FAQ: General Questions & Answers
What are the limitations of GoodCrypto?
Do not use GoodCrypto...
- if you don't trust your administrator. Right now anyone can spy on your mail and browsing. GoodCrypto limits that risk to the administrator you already trust.
- if you don't trust your server. A server in the cloud can be especially vulnerable.
- if you're waiting for a solution that stops every imaginable attack. There isn't one. GoodCrypto stops mass surveillance for mail and web.
- if you are a whistleblower or member of a suppressed group. GoodCrypto's metadata protection hasn't had enough field testing yet.
- if you are already encrypting mail. We don't want a monoculture.
- if you can't live without pictures, videos, etc. GoodCrypto blocks these malware vectors.
GoodCrypto keeps the content of your mail private. It is safe from prying eyes. Think of it as an envelope for your email.
GoodCrypto protects mail as it crosses the Internet. This stops mass surveillance and many targeted attacks. Your contacts can use GoodCrypto or any other OpenPGP package. Any properly configured mail server with TLS already protects between your own device and your mail server. GoodCrypto enhances your connection to add encryption, mixing, and padding between you and your contact. The result is end to end protection. Someone might possibly read your mail before it is sent, or after it arrives. But that's a lot harder.
There are tradeoffs to everything. Automatic PGP for a group requires a group key store. If your GoodCrypto server is cracked, everyone in your group is exposed. The alternative is to store private keys on relatively unprotected user machines. Public internet servers already are trusted to store private keys. Your GoodCrypto server is private, not public. It is carefully configured and protected. This is safer than users protecting themselves, which they simply don't know how to do.
Don't trust too muchPlease don't trust unencrypted communications with your life or liberty. Choose your crypto carefully. Watch for reasons to review that decision.
GoodCrypto is based on GPG and Tor. They are the safest crypto available, and are tested and trusted. But perfect crypto does not exist.
GoodCrypto has been independently audited, but needs many more independent audits. Any bug reports are very welcome.
Whatever tools you choose, any good crypto is much safer than no crypto.