And how do you operate without RSA using PGP? I am confused. SHA-512 is for hashing, but not the encryption. The so-called "RSA debacle" does not stop you from using RSA as part of PGP, unless you are using the older (and maybe less useful; I am not a cryptograher) DSA options in PGP. Care to elaborate? Your jokes are cute, but that joke in particular scares me out of trying your service because it shows a biased or garbled technical story here.
Also, we appreciate the mention of the Pax kernel, but TrueCrypt on Linux. Can you go into more detail? I am intrigued why you would choose this over any other software-based full disk encryption system (LUKS+dm-crypt, for example).
Also, FDE of the email servers is nice, but as the sole owner of a bunch of accounts, you can still be compelled to hand that data over, and without hardware-based encryption (and people are more skeptical than ever about TPM chips due to recent news in play), I am not sure it helps. The PGP is nice, but I think you are going to get a lot of snark and rightful skepticism on browser-based JS crypto, which is controversial. I did not say impossible, but many people, me included, do not think this is ready for primetime (some think it never will be, I am staying out of that flamewar).
Nice site, so-so copyright, but there is no silver bullet in this arena and I would prefer your "nerd info" gives better technical detail and a real, real warning about promises you cannot keep.
https://github.com/openpgpjs/openpgpjs
And how do you operate without RSA using PGP? I am confused. SHA-512 is for hashing, but not the encryption. The so-called "RSA debacle" does not stop you from using RSA as part of PGP, unless you are using the older (and maybe less useful; I am not a cryptograher) DSA options in PGP. Care to elaborate? Your jokes are cute, but that joke in particular scares me out of trying your service because it shows a biased or garbled technical story here.
Also, we appreciate the mention of the Pax kernel, but TrueCrypt on Linux. Can you go into more detail? I am intrigued why you would choose this over any other software-based full disk encryption system (LUKS+dm-crypt, for example).
Also, FDE of the email servers is nice, but as the sole owner of a bunch of accounts, you can still be compelled to hand that data over, and without hardware-based encryption (and people are more skeptical than ever about TPM chips due to recent news in play), I am not sure it helps. The PGP is nice, but I think you are going to get a lot of snark and rightful skepticism on browser-based JS crypto, which is controversial. I did not say impossible, but many people, me included, do not think this is ready for primetime (some think it never will be, I am staying out of that flamewar).
Nice site, so-so copyright, but there is no silver bullet in this arena and I would prefer your "nerd info" gives better technical detail and a real, real warning about promises you cannot keep.