I mean, sure, but if you're sending him a PGP encrypted message, and his public key was messed with, the end result would just be his inability to open the message.
I think his actual point was to try and discredit the messenger.
It does matter. Someone could replace his public key with a fake one. Everything that would be encrypted so that only he could see it could end up in wrong hands, because somebody would trust "I'm encrypting using his public key, I can tell anything to that guy", and the bad guy would read it.
I'm confused how you think transferring the PGP key through secure means would prevent that. It only (mostly) ensures the message you receive is valid.
They could far more easily gain access to his server through a variety of means and upload a different copy of his key than try and do a MITM or whatever. It's not like he's going to notice if the key changes.
What you're proposing is that an intelligence service is going to MITM you and gain access to the journalist's computer or email server to read the messages you may send him? Why? The messages are unencrypted when read on his system and when typed on yours, so there are far easier ways to get at their contents.
Assuming you trust Keybase (or if not fully trust at least consider it part of a more general trust network) then the key can be verified against that. That it's hosted over HTTP or any other protocol is irrelevant if it's also attached to some trust network. You can obtain it, check the fingerprint and/or value against his Keybase information and determine then whether or not you trust the key.
Another fan here. There are some rough spots and there doesn't seem to be much done to fix them. I have already cloned the source but haven't found the time to build it yet.
My main gripe is that it doesn't treat closing the window as "exit", which means you must go to menu and select Exit if you want to remove session cookies and similar.
Another one is that selecting text is clumsy because standard Android lens is not used.
But I still prefer FF to its "all-your-data-are-belong-to-us" competition.
actually a whole session is the phone turning on and off. So I like this session behavior better. Otherwise unlike apps I have to login again and again to some websites.
I avoid videos on mobile like the plague anyway (because of shitty data plan), so I can't comment on that, but otherwise I'm a happy user of Firefox for Android, esp. because it has uBlock Origin available.
You may need to add a user-agent spoofing extension. Certain sites will not serve plain H.264 video to Firefox correctly, unless you pretend to be Safari mobile.
I use as my main browser too and I do not have specific problems with it. The greatest advantage is being able to use the same extensions as the desktop version.
That depends on your goal. If you just want to log in and work remotely in neovim, sure. But neovim won't provide tmux's feature of being able to reattach to a session in the face of unreliable connections.
That said, most of the time I use tmux is on localhost as a tiling window manager for terminal-based work. In those cases, it's very rare that I use tmux session recovery, so there's merit to simplifying the stack by dropping tmux.
Even if you did adopt the "nvim multiplexer" approach for local work, you could still use it remotely inside of one simple tmux pane. (i.e. ignore all features of tmux except for session management.)
I don't think so. This is why I primarily still use tmux, although I've recently been messing around with i3 and AwesomeWM on my linux box, which is superior to tmux. DTVM seems to be gaining ground, it's just not quite as feature rich as tmux.
