Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] "Securing Email Communications from Facebook" offering PGP support

Thomas Delrue thomas at epistulae.net
Mon Jun 1 15:26:30 PDT 2015


On 06/01/2015 06:19 PM, zaki at manian.org wrote:
> For their notification system, FB is leveraging GPG as an identity 
> provider to say" only a person who has a certain private key
> should be able to reset access credentials for this account".

I had not thought of this and I think that this is a good point.
I do however question whether this is the purpose of this feature, I
think it is more of a side-effect.

> On Mon, Jun 1, 2015 at 3:09 PM, Parker Higgins <parker at eff.org> 
> wrote:
> 
>> On 06/01/2015 12:35 PM, Thomas Delrue wrote:
>>> On 06/01/2015 01:46 PM, Steve Weis wrote:
>>>> Hi Libtech. Facebook added support to put a PGP public key
>>>> to your profile and optionally use it to encrypt email 
>>>> notifications that are sent to you:
>>>> 
>> https://www.facebook.com/notes/protect-the-graph/securing-email-communications-from-facebook/1611941762379302
>>>
>>
>> 
Forgive my ignorance but what is the point of this 'feature'?
>>> Wouldn't FB (and thus anyone able to coerce FB as well) still 
>>> have the unencrypted data?
>>> 
>>> Wooden leg, meet band-aid.
>> 
>> Facebook is offering end-to-end encryption. If you don't trust 
>> the other end of an end-to-end connection, this won't help that 
>> particular problem. But there are plenty of well-attested 
>> benefits of end-to-end encryption for all sorts of other 
>> threats.






More information about the liberationtech mailing list