mojoman wrote:It goes to show that even minor changes can improve security quite a lot.
That is my approach.
Doing as much as i can, without going nut by it.
Say: if i am not able to understand all of the basics of gpg, there is no need to worry if rsa-keys are fully secure or not. It is good enough for most people out there, so it is good for me too. Once i know the basic i can start thinking about security holes in the middle of nowhere, but not earlier.
And 1) how high the security level needs to be and 2) how much comfort one is willing to give up (say no pictures or no videos) is something everyone needs to know himself. I would not want to give up on pics and videos altogether (but i give up on a lot, as tor is too slow for youtube and i don't use flash. Would be insane to recommend that to others, who use the Web completely different than i do. Nothing wrong with neither way, imho). Rome was not build in a day, so to speak.