A face-to-face conversation, held in a proper SCIF (Secure Compartmentalized Information Facility), with no decorations, transparent furniture, the best sound isolation you can buy (think bottom of a salt mine and still wrapped in isolating material), no windows, no air-conditioning, shielded from thermal imaging, bring no devices at all, and all participants stark naked (ideally you’d add body cavity search and MRI); That way you can avoid most eaves-dropping.
Well, if eliminating parties is on the table, I’d have to recommend shooting yourself (better: pack your head in a lot of explosives, less chance to accidentally survive), so good ol’ rubber-hose cryptanalysis doesn’t work either ;-)
Fair enough, I was feeling a bit cheeky ;) I guess you really mean digital, electronic, semi-instantaneous, text-based communications, aka “instant messenger”. I tend to be very careful with recommendations, they always can turn out to be bad advice… For what it’s worth I use either email with GnuPG or Signal. I have a long list of caveats for both, but I do use them…
As I said, I have reservations about Signal, but I have not found one where I have fewer, so… As to “the” openPGP “app” and literal missile launch codes, it really depends on what exactly that app is (there are many implementations of RFC4880) and on what environment it is running. Most likely it’s adequate for normal people though ;) I use GnuPG 2.x on QubesOS, and OpenKeychain on GrapheneOS, but I’m a cryptology-nerd who enjoys coming across slightly paranoid ;)
A face-to-face conversation, held in a proper SCIF (Secure Compartmentalized Information Facility), with no decorations, transparent furniture, the best sound isolation you can buy (think bottom of a salt mine and still wrapped in isolating material), no windows, no air-conditioning, shielded from thermal imaging, bring no devices at all, and all participants stark naked (ideally you’d add body cavity search and MRI); That way you can avoid most eaves-dropping.
And then shoot the other party, because a secret shared is no longer a secret.
Well, if eliminating parties is on the table, I’d have to recommend shooting yourself (better: pack your head in a lot of explosives, less chance to accidentally survive), so good ol’ rubber-hose cryptanalysis doesn’t work either ;-)
Ok… that is a bit over the top. What about digital messaging.
Fair enough, I was feeling a bit cheeky ;) I guess you really mean digital, electronic, semi-instantaneous, text-based communications, aka “instant messenger”. I tend to be very careful with recommendations, they always can turn out to be bad advice… For what it’s worth I use either email with GnuPG or Signal. I have a long list of caveats for both, but I do use them…
I read somewhere (on lemmy) that signal might not be a safe and secure option. and i have deleted my account. 😑
and i use the openPGP app. is this good enough to protect my missile launch codes?
As I said, I have reservations about Signal, but I have not found one where I have fewer, so… As to “the” openPGP “app” and literal missile launch codes, it really depends on what exactly that app is (there are many implementations of RFC4880) and on what environment it is running. Most likely it’s adequate for normal people though ;) I use GnuPG 2.x on QubesOS, and OpenKeychain on GrapheneOS, but I’m a cryptology-nerd who enjoys coming across slightly paranoid ;)
I am taking the notes and switching to write letters now. 😭