(FWIW, I do not use multi-floor robots myself, only using an old random-walking Roomba in a single-floor setting, but considering getting another robotic cleaner for a two-floor house, where it does seem reasonable to manually move it between floors, as I would move any other cleaning tools.)

Probably because of my limited usage of Sequoia, but it seemed compatible enough with GnuPG (when it comes to OpenPGP, that is; not their CLIs or APIs): not completely, but enough in practice. The cryptography also looks modern enough to me: it is not like even GnuPG defaults to compatibility with particularly old systems.

If they were notably incompatible though, I guess I would prefer GnuPG for the availability and compatibility reasons, as mentioned above, mainly to avoid fragmentation. Though if there was a better system, as versatile, preferably as easily available, even if not as widely used, I would consider that as well.

Apparently the threat models we have in mind, along with the settings to use those tools in, differ: as mentioned in the sibling comments, my concerns (or past concerns, current issues to deal with) are more about availability, confidentiality in the face of mass surveillance and over varied channels (i.e., versatility). I see (and hear of) people neglecting cryptography altogether in cases where cryptography would be beneficial (for confidentiality, most often), the local government and other threat actors focusing on heavy-handed and basic attacks (aiming to disrupt use of cryptography, such as by blocking the IMs they do not control and other online services, or--perhaps even more often--making use of it not being used at all in the first place); so I struggle to see how, say, age + minisign would have helped anyone over GnuPG in such conditions, or even those rare few who are targeted individually. But I find it much easier to see how a wider adoption of any sufficiently good, versatile, available, and standardized/compatible tools would be useful. So that people would be able to communicate securely using those, as well as the same person would be able to easily decrypt a file they had encrypted years ago without keeping around a toolbox of varied--and likely partially abandoned--tools, which, taken together, would likely be a worse legacy pile of software and algorithms than OpenPGP and its implementations, moving the specification with its different legacy options into users' heads (and replacing the implementation with their manual operations).

Of course everyone having and properly using a set of most polished and foolproof tools implementing algorithms considered most secure (out of practical ones) at the time would be good, but there are issues with adoption, software acquisition and updates, interference (i.e., adverse conditions, including blocking), key distribution, as well as the moving target (changing recommendations/views) to take into account. The algorithms, implementations, and UIs are not to be ignored, but neither are they everything there is, so one has to prioritize all the components.

Yes, but security usually includes availability, and I mentioned a setting with service blocking above. Like that by a government.

> (Centralization itself is a red herring. One may as well claim that PGP is centralized, given that there’s only one prominent keyserver still limping around the Internet.)

How is it a red herring?

> For messaging/secure communication, use Signal. It’s open source.

From my point of view, it is complicated by Signal being blocked here (and it being centralized helped to establish such blocking easily), likely the phone number verification won't work here, it is not available without a phone, and it is not available from F-Droid repositories on top of that. Currently money transfers are also complicated, so finding some foreign service that would help to circumvent phone number verification is also complicated, and not something I would normally do even without that. All this Internet blocking is a new development here, but such availability issues due to centralization were anticipated for a long time, and are a major motivation behind federated or distributed systems. Some mail servers are also being blocked, but generally mail still works, and less of a pain to use.

> For file encryption, use age. It’s open source and has multiple mature implementations by well-regarded cryptographic engineers.

> For signing, use minisign, or Sigstore, or even ssh signing. All are open source.

These I find to be okay. Having to install them in addition to GnuPG that is usually already available, but that is to be expected; they are available at least from Debian repositories, so not something to complain about when considering alternatives. Likewise with the key sharing: not getting to reuse OpenPGP's PKI, and will have to replace that somehow, but it is not like it is used widely and consistently anyway, so perhaps not much of a loss in practice. Likewise with familiarity of the users: I would expect a little more friction with such tools, compared to GnuPG, but not much more. And I don't see actual usage downsides apart from those. Though the benefits also seem a bit uncertain, but generally that sounds like a switch that makes sense to consider.

I think such an article would seem more convincing, at least to me, if more sensible alternatives were proposed. Ideally without the advice to not encrypt email, without assumptions of continued availability of all the online services, of trust to certain third parties, and so on. Or it could be just a plain criticism without suggestions, which would still be somewhat informative.

Edit: there is another list of alternatives in a sibling comment, advising against (well, actually being quite hostile towards, and generally impolite) usage of what I had in mind as one of the possible more sensible alternatives: XMPP with OMEMO. Though upon skimming the criticism of that, I have not found it particularly convincing, either, and it just looks like some authors try to be particularly provocative/edgy.

Surely "plot the downfall of civilization" is an exaggeration. Knowing that certain actions have harmful consequences to the environment or the humanity, and nevertheless persisting in them, is what many individuals lawfully do without getting together.

I do know people who use no circumvention methods: some are simply not sufficiently familiar with technologies (including older people, who seem to think that something is wrong with their phones), for others it is a mix of regular shying away from technologies and being worried that it draws the government's attention. And then there are those who appear to genuinely support the censorship (or whatever else the government does). I also hear of people switching to local services as the regular ones are blocked.

Anecdotal data is of little use to determine the extent though, and trustworthy statistical data may be hard to come by, but if you somewhat trust the Levada Center, their polls indicate that YouTube's Russian audience halved following the blocking, among other things. [0]

> WireGuard also works just fine - I was able to selfhost and use it without any extra obfuscation.

For both IPsec and WireGuard, I have both heard of the blocks [1] and observed those myself, particularly to servers across the border (which were otherwise available; there is a chance that I misconfigured something back then, but I recall it working fine with local servers). For IPsec, I have also observed blocks within the country (and RKN lifting those on request, confirming an intentional blocking that way, twice; also confirmed that those were for IPsec packets in particular, not any UDP). But possibly it does not affect all the foreign subnets: as with a recent blackout [2], when quite a few were affected, but not all of them.

[0] https://www.levada.ru/2025/04/24/polzovanie-internetom-sotsi...

[1] One of the recently seen public mentions is at https://blog.nommy.moe/blog/exotic-mesh-vpn/

[2] https://github.com/net4people/bbs/issues/490

I have tried just one cheap Dell laptop, Vostro 3515, which works mostly fine with Linux (it came with Ubuntu, I have installed Debian), but the touchpad becomes unreponsive sometimes (probably after a sleep), and at some point it refused to charge, which required an UEFI firmware update to fix, which in turn required Windows (I had to use Windows PE) to install, as the direct update (from the UEFI itself) was failing, and there is no Linux option.

Could have been worse, but now considering a Lenovo ThinkPad as a future replacement.

I heard similar sentiments about censorship efforts in Russia, but it does seem to work, unfortunately. So far they have outlawed and blocked major VPN providers (and keep blocking more, including non-commercial ones, like Tor bridges, and foreign hosting companies' websites), blocked major detectable protocols used for those (IPsec, WireGuard), made usage of proxying ("VPN") an aggravating circumstance for the newly-introduced crime of searching for "extremist" information. That seems to deter many people already, and once the majority is forced to use the local approved (surveilled, censored) services, it is even easier to introduce whitelists or simply cut international connections (as is already practiced temporarily and locally), at which point the ban is successfully applied to everyone.

That seems to be a better option for bots than for actual users: if you care about the account, you probably would not want to make its password resettable via a service like that. Or even via a regular email provider you do not trust, and those could easily be the only kind available.

Edit: As for heavily customized versions (Doom, spacemacs), I have not tried those myself, but occasionally saw people having issues with those, and others not being able to help them, since it was not clear what sort of magic is going on there. So I would not recommend those to new users, at least not if you would like to learn the basics and get a better hang of it, to be able to debug it, though some seem to be happy with those.