Look you fucking idiots and feds. GPG is very safe. Not much (available software) is safer than GPG for secure encrypted communications. If people use privnote, they are weak to MITM. Privnote is WORTHLESS. The goal of a communications encryption system is to protect communications between Alice and Bob from a malicious Eve who can view the channel between them. GPG does this by a mixture of an asymmetric algorithm such as RSA and a symmetric algorithm such as AES. When Alice writes a message to Bob, first a pseudorandom number generator generates a long session key, then the session key is fed to the symmetric algorithm to encrypt the Alice's plaintext. Then the session key is encrypted with Bob's public key. The final message is sent to Bob, it is a combination of the asymmetrically encrypted session key and the ciphertext. When Bob gets the message he needs to type his password in because his private key is stored symmetrically encrypted. Bob's password is used with a password based key derivation function (PBKDF) to generate a key that is used to decrypt the symmetrically stored asymmetric key, and then the asymmetric key in its plaintext form is used to decrypt the session key of the message from Alice. Then, the session key is used to decrypt the ciphertext and Bob gets the plaintext message from Alice. Since Eve doesn't have Bob's private key, she cannot decrypt the message even if she can see Alice send the message to Bob and obtain the ciphertext. Now, of course if Eve has Bob's private key she can decrypt the message. The only way to get the private key from Bob is to get a copy of it and decrypt it with Bob's password. GPG cannot really protect you from this, it already protects you as much as it can by storing your private key encrypted symmetrically in the first place. But if Eve uses a keylogger or a hidden camera, she can probably get enough passphrases and passwords from Bob to be able to get to private key and decrypt it. This is why Bob uses Tor to protect from traffic analysis, so Eve can not find him to target him in such a way. This is also why Bob uses traditional computer security, such as isolation, to make it so Eve can not get his passwords/keys via remotely hacking him. The biggest threat left for the GPG threat model in this case is that Eve could do a man in the middle attack, tricking Bob into thinking he has Alice's key and Alice into thinking she has Bob's key, when in reality they both have Eve's key, and Eve can then intercept messages and decrypt them prior to encrypting them again with the real key of Alice or Bob. This is a threat if Eve controls the channel Alice and Bob communicate over for the entire time, if Alice and Bob have done a legitimate key exchange before Eve takes over the channel they are still protected. It is always a good idea to have a few independently operated channels that you are in touch with a contact over, because then you can do key exchange or fingerprint verification through multiple channels and be protected from Eve doing a MITM attack unless she controls all of the channels. You can also use shared secrets and various other techniques to try to protect from this sort of MITM attack, there are various advanced techniques that can minimize the risk and maximize the probability of detection as well.
Now let's look at what privnote is. Privnote is a website that sends you a javascript script. This script could be malicious, even if you independently verify it is legitimate at one time, unless you verify it every single time it could be selectively bugged. Every time you get the script you either need to verify it is legitimate or risk it being bugged part of the time. Also, javascript is not a language that is any good for implementing cryptography for a variety of reasons, so not only is there a risk that the script can be bugged but there is also a certainty that the script is not ideal for cryptography anyway. But even if we assume that the script is ideal for cryptography, the system still fucking sucks. The shitty possibly bugged javascript script is sent to you, and then it generates a session key. The session key is then used to encrypt your plaintext message, and then the ciphertext is sent to the privnote server. At this point, assuming the script wasn't bugged (it could have been) or full of exploitable side channels (it probably is), privnote only has your ciphertext and an index it is stored under, so they cannot get the plaintext. Except now, you send this index AND the PLAINTEXT session key to Bob, over the channel. Guess what! Now if Eve owns the channel, she can MITM this session key. It isn't even encrypted, so every single time you send a message it is vulnerable. With GPG you are safe if Eve owns the channel AFTER a key exchange, with privnote you are FUCKED AFTER EVE OWNS THE CHANNEL, EVEN IF SHE DID NOT OWN IT WHEN YOU FIRST STARTED TALKING TO BOB. With Privnote, every single message is a key exchange, and not even an asymmetric key exchange, but a symmetric key exchange, and not just a symmetric key exchange, but a symmetric key exchange that also points to the ciphertext the symmetric key decrypts. Privnote is essentially you uploading a truecrypt container with your message in it to a server, and then sending the password to the container and a link to it to Bob. See how fucking stupid that is? With GPG you are fucked if the attacker finds you to get your private key, or hacks you and steals it, and gets your password. With Privnote, YOU SEND YOUR PASSWORD TO DECRYPT AN INDIVIDUAL MESSAGE WITH EVERY SINGLE INDIVIDUAL MESSAGE. Privnote destroys messages after they are read, but that doesn't mean that Bob wont make a copy and it doesn't mean that Eve wont read the message and let it be deleted and then make another copy of the same damn message and send Bob the key and link to that message. Privnote is worthless of every single level. It will amaze me to learn that it is not a federal wiretapping project trying to trick people into thinking they can use it safely, while in reality in trivially enables the feds to wiretap the people who use it to send messages over channels that they control.
If DPR or anyone else used privnote, every single fucking message they sent for the past three months would have 100% certainly have been compromised, since the feds owned the server for that long. For 3 months the feds were the Eve who owned the channel between Alice and Bob, people who had already done GPG key exchange prior to this were totally safe from them. People who used privnote were at high risk of having all of their messages sent over this period of time intercepted and viewed in plaintext by the feds, it would be even easier to do MITM against these people than people exchanging GPG keys over this time period, because the feds could get court orders against privnote making them cooperate in MITM attacks so they didn't even need to delete previous messages, the feds could just order privnote to not delete messages viewed by some federal IP address, and had at it viewing messages with the URL's and keys to decrypt them that they intercepted passing through the server, without the message being deleted, and then the vendor thinks he looks at it for the first time and views the same message and then it is deleted. This wouldn't even really be possible to detect if they did a MITM attack in this way, whereas if they did MITM attacks against GPG key exchanges it could have been detected if people were using advanced MITM detection techniques.
So in short, fuck off with this Privnote nonsense, it is bullshit from the ground up, it is broken from the ground up, everything about it sucks and it is not worth another second of thought. Anyone suggesting privnote is at high risk of being a fed, straight up.
