Re: Feature proposal - image encryption
On Tue, 8 Jan 2019 13:28, jc.gnupg...@unser.net said: > I beg to differ. Given the classic Unix philosophy of chaining small tools > which do their job well, GnuPG is already way too complex, especially for > casual users. I generally prefer the ImageMagick concept of small tools I would have send a very simlar answer. Maybe focusing on code complexity instead of complexity as perceived by the user. No rule without exception: We have one tool in GnuPG which kind of violates the Unix philosophy by providing a clone of the tar command. However, we have two reason for that a) There is no tar on Windows and we are not able to use the script we use on Unix and b) the encrypted tar format requires a pretty special version of tar and todays tar tools are not all able to create that variant of the format (ustar). To do image encryption according to whatever standard it is best to either modify an image tool to make use of gpgme (or if really needed of gpg directly) or to write a small tool which does the same using the standard image libraries and gpgme. Libreoffice recently did it in the first way and I wish someone sits down and writes a tool to do the same for PDF. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpdef_oKcQr8.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature proposal - image encryption
On Sun, Jan 06, 2019 at 11:12:28PM +0100, Stefan Claas wrote: GnuPG is world standard for email and probably file encryption, so why not for image encryption too? :-) As Dirk already said, you can encrypt image files with GnuPG already ;-) And why should I trust people less who maintain complicated software like (the fantastic) ImageMagick? At least it would not hurt to have such feature in GnuPG. ;-) I beg to differ. Given the classic Unix philosophy of chaining small tools which do their job well, GnuPG is already way too complex, especially for casual users. I generally prefer the ImageMagick concept of small tools (convert, identify, mogrify, ...). So using ImageMagick for image encryption (in the way you want to use it) is fine, as using GnuPG for general file encryption is fine too. Creating the "eierlegende Wollmilchsau"[*] (what next: steganography in GnuPG? Or add audio encryption?) rarely does something good in the software world. --jc [*] For reader's who don't know the "concept" take a look at https://de.wikipedia.org/wiki/Eierlegende_Wollmilchsau ;-) -- Doctorow's Law: Anytime someone puts a lock on something you own, against your wishes, and doesn't give you the key, they're not doing it for your benefit. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature proposal - image encryption
Am Sonntag, den 06.01.2019, 23:42 +0100 schrieb Stefan Claas: > On Sun, 06 Jan 2019 23:19:24 +0100, Dirk Gottschalk wrote: > Hi Dirk, > > > GnuPG is world standard for email and probably file encryption, > > > so > > > why not for image encryption too? :-) > > > At least it would not hurt to have such feature in GnuPG. ;-) > > Except for the weeks, months, or years, which were needed to > > firstly implement the JPeg format, for example and the other ten > > millions of picture formats out there in the world. ;) > PNG is imho the current standard for Internet usage. Jpeg with its > compression artifacts and other formats are also mentioned as not > recommended to use with ImageMagick encryption. Yes, I read it earlier. But, the picture formats have to be inplemented anyways. and GPG is not intended to do this kind of file processing. By the way, AFAIT it was you who said, GPG has to much functions and options. ^^ Just kidding. > > I see what you mean regarding to promotion and so on. But, under > > the > > line, it's not worth the trouble. ^^ > Well, it is Werner's baby, so not my job to decide. It was only a > proposal and not meant as a must have request. Yes, it is Werners, and the rest of the core teams, decision. But this does not keep us away from discussing such things. Regards, Dirk -- Dirk Gottschalk Paulusstrasse 6-8 52064 Aachen, Germany GPG: DDCB AF8E 0132 AA54 20AB B864 4081 0B18 1ED8 E838 Keybase.io: https://keybase.io/dgottschalk GitHub: https://github.com/Dirk1980ac signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature proposal - image encryption
On Sun, 06 Jan 2019 23:19:24 +0100, Dirk Gottschalk wrote: Hi Dirk, > > GnuPG is world standard for email and probably file encryption, so > > why not for image encryption too? :-) > > > At least it would not hurt to have such feature in GnuPG. ;-) > > Except for the weeks, months, or years, which were needed to firstly > implement the JPeg format, for example and the other ten millions of > picture formats out there in the world. ;) PNG is imho the current standard for Internet usage. Jpeg with its compression artifacts and other formats are also mentioned as not recommended to use with ImageMagick encryption. > I see what you mean regarding to promotion and so on. But, under the > line, it's not worth the trouble. ^^ Well, it is Werner's baby, so not my job to decide. It was only a proposal and not meant as a must have request. Regards Stefan pgpBNZRjBzDXH.pgp Description: Digitale Signatur von OpenPGP ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature proposal - image encryption
Hi Stefan. Am Sonntag, den 06.01.2019, 23:12 +0100 schrieb Stefan Claas: > On Sun, 06 Jan 2019 22:13:50 +0100, Dirk Gottschalk wrote: > Hi Dirk, > > I don't think GPG should start to mangle with other data formats. > > ImageMagick does the trick. Why should we invent the wheel a second > > time? > My thinking is that people using security tools like GnuPG might > not trust tools from graphic tools programmers. And the second > thought is in case GnuPG would allow this people like us could > promote GnuPG for that in Computer Graphics communities and > in other places, which are much bigger than encryption communities. So, just encrypt a file the usual way with GPG. ^^ I see, what you're talking about. It's the Embedding into websites, what IM mentions. But, why should somebody distrust the aes implementation of an open source tool? Everybody can read the source, if he wants. I believe they just use one of the crypto-libraries available, like libcrypt, or libgcrypt, for example. > GnuPG is world standard for email and probably file encryption, so > why not for image encryption too? :-) > At least it would not hurt to have such feature in GnuPG. ;-) Except for the weeks, months, or years, which were needed to firstly implement the JPeg format, for example and the other ten millions of picture formats out there in the world. ;) I see what you mean regarding to promotion and so on. But, under the line, it's not worth the trouble. ^^ Regards, Dirk -- Dirk Gottschalk Paulusstrasse 6-8 52064 Aachen, Germany GPG: DDCB AF8E 0132 AA54 20AB B864 4081 0B18 1ED8 E838 Keybase.io: https://keybase.io/dgottschalk GitHub: https://github.com/Dirk1980ac signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature proposal - image encryption
On Sun, 06 Jan 2019 22:13:50 +0100, Dirk Gottschalk wrote: Hi Dirk, > I don't think GPG should start to mangle with other data formats. > ImageMagick does the trick. Why should we invent the wheel a second > time? My thinking is that people using security tools like GnuPG might not trust tools from graphic tools programmers. And the second thought is in case GnuPG would allow this people like us could promote GnuPG for that in Computer Graphics communities and in other places, which are much bigger than encryption communities. GnuPG is world standard for email and probably file encryption, so why not for image encryption too? :-) At least it would not hurt to have such feature in GnuPG. ;-) Regards Stefan pgpmbLQE8L6li.pgp Description: Digitale Signatur von OpenPGP ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature proposal - image encryption
Hello Stefan. Am Sonntag, den 06.01.2019, 12:33 +0100 schrieb Stefan Claas: > On Sun, 6 Jan 2019 11:11:42 +0100, Stefan Claas wrote: > > Hi Werner and all, > > > > while looking for solutions to encrypt images, so that > > they are still viewable, i thought why not asking if such > > a feature could be implemented in the future in GnuPG. > > > > Here is a sample image, encrypted with the free Software > > ImageMagick, using the AES Cipher. > > > > https://postimg.cc/LJt8NRW2 > > And while thinking about a compromised Computer... > > Maybe it would be also very nice if the Pinentry program > would allow in the future also mouse input via an additional > virtual keyboard, like for example the software for the > Kanguru Defender 3000 USB stick has. Thus in case of such > a scenario one would simply draw a message, in let's say > the free Gimp software, encrypt the image and voilá a secret > message could still be created and send, imho. A virtual keyboard does not mitigate the vulnerability to key loggers or similar sniffing technologies. One could still be able to observe the data exchange between processes as long they are not isolated. I don't think GPG should start to mangle with other data formats. ImageMagick does the trick. Why should we invent the wheel a second time? Regards, Dirk -- Dirk Gottschalk Paulusstrasse 6-8 52064 Aachen, Germany GPG: DDCB AF8E 0132 AA54 20AB B864 4081 0B18 1ED8 E838 Keybase.io: https://keybase.io/dgottschalk GitHub: https://github.com/Dirk1980ac signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature proposal - image encryption
On Sun, 6 Jan 2019 11:11:42 +0100, Stefan Claas wrote: > Hi Werner and all, > > while looking for solutions to encrypt images, so that > they are still viewable, i thought why not asking if such > a feature could be implemented in the future in GnuPG. > > Here is a sample image, encrypted with the free Software > ImageMagick, using the AES Cipher. > > https://postimg.cc/LJt8NRW2 And while thinking about a compromised Computer... Maybe it would be also very nice if the Pinentry program would allow in the future also mouse input via an additional virtual keyboard, like for example the software for the Kanguru Defender 3000 USB stick has. Thus in case of such a scenario one would simply draw a message, in let's say the free Gimp software, encrypt the image and voilá a secret message could still be created and send, imho. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users