Identifying the risks
How likely are the previous risks? The risk of active government surveillance in most
countries is fortunately low. However, the consequences of this attack are very damaging.
The risk of being caught up in passive surveillance by a state actor, as we have learned
from Edward Snowden, is very likely. However, by using GPG, we add protection against
this threat. An active cracker seeking you harm is probably unlikely. Contracting
keystroke-capturing malware, however, is probably not an unreasonable event. A 2013
study by Microsoft concluded that 8 out of every 1,000 computers were infected with mal-
ware. You may be tempted to play these odds but let's rephrase this statement: in a group of
125 computers, one is infected with malware. A school or university easily has more com-
puters than this. Lastly, only you can assess the risk of a jealous ex-lover.
For the full Microsoft report, refer to http://blogs.technet.com/b/security/archive/2014/03/