Nachdem ich es endlich geschafft hatte, den lästigen #PGP Fehler bei jedem #Librewolf Update abzustellen, geht das jetzt wieder los.

Überlegte, zum #Zen-Browser zu wechseln, doch dafür soll ich ein veraltetes #ffmpeg installieren. Kommt nicht infrage.

Geht es also zurück zu #Vivaldi … ups, seit der Neuinstallation noch gar nicht wieder installiert. Dann erst mal schauen, wie die zum #KI-Müll stehen.

#Dillo #Dooble und #qutebrowser sind ja feine Werkzeuge, die immer mal wieder zum Einsatz kommen. Aber für den täglichen Gebrauch kann ich nicht auf die Informationen verzichten, die mir #uBlock und #uMatrix liefern.

(Und wenn mir jetzt Brave vorgeschlagen wird: MIT SICHERHEIT NIEMALS!)

Show HN: Mailenc – Test if your PGP email setup works

Mailenc은 PGP 이메일 암호화 설정이 제대로 작동하는지 테스트할 수 있는 도구입니다. 사용자가 PGP로 암호화된 이메일을 특정 주소로 보내면, Mailenc가 공개키를 WKD, Autocrypt, HKPS를 통해 조회하고 암호화된 회신 보고서를 이메일로 다시 보내줍니다. Thunderbird, Mailvelope, GPG Suite 등 주요 메일 클라이언트와 호환되어 실무에서 PGP 설정 검증에 유용합니다.

https://mailenc.org/

#pgp #email #encryption #security #openpgp

https://aerion.3df.io/
Its giving strong cyberpunk vibes with those colors

#email #imap #smtp #pgp #linux #flatpak

ℹ️ Kleines Update zum Projekt #sichereMails

Tatsächlich gibt es inzwischen erste Kontakte, die teils sogar automatisiert unser #PGP erkannt haben und es jetzt auch nutzen.

Die häufigste Rückmeldung ist jedoch, dass der "komische Anhang" in unseren Mails nicht geöffnet werden kann.
Die Ironie dabei ist, dass diese Frage auch von Kontakten kam, die #PGP offiziell nutzen ...

Und bei euch so?

#OpenPGP #GPG4win #E2EE #EMClient #Thunderbird #Outlook #DID #DUT #CyberSecurity

Are you on the safe side yet? 🛡️

In an era of sophisticated phishing and data breaches, relying on passwords or SMS codes is like locking your front door but leaving the key under the mat. For a robust level of private security, I’ve integrated Yubico Yubikey into my daily routine as the ultimate hardware root of trust.

The true value of "Cold" Security

Hardware authenticators offer unparalleled security. Their physical nature means cryptographic keys are embedded directly, making them impossible to copy, extract, or steal remotely. No physical device, no access. Period.

My "Strict Security" Setup

I’ve minimized my attack surface by removing the weakest links:

1. Phone-Free: I have disabled phone number linkage and SMS authentication wherever possible to eliminate SIM-swapping risks.

2. Passwordless: Where supported, I use FIDO2/WebAuthn. No password means no password can be phished.

3. The Backup Rule: I use a minimum of two keys. My primary key is always with me, and a backup key is hidden in a secure, off-site location.

Hardware-Signed Workflow

I leverage the full multi-protocol potential of the key:

- GPG & Git: I use GPG primarily for signing git commits. When I push code, I am physically "touching" the hardware to sign that digital information.

- PIV/SSH: Secure access to servers without resident private keys on the machine.

- OTP & Static Passwords: Bridges for legacy services.

The Vault Strategy

For passwords and sensitive metadata, I rely on Bitwarden. Access to my vault is strictly locked behind my hardware keys.

> No, I'm not "that paranoid" ... yet. But I do keep an eye on the compromise of central servers. That’s why I’m planning to implement a fully self-hosted, self-controlled vault solution soon.

I’d love to hear your thoughts – what are your favorite self-hosted security stacks?

#CyberSecurity #YubiKey #Bitwarden #Infosec #Privacy #MFA #PGP #SSH #SecurityEngineering #SelfHosted

RE: https://infosec.exchange/@pgpkeys/116524105050914478

@pgpkeys

thanks for the update! So what does that mean for people running WKD's with existing keys? What changes do we need to make?

#WKD #WebKeyDirectory #PGP #PGPPQC #PQC

Not altogether sure how I feel about this. That said, it's a good post and it offers some solid food for thought.

https://sequoia-pgp.org/blog/2025/11/15/202511-post-quantum-cryptography/

#pgp #postquantum

Post-quantum defaults and GnuPG

@andrewg email is a very insightful overview of where the standards, implementations, and openness of the community.

After years of using OpenPGP, the PQC discussions are a good opportunity to rethink what we should prepare for next and especially which community we should work with.

#pgp #librepgp #openpgp #opensource
#community #cybersecurity

🔗 https://lists.gnupg.org/pipermail/gnupg-users/2026-April/068280.html