Ask HN: GPG. NaCl. NSA. Thoughts?
We now have a better idea what the NSA can and can't do. It seems they have ways to compromise endpoints, and have poisoned algorithms and implementation they have a hand in. GPG is the old standby. NaCl is a popular outsider. I do not know, at this time, however, of any easy integration of NaCl into an email client. Do any of you have thoughts on how to go about encryption for emails and other communications in the modern era? Let's be clear...there is precisely nothing that has been revealed that indicates that the NSA has some ahead of the curve ability to compromise underlying cryptographic technology (see: http://www.schneier.com/blog/archives/2013/09/the_nsa_is_bre...). This is social engineering...they got the companies involved to backdoor their own products. And if they own your end points...well... All I can think of is only use open code on open hardware (including the disk drives) done by folks whom the US or other cooperating governments don't have leverage against (psst...no, the answer is not OpenBSD). I don't think that exists. Sorry - you are saying that there is no answer? Or that there is but it is not openBSD (and why not openBsD?) I don't think there's an answer in that there is no answer to backdoored hardware. Someone recently demonstrated how to reprogram the controller on hard disks (they're ARM based SoCs) to monitor/modify the data. No one is going to come up with an alternative open source hard drive. As to software, whenever the topic comes up, someone shouts out "OpenBSD!". Unfortunately, it's by no means beyond US pressure, at least at the individual developer level. The whole "FBI IPSec backdoor" fiasco a couple of years ago is tacit acknowledgement by the OpenBSD core that such a thing is possible.