After spending some time with the #minipgp6 encryption/decryption code over the last few days, I decided to finally have a look at the "age" tool (which I had thus far never tried).

I wrote up a comparison between the SOP CLI standard for file encryption, and the age tool:

https://openpgp.foo/posts/2026-06-file-encryption/

The text includes some benchmarks to compare msop and age.

#OpenPGP #age #encryption #PGP #RustLang

I have been dragged into the rabbit hole of GnuPG/LibrePGP VS Sequoia/OpenPGP and, boy it is ugly. Yeah, yeah, I know, PGP is bad, but of all the ugly things that could have happened to the FOSS crypto space, this is really unwelcome. I wish people would just sit at a table and talk.

#pgp #gpg #sequoia #crypto #cryptography #security #foss #floss #libre #drama #ietf #privacy #openpgp #librepgp

Tech-Illiterate people seem to be absolute idiots when it comes to ComSec, and TechLiterates groom them into ignorance, making it even worse!

• Regardless if AIM, ICQ, Sky ECC, EncroChat, ANØM, Skype, WhatsApp or Signal.

All you guys literally providing trivial means to track and trace users should be ashamed!

• There was no "legitimate reason" to demand PII like a phone number in 2010, there certainly ain't one in 2026!

Use XMPP+OMEMO and/or PGP/MIME and stop being unofficial informants for the Americal Stasi, dipshits!

• Or does anyone believe that Signal will cover your asses? They can't even pay their bills, decentralize and get off AWS!

#rant #venting #sarcasm #commentary #TechIlliterates #TechIlliteracy #TechLiterates #TechIlliterates #AIM #ICQ #SkyECC #EncroChat #ANØM #Skype #WhatsApp #Signal #LegitimateInterest #KYC #privacy #PII #tracking #PhoneNumber #PhoneNumbers #XMPP #OMEMO #PGP #NSA #AmericanStasi #UnofficialInformant #Stasi #Privacy #Encryption #E2EE #SelfCustody #aws #unsustainable

Ok folks, what's the closest thing to an #email but entirely #E2EE like signal.

Surely I'm not the only one thinking of it? Others would have thought of something before me right?

And no, protonmail/tuta/whatever doesn't count.

I mean, there's so much work on decentralized E2EE, #matrix is even somewhat functioning in this matter (leaving cryptographic security aside, let's just use libsignal), then how is this not a thing no matter how far and wide I look for it?

Again, traditional email + #PGP is not a solution. It's been looked down upon by every practically every cryptographer.

I wonder if it would benefit some social networks to integrate a PGP/GPG style "trust" (https://phildev.net/pgp/gpgtrust.html) into user accounts.

Accounts could 'trust' other accounts with varying levels so as to vet them for others. Maybe use QR codes for in-person 'signing'?

This may be an effective way to reduce unwanted AI/bot activity since the approach is toward verifying "I know and trust this person" rather than how some karma or reputation systems work.

#ai #bot #gpg #pgp #trust #socialmedia

Missing Link: Aus für De-Mail – warum das „@“ das eingekringelte „e“ besiegte

Ende 2026 wird der letzte juristische Schritt vollzogen, die 2012 gestartete De-Mail aus dem Verkehr zu ziehen. Das System scheiterte an der Realität.

https://www.heise.de/hintergrund/Missing-Link-Aus-fuer-De-Mail-warum-das-das-eingekringelte-e-besiegte-11305218.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#BSI #DeMail #Digitalisierung #EMail #MissingLink #Netzpolitik #PGP #Verschlüsselung #news

De-Mail: Delivery Fiction with Pitfalls

By late 2026, the final legal step will be taken to withdraw De-Mail, a 2012 service. The system failed against reality.

https://www.heise.de/en/background/De-Mail-Delivery-Fiction-with-Pitfalls-11305293.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#BSI #DeMail #Digitalisierung #EMail #MissingLink #Netzpolitik #PGP #Verschlüsselung #news

Finally set up Keyoxide for decentralized identity verification. If you're not familiar: it lets you cryptographically link your PGP key to your social accounts without trusting a central authority (RIP Keybase).

The setup:
• Add proofs as notations in your PGP key
• Platforms verify via your published key
• Anyone can check the chain independently

Also enabled WKD so my key auto-fetches:
gpg --locate-keys [email protected]

Guide I followed: docs.keyoxide.org

#infosec #pgp #keyoxide #privacy #decentralization #opsec

Getting a verified lock icon for my signed Git commits took longer than expected! It’s all set up now in the end via SSH keys (and not GPG keys) on Codeberg. Email matching was the main culprit.

It's my first time setting up signing commits and I tested it on my new Gist repo!

<https://codeberg.org/burgeonlab/gists>

Hope to add more to it in the near future.

View full note on my website: https://burgeonlab.com/notes/2026/0523-105727/

#100daystooffload #git #gpg #pgp #ssh #codeberg #signingkeys #gists #gist