Re: Gnupg-users Digest, Vol 184, Issue 22
On Sun, Feb 03, 2019 at 12:49:06PM +0100, Stefan Claas wrote: > On Sun, 3 Feb 2019 04:14:06 -0500, Robert J. Hansen wrote: > > I think i have to look harder to find a cross-platform FOSS solution > that works the same. Signal seems to work that way. Well, it relies on a server, but you can host your own server. See for instance https://www.reddit.com/r/signal/wiki/faq#wiki_can_i_host_my_own_server.3F ). So in that sense, you could directly connect to the person you want to talk to, if one of you cares to run your own server. -- Brian Minton brian at minton dot name https://brian.minton.name Live long, and prosper longer! OpenPGP fingerprint = 8213 71DD 4665 CF4F AE20 2206 0424 DC19 B678 A1A9 signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On Sun, 3 Feb 2019 23:38:35 -0500, Robert J. Hansen wrote: > > Well, i can only say last time i used PGPfone was in 2014, with a friend. > > We both used a website that showed us our IP addresses and it worked > > fine. We only had to set UDP port 17447 in our routers, for incoming > > and outgoing connections. > > "All you had to do" was: > > (a) understand computer networking well enough to understand what you > needed to do, > > (b) know your router could be used to do port forwarding, > > (c) log into your router, navigate bad UX, > > (d) probably switch your DHCP allocation to a static one, so you > wouldn't have to do this again every time you acquired a new DHCP lease, > > (e) and on and on and on. > > No, PGPfone was not "easier to use". The skills required to use it were > far in excess of what most users possessed. > > I get that you liked PGPfone. Nothing wrong with that. But there are > good reasons it failed to get traction in the privacy community, most of > them revolving around user-unfriendliness and inconvenience. With all due respect, my friend has no crypto experience at all and also noodles not around with network settings, but found PGPfone easy to use as well. But people with Windows boxes can tryout themselves and ask themselves why it was not further developed for the (Linux) community ... And if it is really so hard to use, like you wan't to make people believe, then one can pick-up the development idea from my previous posting and provide us with a solution that uses .onion addresses, like Onionshare does. ;-) Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
> Well, i can only say last time i used PGPfone was in 2014, with a friend. > We both used a website that showed us our IP addresses and it worked > fine. We only had to set UDP port 17447 in our routers, for incoming > and outgoing connections. "All you had to do" was: (a) understand computer networking well enough to understand what you needed to do, (b) know your router could be used to do port forwarding, (c) log into your router, navigate bad UX, (d) probably switch your DHCP allocation to a static one, so you wouldn't have to do this again every time you acquired a new DHCP lease, (e) and on and on and on. No, PGPfone was not "easier to use". The skills required to use it were far in excess of what most users possessed. I get that you liked PGPfone. Nothing wrong with that. But there are good reasons it failed to get traction in the privacy community, most of them revolving around user-unfriendliness and inconvenience. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
Hi Stefan, youre welcome! :) I really don't know how far the developement of this software is. They did introduce their project to a few people at the FOSDEM 2016. And if I remember right they did get a funding by the p≡p Foundation; but not fully sure about this last point. regards Juergen Am 03.02.19 um 21:56 schrieb Stefan Claas: > On Sun, 3 Feb 2019 21:43:34 +0100, Juergen Bruckner wrote: > > Hi Juergen, > >> ever had a look at "Jami" (formerly 'ring') [1] >> >> >> regards >> Juergen >> >> [1]https://jami.net/ > > Thanks a lot, will look into it. > > Regards > Stefan > -- Juergen M. Bruckner juer...@bruckner.tk smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On Sun, 3 Feb 2019 21:43:34 +0100, Juergen Bruckner wrote: Hi Juergen, > ever had a look at "Jami" (formerly 'ring') [1] > > > regards > Juergen > > [1]https://jami.net/ Thanks a lot, will look into it. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
Hello Stefan, ever had a look at "Jami" (formerly 'ring') [1] regards Juergen [1]https://jami.net/ Am 03.02.19 um 12:49 schrieb Stefan Claas: > On Sun, 3 Feb 2019 04:14:06 -0500, Robert J. Hansen wrote: >>> Maybe someone, in the future, can pick-up the idea of PGPfone and develop >>> it further >>> so that it can be used on Linux too or modern macOS. The old Windows >>> version still runs >>> fine, under Windows 7, for example. >> >> Why? >> >> It's a serious question. What exact feature set was there present in >> PGPfone which you believe is not easily available with out-of-the-box >> software solutions? > > What i liked about PGPfone was that you could directly connect to your > communications partner, without any servers involved and it was super > easy to use. You simply put in the (current) IP Adress, connect and then > read some displayed letters to each other, to prevent MITM, and then > communicated. There was no learning curve involved. > > I think i have to look harder to find a cross-platform FOSS solution > that works the same. > > Regards > Stefan > > > > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Juergen M. Bruckner juer...@bruckner.tk smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
just...@colmena.biz Emited more politics not to list remit. http://lists.gnupg.org/mailman/admin/gnupg-users/privacy/sender has eg reject_these_nonmembers etc Cheers, Julian -- Julian Stacey, Consultant Systems Engineer, BSD Linux Unix, Munich Aachen Kent ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On February 3, 2019 7:48:28 AM AKST, "Robert J. Hansen" wrote: >> What i liked about PGPfone was that you could directly connect to >your >> communications partner, without any servers involved and it was super >> easy to use. You simply put in the (current) IP Adress, connect and >then >> read some displayed letters to each other, to prevent MITM, and then >> communicated. There was no learning curve involved. > >In the era before NAT, this may have made sense. In today's >NAT-pervasive era, not so much. > >Under NAT, your IP address is hidden from the rest of the internet. >The >address my router gives me is not one the outside world can use to >route >information to me; and if I go to a website that lists my IP, that's >actually my router's IP, not mine. > >I won't go into how NAT works except to say that under NAT, connections >cannot[1] be made from one peer to another. You need a server that's >not NATted in order to facilitate connections between peers. > >So -- I hate to be the one to tell you this, but the architecture of >the >internet has changed dramatically since PGPfone was released in ... >what >was it, '94? Today, one of the major purposes of these servers is to >facilitate traversing NATs. > > >[1] It's technically possible to do peer to peer behind NAT, but beyond >the technical capabilities of the vast majority of users. > >___ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users The official answer to NAT is IPv6. Works quite well, except for a few technology luddites. Other than that, my place was SWATted about 1:30am last night. The previous night the phone rang at 4:38am, caller ID from Washington, D.C. A strange car had been parked at my place, listening for the phone to ring. We've got to think outside the box on that one. There's a German pub down the street, the "West Berlin," just across from the local telephone office, GCI, yes, luddites, all NAT, no IPv6. Gotta go AT for that. So think reality: location, location, location. It's S.O.P. for the C.C.C., and no, we're not talking about the Civilian Conservation Corps. Young white male cops on the graveyard shift, amped up on adrenaline and testosterone, brash and eager to make their bones on a big bust. That color-of-law stuff from the feds is starting to get to them. Talk too much on the phone, and there's bound to be some girl or female operator pressing charges by the minute. "Get off my block, bitch, I'm listening!" she mutters in a sleepy voice. It's the Democratic boiler room Party line. The ladies have a stranglehold on the telephone surveillance business, yes, those ladies, meaning none other than Dianne Feinstein and friends on the Senate Intelligence Committee, Eve and Mallory listening to Alice and Bob. -- Una Milicia bien regulada, estando necesaria a la seguridad de un Estado libre, el derecho del pueblo de tener y de portar Armas, no será infringido. https://www.colmena.biz/~justina/contacto.php signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On Sun, 3 Feb 2019 20:12:19 +0100, Stefan Claas wrote: > Well, i can only say last time i used PGPfone was in 2014, with a friend. > We both used a website that showed us our IP addresses and it worked > fine. We only had to set UDP port 17447 in our routers, for incoming > and outgoing connections. > > I currently have no Windows box, otherwise i would try it out again > and let you know. Maybe, if such a software would see the light again it could be done via Tor usage, like Onionshare works. People set up a Tor Hidden Service on their own computer, like Onionshare does and then you provide the .onion address to the caller ... Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On Sun, 3 Feb 2019 11:48:28 -0500, Robert J. Hansen wrote: > > What i liked about PGPfone was that you could directly connect to your > > communications partner, without any servers involved and it was super > > easy to use. You simply put in the (current) IP Adress, connect and then > > read some displayed letters to each other, to prevent MITM, and then > > communicated. There was no learning curve involved. > > In the era before NAT, this may have made sense. In today's > NAT-pervasive era, not so much. > > Under NAT, your IP address is hidden from the rest of the internet. The > address my router gives me is not one the outside world can use to route > information to me; and if I go to a website that lists my IP, that's > actually my router's IP, not mine. Well, i can only say last time i used PGPfone was in 2014, with a friend. We both used a website that showed us our IP addresses and it worked fine. We only had to set UDP port 17447 in our routers, for incoming and outgoing connections. I currently have no Windows box, otherwise i would try it out again and let you know. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
> What i liked about PGPfone was that you could directly connect to your > communications partner, without any servers involved and it was super > easy to use. You simply put in the (current) IP Adress, connect and then > read some displayed letters to each other, to prevent MITM, and then > communicated. There was no learning curve involved. In the era before NAT, this may have made sense. In today's NAT-pervasive era, not so much. Under NAT, your IP address is hidden from the rest of the internet. The address my router gives me is not one the outside world can use to route information to me; and if I go to a website that lists my IP, that's actually my router's IP, not mine. I won't go into how NAT works except to say that under NAT, connections cannot[1] be made from one peer to another. You need a server that's not NATted in order to facilitate connections between peers. So -- I hate to be the one to tell you this, but the architecture of the internet has changed dramatically since PGPfone was released in ... what was it, '94? Today, one of the major purposes of these servers is to facilitate traversing NATs. [1] It's technically possible to do peer to peer behind NAT, but beyond the technical capabilities of the vast majority of users. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On Sun, 3 Feb 2019 04:14:06 -0500, Robert J. Hansen wrote: > > Maybe someone, in the future, can pick-up the idea of PGPfone and develop > > it further > > so that it can be used on Linux too or modern macOS. The old Windows > > version still runs > > fine, under Windows 7, for example. > > Why? > > It's a serious question. What exact feature set was there present in > PGPfone which you believe is not easily available with out-of-the-box > software solutions? What i liked about PGPfone was that you could directly connect to your communications partner, without any servers involved and it was super easy to use. You simply put in the (current) IP Adress, connect and then read some displayed letters to each other, to prevent MITM, and then communicated. There was no learning curve involved. I think i have to look harder to find a cross-platform FOSS solution that works the same. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
> Maybe someone, in the future, can pick-up the idea of PGPfone and develop it > further > so that it can be used on Linux too or modern macOS. The old Windows version > still runs > fine, under Windows 7, for example. Why? It's a serious question. What exact feature set was there present in PGPfone which you believe is not easily available with out-of-the-box software solutions? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
Message-id: Date: Fri, 01 Feb 2019 18:26:21 -0900 (Sat 04:26 CET) >From justina colmena had nothing relevant to list remit https://lists.gnupg.org/mailman/listinfo/gnupg-users Cheers, Julian -- Julian Stacey, Consultant Systems Engineer, BSD Linux Unix, Munich Aachen Kent http://www.berklix.uk/brexit/#email_an_mp ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On February 1, 2019 10:05:58 AM AKST, Stefan Claas wrote: >On Thu, 31 Jan 2019 19:43:35 -0900, justina colmena wrote: > >> With regards to PGPfone etc., all you need to do is run Asterisk on a >server somewhere, enable SIP with encryption. >> If you or your conversation partner don't have a public key, there is >a voice verification of endpoints, but do note >> that encrypted real-time voice conversations are extremely difficult >to protect from packet-timing and other >> side-channel attacks which often trivially reveal a muffled but clear >recording and transcript. > >Thanks for the info, but i do not want to install server software, for >encrypted communications, >where 3rd parties could have theoretically access to it. > >Maybe someone, in the future, can pick-up the idea of PGPfone and >develop it further >so that it can be used on Linux too or modern macOS. The old Windows >version still runs >fine, under Windows 7, for example. > >Regards >Stefan > >P.S. About my domain name, for the interested women or children, please >take >a look here: https://en.wikipedia.org/wiki/Baud I am definitely not asking anyone to install anything for my use. I'm just trying to explain AFAIK, what you need to do if you want to experiment with voice encryption. I don't want to be held responsible for it or arrested for it any more than anyone else, and I'm also trying to explain how some of these things come across to authorities who continually amd repeatedly insist on viewing all such matters in the worst possible light. Didn't Martin Luther say to place the best construction on all things? But no, we must submit to "parallel construction" and falsely sworn warrants by over-informed and under-educated law enforcement officers. "Thou shalt not bear false witness" and all that, and we just had a holiday, Dr. Martin Luther King Jr. day - and that's right, now that I think about it - not only a doctorate like his German namesake, but his father and grandfather and their wives must have been staunch Lutherans as well, in so far as to name one son after another after him. There is so much Catholic insistence on communist totalitarianism under a papal dictatorship of the proletariat, and opposition in the name of that religion to every precept of human rights and due process of law, that even the Finnish Protestants preach "oikeutta" & "lain oikeaa käyttöä" in church, because like us they have not attained to such rights and freedoms in this life on Earth, and so the struggle continues against Catholicism. The full name of "baud" is "Baudot," a Frenchman, if I recall correctly, a contemporary of Hartley or Shannon, definitely a co-worker on such matters. Living relatives? Is it another family feud? France is practically at war already with a migrant situation, the recent Europol or Interpol shake-up with China or Russia or South Korea, general E.U. upheaval, Brexit sympathies, and so on and so forth. -- Una Milicia bien regulada, estando necesaria a la seguridad de un Estado libre, el derecho del pueblo de tener y de portar Armas, no será infringido. https://www.colmena.biz/~justina/contacto.php signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
On January 30, 2019 1:47:41 PM AKST, Stefan Claas wrote: >On Wed, 30 Jan 2019 12:46:26 -0800, Allen M. Juinio wrote: >> > Date: Wed, 30 Jan 2019 20:44:07 +0100 >> > From: Stefan Claas > >> > On the other side i wish PGPfone would have been further developed. >> > I found it, way back then, pretty cool and super easy to use, >compared >> > to PGP or GnuPG. > >> Have you tried using Signal from Open Whisper Systems? They have >both an Android and Apple version. > >Thanks, i am aware of Signal, but what i mean is to communicate >directly >and not via servers and also by not giving away phone numbers. > >With PGPfone one needed only the (current) IP address of its >communication >partner and then connected directly, without any servers involved. > >Regards >Stefan > >___ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users I don't mean to sound rude or out of place, but there appear to be too many distractions to have a productive discussion on this list, and there are some critical issues, because GnuPG has become an essential part of many important systems throughout the free and open source software community. The weekly "digest" option for the mailing list should be no-reply. People who wish to participate in a pointed or on-topic discussion really need to receive each email message independently. I realize it's a German domain, but 300baud.de is just really obnoxious in English. The phrase "300 baud" itself is, of course, completely unobjectionable hacker lore, but baud+de = "bawdy" as in "bawdy house" which is extremely vulgar in English. Only for the gentlemen. That sort of "humor" is not friendly to women and children, and I know especially a lot of women and girls would otherwise be very interested in cryptography, PGP-encrypted email, etc. Let's lose the vulgarity and focus on Alice's secret message to Bob, something Eve or Mallory has no need to know, basic elements of what needs to be done right with respect to the core functionality of GnuPG. Not to advertise, but my own domain is the Spanish word "colmena" (hive, colony of bees, beehive in English) with the "biz" tld, slang for "business." Bees are busy, and they make that buzzing noise. Point being, it's entirely possible to avoid a lewd implication or double entendre. I can't let people take me for all honey and no sting with my domain. With regards to PGPfone etc., all you need to do is run Asterisk on a server somewhere, enable SIP with encryption. If you or your conversation partner don't have a public key, there is a voice verification of endpoints, but do note that encrypted real-time voice conversations are extremely difficult to protect from packet-timing and other side-channel attacks which often trivially reveal a muffled but clear recording and transcript. The human voice is in a certain sense "too rich" to hide or conceal, and the Bible tells of a "line" of every signal or sound that extends to be heard to the ends the earth, and of the ungodly that "the sound of his words shall come unto the Lord for the manifestation of his wicked deeds." -- Una Milicia bien regulada, estando necesaria a la seguridad de un Estado libre, el derecho del pueblo de tener y de portar Armas, no será infringido. https://www.colmena.biz/~justina/contacto.php signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 184, Issue 22
> Date: Wed, 30 Jan 2019 20:44:07 +0100 > From: Stefan Claas > To: Peter Lebbing > Cc: gnupg-users@gnupg.org > Subject: Re: [OT] Where can I find some papers to read on mail (and >envelope) security? > Message-ID: <20190130204407.4c195...@300baud.de> > Content-Type: text/plain; charset=US-ASCII > > [SNIP] > > On the other side i wish PGPfone would have been further developed. > I found it, way back then, pretty cool and super easy to use, compared > to PGP or GnuPG. > > Regards > Stefan Have you tried using Signal from Open Whisper Systems? They have both an Android and Apple version. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users