Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Now Supports PGP To Send You Encrypted Emails

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes: You can now have Facebook encrypt email it sends to you by adding your PGP key to your profile. The PGP feature is "experimental" and will be rolled out slowly. The announcement reads in part: "...today we are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to 'end-to-end' encrypt notification emails sent from Facebook to your preferred email accounts. People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications."

5 of 138 comments (clear)

  1. Re:The Onion by CronoCloud · · Score: 3, Insightful

    Srsly!

    Wonder who will be first to make a "Finger Facebook for my Public Key" joke.

    It does serve a purpose in being another means to easily distribute a pubkey, especially to those who might not be familiar enough with pgp/gpg to use keyservers, or prefer not to use them.

    After all, we can put our precious pgp pubkeys in our Slashdot profiles as well.

    https://slashdot.org/users.pl?...

    You can find them at:

    http://slashdot.org/~usernamefoo/pubkey

  2. Share your "encryption network" with Suckerberg! by GrantRobertson · · Score: 3, Insightful

    Right, that's exactly what you want to be doing if you are interested in encrypted communication... Share the list of other people who want communicate with you via encryption. That way the most intentionally invasive service in the world can build a giant graph of everyone who communicates via encryption. Then the NSA will know who to focus their efforts on just by who has had the most people download their public key or who is at the center of the largest clusters of connectivity.

    This could possibly be countered by having everyone download lots of random people's keys. But only if FB doesn't require you to be "friends" before you can exchange keys.

    The best way to counter it is to let all the sheeple use it, to give the NSA something to play with, while the astute "encryptionistas" ignore it.

  3. Signing of messages by houghi · · Score: 5, Insightful

    I see the frist step not in encryption, but in verifiation in that the sender is who he claims he is.

    If this helps to have more people use it that way, I am all for it.

    e.g. I have a dedicated email adress for e.g. my bank bank.com@example.com. That way I can already filter out those who pretend to be my bank. It would be better if they used a PGP signature so I can verify if it really IS the bank sending me something (Or any other company) or if it just qn elite hqxor who changed the from adress.

    To me email encryption is not the main factor, signing of emails/messages is.

    --
    Don't fight for your country, if your country does not fight for you.
  4. Re:Send You Encrypted Emails by Anonymous Coward · · Score: 2, Insightful

    Fail. "You" is dative, not a typo for genitive "your".

  5. Meanwhile by Enry · · Score: 5, Insightful

    Slashdot still doesn't offer https support.