A friend of mine, Hendrik Mans, wrote a pretty good article (in german) about the whole PRISM etc. dilemma. His gist: We should stop to act in this case as if we are actually able to tell whats going on there. For the most part, we simply don’t know. Because we’re are not tech savvy enough to understand the technologies involved (which may or may not be true for you) but also because, for the most part, this stuff is still happening largely in secret and although Edward Snowden gave us some ideas of what’s happening, we still don’t know much about how that’s happening.
He also rants about the “solutionists” crying “you only need to use end-to-end encryption” and that’s a point I actually want to elaborate on a bit.
First of all, what do we mean with end-to-end encryption (e2ee) . For the sake of the argument, let’s assume it means something like PGP (or GPG for that matter) and everyone uses securely stored keys, the encryption is asymmetric and the keysize is big enough (which are a lot of assumtions already if you think about it) and so we can be relatively sure that this encryption is safe. Please note that I am not going to explain all of this to you. Fortunately, there are a lot of places on the web where you can get good information on this.
This is a great tool if your name is Alice and you want to send Bob a message which should stay secret between you two.
That is to say, if the secrecy of the message is what you actually care about. read more...