Vendor asked to use Privnote for address

A reputable vendor on Nucleus asked me to resend my address because it wasn't working using Privnote or try again with pgp, is this normal? How safe is Privnote?


Comments


[8 Points] splicer206:

"or try again with pgp"

This one, do this one. Also make sure your public key is correct.


[2 Points] TheOpiateKing:

Lots of people are against privnote but it's safe IMO and many top vendors use it.


[2 Points] Poiroi:

Might be a silly question but you're using the vendors key to encrypt your data, yeah?


[1 Points] IsThatPurple:

Servers seems to be in Ireland. But it says "Amazon Technologies Inc."

I don't say it's risky, but you can't completely trust this motherfuckers


[1 Points] PhriskyDingough:

Sounds like your vendor doesn't know how to pgp. Or else you encrypted your address to someone else accidentally. I've done that before.


[1 Points] plutopete:

People often mess up their pgp address when ordering, usually because they used the wrong key or they missed a dash when copying and pasting. The vendor gives you the option of trying again with pgp, he's not forcing you to use Privnote.


[1 Points] WhispersFromAB:

We are firmly against Privnote. It is hosted on Amazon Web Services, an arm of a US-based company with a track record of supporting surveillance. Given it is not open source, nobody really knows how/when/if they actually delete messages. As far as we're concerned, it's very much an unsafe mode of communication in and of itself.

If you do use it, do so in addition to PGP, not as a replacement.


[1 Points] AdventureTimeSupply:

Using privnote is bad opsec. Period. End of story. Anything sent to privnote is fully accessible to whoever runs privnote. If you're a vendor, LE can target you with a unique link and risk leaking identifying data.