Datasäkerhet och Informationssäkerhet

Robert Malmgren AB

“Trust is good, control is better.”

2012/03/04

Encraption 101

If you are a large news and media house, keeping up apperances as investigative journalists, and decide to announce to the world that you are reachable via PGP, we give you this as a pro bono consulting advice: Do not. I repeat, do not, include the private keys in the key file you published on your web page.

aftonbladet fail

For transparency and responsibility, we like to state that we have 1) contacted the responsible parties incl CERT 2) we dont show the full private key on purpose, although its "out there" already....

Maybe we can switch from encraption 101 to encryption 101 one day......


----
Written by Robban @ 2012-03-04