$ gpg --<TAB>
Display all 362 possibilities? (y or n)
$ man gpg | wc -l
3071
Why is this thing so bad when it's so popular and people "rely on it"?
> dozens of flags for the same thing, with just slightly different formatting
> position-dependant flags
> not using subcommands for keyring management, keygen, keyservers, encrypt/signing, etc. combine with ^ really hard to navigate, no way to memorize commands
> still prints short IDs everywhere; never prints long IDs, you need to manually read it from full fingerprint
> massive codebase, massive dependencies
> there is still v1 in many repos
> reads from /dev/random, keygen blocks forever on linux
> controlling with multiple private keys is hell, better give up and get front-end
> there is that shell things that has no documentation but probably the only way to manage trust-levels and stuff
And there is no real alternative? (excluding front-ends)
>>60958408
what alternative are you shilling for and don't bother posting if it isn't FLOSS and independently audited
>>60958408
t. moxie marlinkike
>>60960849
why did you have to bump it
>>60960856
but you bumped it last
>>60960849
this
>don't use PGP goy, trust our government-funded startups with your data instead
>>60961115
no I didn't I saged every time anon
>>60961715
prove it
>>60961748
no u
>>60962959
no u
>>60962972
no u
>>60963052
no u
>>60963065
no us
>>60963085
no u
>>60963161
fuck I bumped the thread that time
Any recommendations for a beginner on gpg anon?
>>60963300
This screencast
> https://www.youtube.com/watch?v=Lq-yKJFHJpk
Mini HOWTO from official website (for some reason english version is hosted on external website without https)
> https://www.gnupg.org/documentation/howtos.html
> http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.html
just some links I've found on the internet
> https://www.madboa.com/geek/gpg-quickstart/
> https://www.futureboy.us/pgp.html
Advanced Introduction to GnuPG
> https://news.ycombinator.com/item?id=14486964
gpg works
>>60958408
>Why is this thing so bad
Because they do not support modern hashes like sha-3
Because they do not support the PFS extension
Because they do not support chacha20/poly1305
Because they support shitty nsa curves
Because they limit the size of rsa to 4kib.
Because they do not support PQC.
> position-dependant flags
Are you sure about that?
> still prints short IDs everywhere; never prints long IDs, you need to manually read it from full fingerprint
short ids should never have existed, it's a wonder why they still use them
> reads from /dev/random, keygen blocks forever on linux
That explains everything then. Is there an option for /dev/urandom?
> controlling with multiple private keys is hell, better give up and get front-end
The annoying part is that you are not able to describe what each (sub)key is meant for, as well as what keys are yours.
>>60960849
>moxie
You reminded me of when he got butthurt with fdroid, said that people should not compile their own binaries and then killed LibreSignal. https://github.com/LibreSignal/LibreSignal/issues/37
Why do the Hackerjews still support him? He even said some bullshit like (>cryptographic ciphers are slower than hash functions, this is why they don't make hash functions out of them!)
Yeah... all of them except whirlpool, blake, blake2, sha1, sha-0, sha2, md5, etc. Not to mention that we use ciphers instead of hashes in ctr mode because they are faster, otherwise we would have no reason for ciphers to exist.