Mailing List Archive

Is it possible to link the original source material (Snowden's speech or interview or whatever) rather than this video which could, for example, be a montage of several different speeches or interviews?

Sincerely,

Chiraag
--
?????? ??????
Pronouns: he/him/his

07/08/20 13:35 ?????, Stefan Claas <sac@300baud.de> ??????:
>
> ... you may like to check out Mr. Snowden's YouTube video:
>
> https://www.youtube.com/watch?v=wltrint1JrA
>
> Regards
> Stefan
>
> --
> my 'hidden' service gopherhole:
> gopher://iria2xobffovwr6h.onion
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

?????? ?????? via Gnupg-users wrote:

> Is it possible to link the original source material (Snowden's speech or interview or whatever) rather than this video which
> could, for example, be a montage of several different speeches or interviews?
>
> Sincerely,
>
> Chiraag

Apologies, I currently have no other sources, wish I had.

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Stefan Claas wrote:

> ?????? ?????? via Gnupg-users wrote:
>
> > Is it possible to link the original source material (Snowden's speech or interview or whatever) rather than this video which
> > could, for example, be a montage of several different speeches or interviews?
> >
> > Sincerely,
> >
> > Chiraag
>
> Apologies, I currently have no other sources, wish I had.

P.S. I also send a message to Mr Snowden via Twitter, but
I doubt he will see this, because of his over 4 Million
followers, which might write him too.

And yesterday I wrote an email to NSO group, asking if
their latest release of Pegasus is capable of doing
this. But no reply yet ...

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Isn't the NSO group Israeli, not Russian as claimed in the video? https://en.wikipedia.org/wiki/NSO_Group

Sincerely,

Chiraag
--
?????? ??????
Pronouns: he/him/his

07/08/20 16:12 ?????, Stefan Claas <sac@300baud.de> ??????:
>
> Stefan Claas wrote:
>
> > ?????? ?????? via Gnupg-users wrote:
> >
> > > Is it possible to link the original source material (Snowden's speech or interview or whatever) rather than this video which
> > > could, for example, be a montage of several different speeches or interviews?
> > >
> > > Sincerely,
> > >
> > > Chiraag
> >
> > Apologies, I currently have no other sources, wish I had.
>
> P.S. I also send a message to Mr Snowden via Twitter, but
> I doubt he will see this, because of his over 4 Million
> followers, which might write him too.
>
> And yesterday I wrote an email to NSO group, asking if
> their latest release of Pegasus is capable of doing
> this. But no reply yet ...
>
> Regards
> Stefan
>
> --
> my 'hidden' service gopherhole:
> gopher://iria2xobffovwr6h.onion
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

?????? ?????? via Gnupg-users wrote:

> Isn't the NSO group Israeli, not Russian as claimed in the video? https://en.wikipedia.org/wiki/NSO_Group

Yes, as understood. I think it really doesn't matter where Pegasus does come from.

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Stefan Claas wrote:

> ?????? ?????? via Gnupg-users wrote:
>
> > Isn't the NSO group Israeli, not Russian as claimed in the video? https://en.wikipedia.org/wiki/NSO_Group
>
> Yes, as understood. I think it really doesn't matter where Pegasus does come from.

This article showed up today, when I did a Google search again:

<https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>

Trustworthy source.

Regards
Stefan
--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Stefan Claas wrote:

> Stefan Claas wrote:
>
> > ?????? ?????? via Gnupg-users wrote:
> >
> > > Isn't the NSO group Israeli, not Russian as claimed in the video? https://en.wikipedia.org/wiki/NSO_Group
> >
> > Yes, as understood. I think it really doesn't matter where Pegasus does come from.
>
> This article showed up today, when I did a Google search again:
>
> <https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>
>
> Trustworthy source.

Mmmhhh, it is getting 'better and better' for smartphone users.

https://www.androidauthority.com/government-tracking-apps-1145989/

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

El día domingo, agosto 09, 2020 a las 10:06:13p. m. +0200, Stefan Claas escribió:

> > This article showed up today, when I did a Google search again:
> >
> > <https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>
> >
> > Trustworthy source.
>
> Mmmhhh, it is getting 'better and better' for smartphone users.
>
> https://www.androidauthority.com/government-tracking-apps-1145989/
>

One can use a Linux mobile phone running UBports.com (as I and all my family do)
or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).

Stop whining, stand up and fight and protect yourself.

matthias


--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
May, 9: ???????? ????????????! Thank you very much, Russian liberators!

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Matthias Apitz wrote:

> El d?a domingo, agosto 09, 2020 a las 10:06:13p. m. +0200, Stefan Claas escribi?:
>
> > > This article showed up today, when I did a Google search again:
> > >
> > > <https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>
> > >
> > > Trustworthy source.
> >
> > Mmmhhh, it is getting 'better and better' for smartphone users.
> >
> > https://www.androidauthority.com/government-tracking-apps-1145989/
> >
>
> One can use a Linux mobile phone running UBports.com (as I and all my family do)
> or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).

Yes, people gave me already (not from here of course) good advise for other OSs
which one can use. The question is how long will those OSs been unaffected ...

> Stop whining, stand up and fight and protect yourself.

I am not whining ... I only wanted to let the people know. Also very
interesting that only one person in this thread replied, besides you ...

Regards
Stefan


--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

10/08/20 09:07 ?????, Stefan Claas <sac@300baud.de> ??????:
>
> Matthias Apitz wrote:
>
> > El día domingo, agosto 09, 2020 a las 10:06:13p. m. +0200, Stefan Claas escribió:
> >
> > > > This article showed up today, when I did a Google search again:
> > > >
> > > > <https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>
> > > >
> > > > Trustworthy source.
> > >
> > > Mmmhhh, it is getting 'better and better' for smartphone users.
> > >
> > > https://www.androidauthority.com/government-tracking-apps-1145989/
> > >
> >
> > One can use a Linux mobile phone running UBports.com (as I and all my family do)
> > or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).
>
> Yes, people gave me already (not from here of course) good advise for other OSs
> which one can use. The question is how long will those OSs been unaffected ...
>
> > Stop whining, stand up and fight and protect yourself.
>
> I am not whining ... I only wanted to let the people know. Also very
> interesting that only one person in this thread replied, besides you ...

I was wary of storing my private GPG keys on my phone (if only because of theft/loss/etc), so I set up my keys on a Yubikey and use that to decrypt stuff on my phone. From what I understand, even if they were to obtain secrets decrypted by the Yubikey or exfiltrate private files, they would not be able to actually decrypt them given that the key resides on the Yubikey (if the private key were on the phone itself, they'd "just" have to crack the passphrase or whatever, which would presumably be much easier...).

Just another way to mitigate the risk of stuff like this.

Sincerely,

Chiraag

Dear Chiraag,

I've been thinking of a similar setup with my GPG keys on a smart card
to encrypt/decrypt data on my android phone.
Could be more specific about your setup?

thank you
Dmitry

On 10.08.2020 17:27, ?????? ?????? via Gnupg-users wrote:
> 10/08/20 09:07 ?????, Stefan Claas <sac@300baud.de> ??????:
>>
>> Matthias Apitz wrote:
>>
>>> El día domingo, agosto 09, 2020 a las 10:06:13p. m. +0200, Stefan Claas escribió:
>>>
>>>>> This article showed up today, when I did a Google search again:
>>>>>
>>>>> <https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>
>>>>>
>>>>> Trustworthy source.
>>>>
>>>> Mmmhhh, it is getting 'better and better' for smartphone users.
>>>>
>>>> https://www.androidauthority.com/government-tracking-apps-1145989/
>>>>
>>>
>>> One can use a Linux mobile phone running UBports.com (as I and all my family do)
>>> or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).
>>
>> Yes, people gave me already (not from here of course) good advise for other OSs
>> which one can use. The question is how long will those OSs been unaffected ...
>>
>>> Stop whining, stand up and fight and protect yourself.
>>
>> I am not whining ... I only wanted to let the people know. Also very
>> interesting that only one person in this thread replied, besides you ...
>
> I was wary of storing my private GPG keys on my phone (if only because of theft/loss/etc), so I set up my keys on a Yubikey and use that to decrypt stuff on my phone. From what I understand, even if they were to obtain secrets decrypted by the Yubikey or exfiltrate private files, they would not be able to actually decrypt them given that the key resides on the Yubikey (if the private key were on the phone itself, they'd "just" have to crack the passphrase or whatever, which would presumably be much easier...).
>
> Just another way to mitigate the risk of stuff like this.
>
> Sincerely,
>
> Chiraag
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>

?????? ?????? via Gnupg-users wrote:

> 10/08/20 09:07 ?????, Stefan Claas <sac@300baud.de> ??????:
> >
> > Matthias Apitz wrote:
> >
> > > El día domingo, agosto 09, 2020 a las 10:06:13p. m. +0200, Stefan Claas escribió:
> > >
> > > > > This article showed up today, when I did a Google search again:
> > > > >
> > > > > <https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>
> > > > >
> > > > > Trustworthy source.
> > > >
> > > > Mmmhhh, it is getting 'better and better' for smartphone users.
> > > >
> > > > https://www.androidauthority.com/government-tracking-apps-1145989/
> > > >
> > >
> > > One can use a Linux mobile phone running UBports.com (as I and all my family do)
> > > or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).
> >
> > Yes, people gave me already (not from here of course) good advise for other OSs
> > which one can use. The question is how long will those OSs been unaffected ...
> >
> > > Stop whining, stand up and fight and protect yourself.
> >
> > I am not whining ... I only wanted to let the people know. Also very
> > interesting that only one person in this thread replied, besides you ...
>
> I was wary of storing my private GPG keys on my phone (if only because of theft/loss/etc), so I set up my keys on a Yubikey
> and use that to decrypt stuff on my phone. From what I understand, even if they were to obtain secrets decrypted by the
> Yubikey or exfiltrate private files, they would not be able to actually decrypt them given that the key resides on the
> Yubikey (if the private key were on the phone itself, they'd "just" have to crack the passphrase or whatever, which would
> presumably be much easier...).
>
> Just another way to mitigate the risk of stuff like this.

Well, I do have YubiKeys and a Nitrokey too, but I would say while they can't obtain your private key they will for sure
know the passphrase (PIN) used and the content you encrypted/decrypted on your smartphone.

I came up yesterday with the idea to use an additional offline laptop[1] connected to my smartphone via a USB OTG cable
and an FTDI USB to USB cable, costs for both less then 20 USD. When both devices are connected one uses on the laptop
CoolTerm (cross-platform) and on the Android device serial usb terminal, available on the PlayStore.

As of my understanding (please someone proofs me wrong) an attacker would have a hard time to know the encrypted content
created on the offline laptop.

[1]I have to check out if they are mobile and inexpensive Raspberry Pi solutions available for purchase.

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

10/08/20 18:05 ?????, bereska <bereska@hotmail.com> ??????:
> Dear Chiraag,
>
> I've been thinking of a similar setup with my GPG keys on a smart card
> to encrypt/decrypt data on my android phone.
> Could be more specific about your setup?
>
> thank you
> Dmitry

Hi Dmitry,

I created a tutorial a while back on my website for setting this stuff up: https://chiraag.me/passwords/index.php

Let me know if you have questions or if anything's unclear!

Best,

Chiraag

On Mon, 2020-08-10 at 17:14 +0200, Stefan Claas wrote:
> ?????? ?????? via Gnupg-users wrote:
>
> > 10/08/20 09:07 ?????, Stefan Claas <sac@300baud.de> ??????:
> > > Matthias Apitz wrote:
> > >
> > > > El día domingo, agosto 09, 2020 a las 10:06:13p. m. +0200, Stefan Claas escribió:
> > > >
> > > > > > This article showed up today, when I did a Google search again:
> > > > > >
> > > > > > <https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware>
> > > > > >
> > > > > > Trustworthy source.
> > > > >
> > > > > Mmmhhh, it is getting 'better and better' for smartphone users.
> > > > >
> > > > > https://www.androidauthority.com/government-tracking-apps-1145989/
> > > > >
> > > >
> > > > One can use a Linux mobile phone running UBports.com (as I and all my family do)
> > > > or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).
> > >
> > > Yes, people gave me already (not from here of course) good advise for other OSs
> > > which one can use. The question is how long will those OSs been unaffected ...
> > >
> > > > Stop whining, stand up and fight and protect yourself.
> > >
> > > I am not whining ... I only wanted to let the people know. Also very
> > > interesting that only one person in this thread replied, besides you ...
> >
> > I was wary of storing my private GPG keys on my phone (if only because of theft/loss/etc), so I set up my keys on a Yubikey
> > and use that to decrypt stuff on my phone. From what I understand, even if they were to obtain secrets decrypted by the
> > Yubikey or exfiltrate private files, they would not be able to actually decrypt them given that the key resides on the
> > Yubikey (if the private key were on the phone itself, they'd "just" have to crack the passphrase or whatever, which would
> > presumably be much easier...).
> >
> > Just another way to mitigate the risk of stuff like this.
>
> Well, I do have YubiKeys and a Nitrokey too, but I would say while they can't obtain your private key they will for sure
> know the passphrase (PIN) used and the content you encrypted/decrypted on your smartphone.
>
> I came up yesterday with the idea to use an additional offline laptop[1] connected to my smartphone via a USB OTG cable
> and an FTDI USB to USB cable, costs for both less then 20 USD. When both devices are connected one uses on the laptop
> CoolTerm (cross-platform) and on the Android device serial usb terminal, available on the PlayStore.
>
> As of my understanding (please someone proofs me wrong) an attacker would have a hard time to know the encrypted content
> created on the offline laptop.
>

Why use PGP on your phone if you carry a whole laptop with you anyway?

--
Best regards,
Micha? Górny

Micha? Górny wrote:

[...]

> Why use PGP on your phone if you carry a whole laptop with you anyway?

Good question. There is software for Andoid available called OpenKeyChain,
which as understood is the defacto standard for Android smartphone users,
in combination with a MUA for Android.

The question IMHO now is what should mobile device users do now? I showed
a solution, assuming those users have an offline laptop too, which then
would allow them to comfortably and securely create their messages.

Not all people can purchase now a new smartphone with a more secure OpenSource
OS and new SIM, I assume.

I also do not know if it is common if people use an (compromised?) online
laptop, as a smartphone, when on the road.

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

I was thinking about getting an app called iPGMail for iPhone/iPad to
use PGP on them. From my very limited experience it looks like it might
be a good choice as well.

On 8/10/2020 8:49 AM, Stefan Claas wrote:
> Micha? Górny wrote:
>
> [...]
>
>> Why use PGP on your phone if you carry a whole laptop with you anyway?
> Good question. There is software for Andoid available called OpenKeyChain,
> which as understood is the defacto standard for Android smartphone users,
> in combination with a MUA for Android.
>
> The question IMHO now is what should mobile device users do now? I showed
> a solution, assuming those users have an offline laptop too, which then
> would allow them to comfortably and securely create their messages.
>
> Not all people can purchase now a new smartphone with a more secure OpenSource
> OS and new SIM, I assume.
>
> I also do not know if it is common if people use an (compromised?) online
> laptop, as a smartphone, when on the road.
>
> Regards
> Stefan
>

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

El día Montag, August 10, 2020 a las 09:07:51 +0200, Stefan Claas escribió:

> > One can use a Linux mobile phone running UBports.com (as I and all my family do)
> > or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).
>
> Yes, people gave me already (not from here of course) good advise for other OSs
> which one can use. The question is how long will those OSs been unaffected ...

The kernel and all apps are OpenSource i.e. people can (and do) read the
sources. It's impossible to build in backdoors. The attack could come
through the firmware in the chips (which are not OpenSource). For this
the Puri.sm L5 (and the laptops they make also) have 3 hardware keys to
poweroff WiFi, Cellular, Microphone/Cameras (all 3 will turn off GPS).

The authorities can not track you. See:

https://puri.sm/products/librem-5/

matthias

--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
May, 9: ???????? ????????????! Thank you very much, Russian liberators!

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Matthias Apitz wrote:

> El d?a Montag, August 10, 2020 a las 09:07:51 +0200, Stefan Claas escribi?:
>
> > > One can use a Linux mobile phone running UBports.com (as I and all my family do)
> > > or the upcoming Puri.sm L5 (as I pre-ordered in October 2017).
> >
> > Yes, people gave me already (not from here of course) good advise for other OSs
> > which one can use. The question is how long will those OSs been unaffected ...
>
> The kernel and all apps are OpenSource i.e. people can (and do) read the
> sources. It's impossible to build in backdoors. The attack could come
> through the firmware in the chips (which are not OpenSource). For this
> the Puri.sm L5 (and the laptops they make also) have 3 hardware keys to
> poweroff WiFi, Cellular, Microphone/Cameras (all 3 will turn off GPS).
>
> The authorities can not track you. See:
>
> https://puri.sm/products/librem-5/

Thanks for the information! While it is a nice product, according to their web site,
they say they run Gnu/Linux. Do you think that Gnu/Linux can't be hacked? Or better
said, should we all (those who use encryption software often) still use it directly
on online devices?

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Mark wrote:

> I was thinking about getting an app called iPGMail for iPhone/iPad to
> use PGP on them. From my very limited experience it looks like it might
> be a good choice as well.

For me it looks like that encryption al? OpenPGP, whether iOS or Android
is unfortunately dead, after I have seen Mr Snowden's YouTube Video.

Based on my proposal, I would like to see in the future (OpenSource)
*hardware* based encryption products, for at least voice comms, which
is affordable for the majority of us and easy to use, so that people
do not need to use good old email encryption for important things,
on a mobile device.

https://www.securstar.com/en/phonecrypt-voice.html

Regards
Stefan


--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 11-08-2020 11:39, Stefan Claas wrote:

> Based on my proposal, I would like to see in the future (OpenSource)
> *hardware* based encryption products, for at least voice comms, which
> is affordable for the majority of us and easy to use, so that people
> do not need to use good old email encryption for important things,
> on a mobile device.

Why hardware? If a bug is found you can't upgrade it easily.

On mobile, encrypted messengers are the norm. WhatsApp is the biggest,
and it uses Signal's encryption algorithm which is excellent.

--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Johan Wevers wrote:

> On 11-08-2020 11:39, Stefan Claas wrote:
>
> > Based on my proposal, I would like to see in the future (OpenSource)
> > *hardware* based encryption products, for at least voice comms, which
> > is affordable for the majority of us and easy to use, so that people
> > do not need to use good old email encryption for important things,
> > on a mobile device.
>
> Why hardware? If a bug is found you can't upgrade it easily.

Because hardware can't be tampered with like software.

> On mobile, encrypted messengers are the norm. WhatsApp is the biggest,
> and it uses Signal's encryption algorithm which is excellent.

And you think that continuing with those is a good practice since
Mr Snowden's YouTube Video was released?

You may like to read an older brochure of Pegasus and then tell us
your thoughts.

https://www.documentcloud.org/documents/4599753-NSO-Pegasus.html

or Google for zero-click attacks/exploits.

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

11/08/20 17:18 ?????, Stefan Claas <sac@300baud.de> ??????:
>
> And you think that continuing with those is a good practice since
> Mr Snowden's YouTube Video was released?

I mean, don't you think it's odd that you can't find a single other source for those statements coming from Snowden? And don't you find it odd that Pegasus is claimed to be a Russian group, when in fact they're Israeli (showing a basic lack of care regarding factual statements that are easily verified or debunked)? I don't think Snowden would make that sort of mistake, and I would think we'd see a lot more articles or videos or whatever about this.

Is Pegasus dangerous? Absolutely. Do I take the claims in the video at face value? Not really, no. And I doubt that Snowden actually said all of those things as one coherent statement (although they might be various statements taken from various different interviews or speeches or whatever).

The whole veracity of the video rests on Snowden's authority, and I suspect the people who made the video are banking on people trusting it because it seems to come from Snowden.

Sincerely,

Chiraag

?????? ?????? via Gnupg-users wrote:

>
> 11/08/20 17:18 ?????, Stefan Claas <sac@300baud.de> ??????:
> >
> > And you think that continuing with those is a good practice since
> > Mr Snowden's YouTube Video was released?
>
> I mean, don't you think it's odd that you can't find a single other source for those statements coming from Snowden? And
> don't you find it odd that Pegasus is claimed to be a Russian group, when in fact they're Israeli (showing a basic lack of
> care regarding factual statements that are easily verified or debunked)? I don't think Snowden would make that sort of
> mistake, and I would think we'd see a lot more articles or videos or whatever about this.
>
> Is Pegasus dangerous? Absolutely. Do I take the claims in the video at face value? Not really, no. And I doubt that Snowden
> actually said all of those things as one coherent statement (although they might be various statements taken from various
> different interviews or speeches or whatever).
>
> The whole veracity of the video rests on Snowden's authority, and I suspect the people who made the video are banking on
> people trusting it because it seems to come from Snowden.

Please ask native U.S. citizens if this is a video with a faked voice from Mr. Snowden, not me.

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

It matters little whether these statements were made by Snowden. Whether a particular piece of software exists or not, and whether it is owned by the Russians or the Israelis or the Americans, is beside the point. In principle, it can exist and similar pieces of software have existed in the past, so we can safely assume that something like it will always exist in some form or another.

If someone roots your phone, or your laptop, it is Game Over. It does not matter if you are using Signal, or WhatsApp, or PGP. If the Bad Guys have rooted your phone you are helpless against them. The solution is not to let them root your phone in the first place (i.e. update regularly and don’t click on anything unsolicited), and don’t use your phone for anything that would endanger your life if you were rooted.

Andrew Gallagher

> On 11 Aug 2020, at 17:18, Stefan Claas <sac@300baud.de> wrote:
>
> Please ask native U.S. citizens if this is a video with a faked voice from Mr. Snowden, not me.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users