DeepSec 2019 Talk: Comparing GnuPG With Signal is like Comparing Apples with Smart Light Bulbs – Hans Freitag

Sanna/ October 28, 2019/ Conference, Security

GnuPG is not designed to be used only in E-Mail, it plays an important role in securing all sorts of mission critical data. In this talk I will show you applications of GnuPG that are not E-Mail or Instant Messaging.

We asked Hans a few more questions about his talk.

Please tell us the top 5 facts about your talk.

  • GnuPG is free software that can be used to encrypt and sign data.
  • Signal is not a free software but may be used to communicate with others.
  • You can’t compare apples with pears.
  • In German the term glowing pear is used for light bulb.
  • My Key ID is: 1553A52AE25725279D8A499175E880E6DC59190F

How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?

I browsed the news and came across an article saying “We found a bug in an E-Mail program accidentally displaying unencrypted data as encrypted data and therefore you should ditch the use of GnuPG immediately and use Signal instead!” Spoiler Alert: It does not work!

Why do you think this is an important topic?

GnuPG is the tool on which almost all open source software relies on when delivering software to customers. It is embedded in almost any open Software and even usable from Android phones.

Is there something you want everybody to know – some good advice for our readers maybe?

Be nice to each other. Protect private data. Respect others.

A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?

The next innovation might be a better user interface with sane defaults for GnuPG keys. Also getting GnuPG support for user keys and smart cards into the OS at installation level is important.

I would love to see GnuPG available in company infrastructure. I believe this would boost usage a lot, as it means that confidential data can be stored end to end encrypted and signed on the servers with the push of a button.

Born in Celle, Germany in 1980.
Found out about Open Source around 1997.
Attended the first Chaos Communication Congress in 1999.
Self employed as consultant and developer since 2001.
CEO/CTO and owner of Conesphere GmbH since 2017.

Share this Post