1. hakan duran's Avatar
    We all know it's pretty good.. but jeopardizing the servers are not so difficult.. couple days ago there was a major issue on with an company what was selling the Pgp systems they took everything including the server keys..
    So is there no security for that

    Posted via CB10
    05-11-17 11:50 AM
  2. thurask's Avatar
    You can't have your private keys leaked if you don't keep them on a central server.

    Dunt Dunt Dunt and xandros9 like this.
    05-11-17 12:03 PM
  3. hakan duran's Avatar
    Yeah really smart of you but most of the time the key holder of the central server is the major leak.. the clients don't have grip on that

    Posted via CB10
    05-12-17 01:21 PM
  4. thurask's Avatar
    Yeah really smart of you but most of the time the key holder of the central server is the major leak.. the clients don't have grip on that

    Posted via CB10
    Again, if there's no private key server, there's no need to secure one. This avoids having literally everyone's private key in a central database that could be raided by the police at any time. No amount of network security can beat a bobby with a search warrant.

    How to best communicate using PGP is not through hosting a private key on some smoke and mirrors "PGP BlackBerry" server, but with keeping your private key local and using a real app on a real phone. With a key manager, an email app that can hook into it, and the recipient's public key (Keybase if they're trendy, regular old keyservers if they're not), you can send as many PGP signed/encrypted emails as you want. Everything I just mentioned is FOSS, so there's no subscription.

    If you want, you could even save your private key to a NFC smartcard (with a good PIN of course), and instead of keeping the private key on your smartphone, you tap the smartcard to the phone and enter the PIN. Getting the full private key off of the smartcard is, as far as I can tell, impossible.
    tollfeeder likes this.
    05-12-17 02:41 PM
  5. itsyaboy's Avatar
    Again, if there's no private key server, there's no need to secure one. This avoids having literally everyone's private key in a central database that could be raided by the police at any time. No amount of network security can beat a bobby with a search warrant.

    How to best communicate using PGP is not through hosting a private key on some smoke and mirrors "PGP BlackBerry" server, but with keeping your private key local and using a real app on a real phone. With a key manager, an email app that can hook into it, and the recipient's public key (Keybase if they're trendy, regular old keyservers if they're not), you can send as many PGP signed/encrypted emails as you want. Everything I just mentioned is FOSS, so there's no subscription.

    If you want, you could even save your private key to a NFC smartcard (with a good PIN of course), and instead of keeping the private key on your smartphone, you tap the smartcard to the phone and enter the PIN. Getting the full private key off of the smartcard is, as far as I can tell, impossible.
    Nice write up. I keep hoping that BlackBerry Hub will be able to use PGP in the future. Would like to think that that would fit right in with BlackBerry's vision for security.

    Posted via CB10
    05-13-17 02:53 AM
  6. thurask's Avatar
    Nice write up. I keep hoping that BlackBerry Hub will be able to use PGP in the future. Would like to think that that would fit right in with BlackBerry's vision for security.

    Posted via CB10
    Hub on BB10 can use PGP as of 10.3.2, but it requires the email server to use Exchange ActiveSync.
    05-15-17 01:47 PM
  7. itsyaboy's Avatar
    Hub on BB10 can use PGP as of 10.3.2, but it requires the email server to use Exchange ActiveSync.
    Oh thanks for that, I didn't realise!
    So I assume BlackBerry Hub (for Android) does not have it? Surely it would be a nice feature. Or would you say maintaining a proper PGP implementation on Android requires constant software development and thus make it tooc costly and unattractive?
    05-15-17 04:15 PM

Similar Threads

  1. what's your carrier/plan?
    By Carlito27 in forum Rogers
    Replies: 11
    Last Post: 02-02-18, 01:09 AM
  2. How to delete all local contacts?
    By FinnBerry in forum BlackBerry KEYone Support
    Replies: 19
    Last Post: 09-28-17, 07:43 AM
  3. Regretting buying the passport problems #152 & 153
    By KillahKurlz1 in forum BlackBerry Passport
    Replies: 29
    Last Post: 05-17-17, 07:33 PM
  4. CK: Software: Suggestion: More Shortcut Possibilities for Convenience Key
    By MatthiasHannover in forum BlackBerry KEYone
    Replies: 10
    Last Post: 05-14-17, 08:43 PM
  5. Replies: 2
    Last Post: 05-11-17, 09:33 AM
LINK TO POST COPIED TO CLIPBOARD