang, let me add a data point here. This discussion has been going on for day or so on Slashdot. During that entire time my web site URL has been in the comments. The web site includes my e-mail address. During that time NOBODY has sent me any e-mail related to this discussion. Nobody said "Hello", nobody said "Here is my PGP public key", nobody said "Andy you're a dumb-ass." (well, here, yes, but not in an e-mail).

The article misses one partial solution: be uninteresting. I've got a bank account in a non-US bank. It's got several hundred dollars in it. Nobody's going to bother to steal that. I've got a password I use all over the Internet, including Slashdot, but you can't do anything with it but post stupid comments. My bank password was a different one. I look just like a million other Amerians living overseas, and that is my ultimate protection. Of course, the cheaper hard disks get, the more data the NSA can store, so the protection is only partial. But for now it is a factor. Of 200 million Americans, how many are worth tracking?

I'd make sure to use zip; as I recall unzip has an automatic check on the format of the input. So if you copy W to X and X to Y it might come out wreong, but if you zip W to X.zip and try to unzip X.zip onto anything, it will warn you if there was some loss of bits in the intermediate medium X.

A fall-back solution: e-mail the (zip) files to yourself. Of coures this assumes an internet connection on the old machine, but even an old dial-up modem can be used. This is how I get pictures off from my (new) Android phone. If you've got an RS-232 socket on the old machine you can hook both machines to a LAN router and transfer the files faster. Again, though, in call cases, use zip to provide confirmation of contants.

I don't use Reddit, but - how the H* is Reddit going to judge, evaluate, or confirm the pemission? I can post a picture of Julie Smathers naked. Is Reddit going to contact every person in the world name "Julie Smathers" to see if any of them gave their permission? And even if they did, how can they tell if she's the one in the picture? Or do I have to send an e-mail to with an attached signed autographed copy of the photo? This seems like a "call the cops" theory gone wacko.

I never opted out of it. I simply never opted into it. I don't think the mechanism is trustworthy because it is under the control of organizations which are not under my control. I have not put any burden onto anyone else; you can still go to http://www.andycanfield.com./

I "remove my key from the set able to be considered trustworthy without effort."? Again, I did not remove my key; I just never put it in. To me, the Internet is not trustworthy. None of it is. Any trust is an illusion. And "without effort"? You mean like Windows?

You come very close to saying that you want the Internet to be automatic and trustworthy. Pick one or the other; both are not possible today.

Just check it out. Address in Israel. No thanks.

Try the command "ping andycanfield.com". It should be pinging 210.213.49.151. If some other number appears, your DNS server has been hacked; switch to 8.8.8.8 and try again.

You can retain a copy of my public key on your compter. Then you can trust any signed message from me to be from the same source as the previous signed message from me.

"get it to me somehow, and I would have no choice but to accept it"? You allow random strangers to update your hard disk? I don't.

I correct myself. The truth is that as far as I can recall I have never put it on any keyserver. What other people may have spidered and copied I can not control. I was under the impression that KeyServers were voluntary. I guess they're just a newer kind of insecurity.

Actually I've had two keys. A year or two ago I lost my private key and had to create a new key pair. I don't know whether the keyserver you listed has the old one or the new one. I hated to do that; my old PGP key pair predated the Internet. How did I distribute it? By hand.

The new one has more bits. I guess that the number of bits you need in your key depends on how powreful computers are; I think my first key had only 256 bits which was safe from cracking back in 1992. Maybe we'll have to change all our keys every few years.

In my defense I said "confirm the signature, not prove the signature. The public key on my web site confirms the source of the message matches the site, but it does not 'prove' anything.

Proof? Don't make me laugh. A few years ago I lost my passport and had to go to the U.S. Consulate in Vientiane to get a new one, so even my passport can be doubted. You could ask my mother or father to vouch for my name, but they're dead. If you want fun, search for "Andy Canfield" on Facebook; there are maybe a hundred of us scattered all over the planet.

I will look into that; I could not get a free cert when I studied HTTPS a few years ago.

You could say that I have my own 'web of trust' which are people who have personally met me. You want to join? If you ever come to Thailand say "Hello".

Wrong. You can retain a copy of my public key on your compter. Then you can trust any signed message from me to be from the same source as the previous signed message from me. Who is "me" is an unanswerable issue. You can use my public key to encrypt something to me, and be confident that only the guy with "my" private key can decode it. But once again, who is "me" is an unanswerable issue.

Thinking about it, I suggest the most confidence you can get is by sending me an e-mail arranging for a Skype call. Then in real time you can see my face, hear my voice, and I can show you my passport. But I don't run Skype all the time.

You can try setting your DNS server IP address to 8.8.8.8. That's Google's dedicated DNS server. Whatever Google says is by definition true.

I am not a part of the world wide financial network. Nobody can steal my credit card number because I have no credit card. I don't borrow money so if you are trying to collect on a debt you're a liar. HSBC once gave me overdraft protection and I told them to take it off; when I run out of money I want to run out of money. You want to write me a mash note? Fine, please include a picture.

Professionally I create software and upload it through the Internet. The customer likes what he gets and deposits money into my bank account. I take it out with my ATM card and buy things in my home town. It may be less convenient, but it's a LOT more secure. And if you don't pay me, I stop doing things for you.

The Internet is ***NOT*** secure. We used to think it was, but Ed Snowden and the NSA proved us wrong. Someday, perhaps, it will be secure again. When it is, let me know.

HAH! Which rock were you born under? I use 'whois' and 'dig' to find out who owns the IP address, and anything with a U.S. IP address is questionable Under US 'Law', the NSA can do anything it pleases and even if you're forced into it it's illegal to tell anyone about it.. 'andycanfield.com' is registered in Thailand and points to a hardware box in Bangkok where I myself have installed and maintain Ubuntu Linux. AFAIK the NSA can NOT subvert my server, although of course they can subvert the routers leading to the server.

I have NEVER posted my key on any keyserver. What other people chose to spider and copy is out of my control.

Thanks for the post. A few years ago when I was setting up the web server I did not encounter "startssi.com". The only option at that time was a self-signed certificate which had to be confirmed every time you went to the site. I will check it out.