Discussion on:
View:
Show:
I have been using GnuPG now for about 2 months, and I love it. I am using it with the enigmail add on in Thunderbird.
enigmail. I was looking for the extension that handled gpg, but...
Ever tried to search mozilla extensions for an extension you don't know the name of?
I don't use encryption, but I have been asked to set it up for others. Thank goodness they've all used kmail up till now. But... time to get jiggy with enigmail.
Now, theoretically speaking, what if the eyes you wish to block belong to a foreign or domestic government? I would imagine, especially thanks to Bill Clinton's restrictions on encryption, that to government's eyes there is in practice basically no encryption using gpg.
gpg can keep the honest people honest, and thwart most other crackers, but as I understand it at least the US fedgov has the ability to decipher any publicly available encryption.
Governments all over the planet are getting pretty scary these days, they've deviated farther from their proper role than ever in human history. It ain't paranoid to desire keeping their eyes out of your private affairs.
I don't trust any of them, and I don't want them reading my mail. (though really have no particular reason, it's the principle) But they can and they do, and flippant tell you so anymore, and to my knowledge gpg isn't even a bump in the road.
One can argue gpg and similar are valuable to companies or researchers working on potentially profitable ideas, and keeping them secret protects that potential profitability.
Until one wakes up to the fact that the vast majority of government espionage is aimed at industrial/corporate targets.
I have heard spying on other governments or individuals for whatever reason constitutes around 20% of the total efforts. I can't attest to the veracity of that figure, but it came from a fairly knowledgeable and well connected film maker.
It may seem I'm drifting into a rant here, but I am trying to make the point that in some perspectives governments may indeed be legitimately viewed as counter to everyone's best interests.
Who knows how much of 'what is,' in the context of technological and other advances, is where it's at (and in who's hands?) as a result of government industrial espionage?
And again, they've reserved unto themselves the ability to decrypt just about anything. If I am Ford, gpg may keep my secrets out of GM's hands, but what about the goobermints of the world?
Ever tried to search mozilla extensions for an extension you don't know the name of?
I don't use encryption, but I have been asked to set it up for others. Thank goodness they've all used kmail up till now. But... time to get jiggy with enigmail.
Now, theoretically speaking, what if the eyes you wish to block belong to a foreign or domestic government? I would imagine, especially thanks to Bill Clinton's restrictions on encryption, that to government's eyes there is in practice basically no encryption using gpg.
gpg can keep the honest people honest, and thwart most other crackers, but as I understand it at least the US fedgov has the ability to decipher any publicly available encryption.
Governments all over the planet are getting pretty scary these days, they've deviated farther from their proper role than ever in human history. It ain't paranoid to desire keeping their eyes out of your private affairs.
I don't trust any of them, and I don't want them reading my mail. (though really have no particular reason, it's the principle) But they can and they do, and flippant tell you so anymore, and to my knowledge gpg isn't even a bump in the road.
One can argue gpg and similar are valuable to companies or researchers working on potentially profitable ideas, and keeping them secret protects that potential profitability.
Until one wakes up to the fact that the vast majority of government espionage is aimed at industrial/corporate targets.
I have heard spying on other governments or individuals for whatever reason constitutes around 20% of the total efforts. I can't attest to the veracity of that figure, but it came from a fairly knowledgeable and well connected film maker.
It may seem I'm drifting into a rant here, but I am trying to make the point that in some perspectives governments may indeed be legitimately viewed as counter to everyone's best interests.
Who knows how much of 'what is,' in the context of technological and other advances, is where it's at (and in who's hands?) as a result of government industrial espionage?
And again, they've reserved unto themselves the ability to decrypt just about anything. If I am Ford, gpg may keep my secrets out of GM's hands, but what about the goobermints of the world?
I think you'll want to read up on the concept of "threat modeling".
Gpg/pgp is, imo, industrial-strength encryption and was classified as a non-exportable munition for quite some time. That doesn't make it a magic security solution, just very, very impractical to decrypt without the correct key info.
If your encryption is good enough and someone wants your data badly enough, it becomes worthwhile to hack your box and install a keylogger, or send the MIB by with a rubber hose to politely ask for your encryption key - in those cases it doesn't really matter how strong your crypto is, no?
Build a 40-foot wall and someone will dig under it, or walk around it. Security's such fun...
Steve (Boo! hahahaha!)
Gpg/pgp is, imo, industrial-strength encryption and was classified as a non-exportable munition for quite some time. That doesn't make it a magic security solution, just very, very impractical to decrypt without the correct key info.
If your encryption is good enough and someone wants your data badly enough, it becomes worthwhile to hack your box and install a keylogger, or send the MIB by with a rubber hose to politely ask for your encryption key - in those cases it doesn't really matter how strong your crypto is, no?
Build a 40-foot wall and someone will dig under it, or walk around it. Security's such fun...
Steve (Boo! hahahaha!)
Low as they are, there are still standards, for surveillance of citizens. Using encryption at least increases the challenge to corrupt bureaucrats, and increases the likelihood that they'll have to enlist assistance of an honest co-worker. With each additional accomplice, the likelihood of an honest one who will blow the whistle increases. Like any other safety or security measure, the most you can do is make criminals' goals harder to achieve.
I want to create a biometric usb flash drive with a keysafe and seamonkey(mozilla (mail,web,etc)). I also would like to i/f it with a LDAP server and apache to serve up an encrypted web.
Any suggestions appreciated.
Thank you Chris
Any suggestions appreciated.
Thank you Chris
Well, thanks to this easy to understand article, I now have a set of keys. My next question is, how do I put these keys in the right place in Evolution for signing mail? When browsing for file locations in the utility in Evolution, I am unable to see the "dot" files. Also there are several keys in the .gnupg folder, which do I use for mail?
What is a "key signing"? It seems to be some sort of physical authentication process, but how does it work?
What is a "key signing"? It seems to be some sort of physical authentication process, but how does it work?
kind of says it all for the drawbacks to gpg.
unless you get the signature to be carried by a trusted key server that warning will always show up for recipients of a signed email.
[ or, if you delete the list of trusted Certificate authorities like I do, every ssl website and signed email throws the untrusted warning up. ]
I see "untrusted good signature" in emails all the time, after I've imported the key from a keyserver. I don't mind the untrusted part, since unless you have known the person / company for a while, thee is no way you should trust them.
unless you get the signature to be carried by a trusted key server that warning will always show up for recipients of a signed email.
[ or, if you delete the list of trusted Certificate authorities like I do, every ssl website and signed email throws the untrusted warning up. ]
I see "untrusted good signature" in emails all the time, after I've imported the key from a keyserver. I don't mind the untrusted part, since unless you have known the person / company for a while, thee is no way you should trust them.
I'm very ignorant when it comes to encryption. Is this only for email? Apologies for sounding dumb. This program doesn't seem good to implment unless the receiving email server or the MUA using the same key, right? Is that the purpose to keep the email dialog safe between the sender and reciever? Can this program be applied for other purposes? I'd appreciate any response or posted links to clarify? Thank you you all.
I'm very ignorant when it comes to encryption. Is this only for email? Apologies for sounding dumb.
Not to worry, you only look dumb; you don't sound like anything. Just kidding.
Yes, you can encrypt any file, not just email.
This program doesn't seem good to implment unless the receiving email server or the MUA using the same key, right?
Well, you create your own "private key" which only you know, and your own "public key" which you only share with people with whom you have secrets. Check some of the links at the top of the article for more info. I'm by no means an expert, so I won't say more about the technical details of encryption, and get half of them wrong for you.
Not to worry, you only look dumb; you don't sound like anything. Just kidding.
Yes, you can encrypt any file, not just email.
This program doesn't seem good to implment unless the receiving email server or the MUA using the same key, right?
Well, you create your own "private key" which only you know, and your own "public key" which you only share with people with whom you have secrets. Check some of the links at the top of the article for more info. I'm by no means an expert, so I won't say more about the technical details of encryption, and get half of them wrong for you.
And thanks for having a good sense of humour about it. It's appreciated.
And thanks for having a good sense of humour about it.
You haven't lived in Imperial Beach, CA, very long, have you?
You haven't lived in Imperial Beach, CA, very long, have you?
The keys come in pairs - a public key and a private key.
When you want to send a message to someone you encrypt it with THEIR public key. They then decrpyt it with their private key, which no-one else has, so no-one else can decrypt it.
When you want to send a message to someone you encrypt it with THEIR public key. They then decrpyt it with their private key, which no-one else has, so no-one else can decrypt it.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
