The main point I was trying to make is that, if you don't own a computer of your own and you are trying to leak something, an internet cafe or other public terminal that sees use by several people might be an effective way of hiding that you sent something. If you don't own a computer of your own you have no trusted place you can go to generate a PGP key, to set its passphrase securely, to encrypt email before you use the public terminal, to decrypt what you retrieved from the public terminal on your home machine (so your passphrase can't be keylogged or your key cannot be copied), and so forth. If you use a mass-market operating system (Windows, Mac OS X) you might have a computer that you own but cannot trust in any way. That's where opening a "throwaway" email address and sending something unencrypted is a viable use case. If you muck it up by trying to encrypt using PGP then possession of the key is persuasive (but not conclusive) evidence that you are the one that sent the email, and quickly becomes conclusive evidence if even the most basic automated surveillance techniques are used on that untrusted machine.

>One could argue that GnuPG is actually safer on a public terminal than generic online email access, because if you keep your keys on a USB stick, it's another critical piece of data that would have to get collected separately before the captured input data was of any use (this could be automated, but it'd be much harder than just running a keylogger, especially if one undertakes avoidance techniques).

One would be wrong. If an adversary is keeping a copy of every file that is opened on a USB stick (which would be trivial to add as an "update", "patch", or "option" to, say, an on-demand antivirus scanner) then it's game over.

>If one accesses an ordinary email service, the log would look like "gmail.com↲cookiecaper↲mypassword", which obviously contains all information necessary to access an account. As long as the private key is not automatically copied by the terminal, you can simply change your passphrase after each usage of a public terminal and it simply won't matter if someone stole your input or not.

If they have your key from the previous step then changing your passphrase does absolutely "jack" and "shit". Where are you going to change this passphrase anyway that's on a computer owned/trusted by you if you don't own a computer or don't want to tie that key back to your home machine and identity?

>The only issue is that in the real world, most terminals do not have GnuPG installed. We should be using taking this opportunity to try to change that, while public interest is on the topic.

Then you'll have backdoored copies of GnuPG installed on these machines that will offer you no security.

Not wanting to be in possession of key material which could tie the original message back to you would be a good example. PGP messages are not deniable.

I was thinking more of a situation where a worker trying to expose abuses has knowledge of how to use a computer but does not have a computer at home that they can trust. Either it's shared, is running an operating system that cannot be trusted (due to malware or other reason), is under active surveillance (not necessarily by a state-level actor), otherwise untrustworthy, or the leaker simply does not own one.

In that case there is no safe way to generate and store a PGP key, and possession of the associated key is a great way to break anonymity.

Nothing, and this is a valid solution if it fits your needs.