Encryption, Tmpfs, Matix
In a very long discussion about encryption, signing data, etc. How bad OpenSSL and GnuPG as tools are and so on. Again focus came to age and minisign. I rechecked the age and minisign projects and found out that age now supports ASCII armor and SSH keys, which is excellent. Many users don't have OpenPGP keys. Yet after long long discussion we ended up to the fact that actually encryption tools are tools for experts. No user should deal with encryption tools, unless they know what they're doing. Instead normal users should use programs which utilize encryption under the hood, saving the users from the complex details.
After long long discussion about encryption tools in some tinfoil-hatter groups, I created yet another public / private keypair now using age-encryption / age-encryption.org (@ age-encryption.org). The key's are available from my homepage public keys section (@ this site). As usual, if and when required, alternate new keys and channel(s) will be setup for further communication. The keys on the page are only intended for session initiation. For continuity and being able to chain the keys, the new age key is clear signed with my OpenPGP key.
I also did discuss this post in detail with friends Stop Using Encrypted Email (@ latacora.micro.blog). - Agreed. Long term keys are bad. As mentioned above, the keys necessarily aren't being used for the actual communication, it's just initial handshake what the keys are being used for. Many well known problems are mentioned in the post with long term keys and old tools. Easy to use and secure defaults are extremely important with normal users and even with experienced users, it's so so easy to fail. The example of replying to encrypted mail with quote without encryption is very classic failure mode. As well as subject encryption and all the other well known problems. Depending on the contact / situation, it's better to choose a suitable technology, there's no generic suits for everyone solution. One classic way is to have strong PSK, which is then used to setup new channel if and when required. But even then, it's hard to get people to store the PSK safely for extended periods especially when it's 'never needed'. Same problem exists with any security procedures. They don't remember, care or follow the procedures, because it doesn't matter, until it does. Even if the tech would be 100% safe (which doesn't happen) even then people are very weak link in the chain. - After my thoughts, I did read lots of comments about the post and found out that many others have similar opinions about it.
Just wondering, when people talk about 128 and 256 bit encryption security, why as example age-encrypt uses weak symmetric auto generated keys with only 110 bits (afaik). Using the auto-generated passphrase as example: "diesel-range-useless-library-scout-genuine-rubber-found-chair-rural", should have full 256 bit entropy instead of only 110 bits, which is significantly weaker. I've seen many people to do same mistake, first they talk about 256 bits, and then they give some ridiculously weak password compared to the 256 bit symmetric cipher. Sure there might be some password derivation function being used, but is that a great excuse not to use proper passwords with right amount of entropy? Always when people say hash attacks, I'm wondering isn't hashing expensive and futile step. It's faster just try to guess the cipher keys directly, if the password being used with hash provides sufficient full 256 bit entropy.
Got slightly annoyed, many people seem to claim that tmpfs is ramdisk, but it isn't. Ramdisk is a disk in RAM and it's in reserved RAM area, and not synced to disk, tmpfs is synced to disk, if sync is called. As example, you can't trust that ramdisk data wouldn't be flushed to disk, if it contains sensitive information.
Matrix Emoji Verification process Is totally flawed, it seems that different words are used for verification between different versions. Which will lead to the check failing, if the words from the emoji compare challenge are being compared. That might be extremely confusing to normal users. On technical level, better way would be directly comparing the Session Key, which isn't translated or mapped to something else. Probably the issue can be resolved with screenshot and or discussing the matter, but it's annoying, if it's supposed to be verified as example over phone using the words. Well, no match...