Hi,
I am using GnuPG to encrypt a plain text file of my passwords.
How secure is it to use my own public key as the encryption method
(rather than symmetric), given that the password file is stored on the
same drive as my public and private keys?
Thanks.
Did you ever get a solution to your problem decompressing ZIP.PGP files?
I think someone I am working with is having a similar problem.
Robert Mundkowsky
Employers
Sr. Applications Developer
500 N. Brand Blvd
Glendale, Ca 91203
rmundkow...@eig.com mailto:rmundkow...@eig.com
Tel: (818)
http://support.apple.com/kb/HT1620
How to use the Apple Product Security PGP Key
http://www.apple.com/support/security/pgp/
Protecting Security Information
F.Y.I.: I've not noticed anything similar from Microsoft and other software
companies.
Most seem to be happy with MD5 and SHA1 for files
On Feb 23, 2009, at 8:49 AM, gerry_lowry (alliston ontario canada)
wrote:
http://support.apple.com/kb/HT1620
How to use the Apple Product Security PGP Key
http://www.apple.com/support/security/pgp/
Protecting Security Information
F.Y.I.: I've not noticed anything similar from Microsoft
Robert and David, thank you for increasing my understanding
and pointing out the errors I made.
g.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
a paranoid's answer to your question:
your passphrase is also required ... so my best guess is that you are more or
less safe;
others on this list would know better than myself.
Here's the paranoid part: if your system became compromised with a keylogger,
The easier it is for beginners to understand PGP/GPG technology,
the faster its adoption into general use by the public will occur.
Suggestion: add help as an option to
gpg --gen-key
and gpg --edit-key [ ID ] addkey
Example:
Please select what kind of key you want:
Hi!
Chris Poole schrieb:
How secure is it to use my own public key as the encryption method
(rather than symmetric), given that the password file is stored on the
same drive as my public and private keys?
The simple answer is: It doesn't matter, both methods are equally secure
(with the
Date: Mon, 23 Feb 2009 11:36:49 -0500
From: gerry_lowry \(alliston ontario canada\)
gerry.lo...@abilitybusinesscomputerservices.com
Subject: Re: How secure asymmetric encryption to yourself?
a paranoid's answer to your question:
More paranoia: when you're viewing your file as plain text
Sven Radde wrote, in part:
... there are more usable ways of managing one's passwords
than storing them in a GnuPG file.
I'm curious what more usable ways there are that Sven and others
can recommend.
I'm also unsure what Sven apparently means by more usable?
(While they need to be
I'm curious what more usable ways there are that Sven and others
can recommend.
I'm fond of writing down my passwords on the back of a business card
and keeping it in my wallet. For the overwhelming majority of these
passwords, the site's most confidential information of mine they
The easier it is for beginners to understand PGP/GPG technology,
the faster its adoption into general use by the public will occur.
There's a discipline in computer science called human-computer
interaction (HCI). I took two courses in this in grad school: not
enough to make me an expert,
Robert J. Hansen wrote the following on 2/23/09 1:42 PM:
[...]
Open up my wallet, fish out the list, and there it is.
The moral of this story is simple -- don't make things more
complicated than you have to.
Robert, from the bottom of my heart, thank you!
Charly
Robert, yes, literacy is important, too. Your counter proposition also has
validity.
I point out, however, that by the time one is looking at
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
(h) help on the above
Robert J. Hansen wrote the following on 2/23/09 2:52 PM:
[...]
What I'm saying is, the world first needs to learn to read.
As far as I am concerned, this sentence is a most gratifying conclusion
to this thread.
I am not suggesting to close the thread, on the contrary, keep them coming.
Robert, yes, literacy is important, too. Your counter proposition
also has validity.
You missed the point. Refer to my last three sentences. The world
doesn't need another easy to use GnuPG interface. You're
essentially saying, what the world needs is a really good book!
What I'm
Robert, excellent points. I shall return to my thinking board.
Amazing that, in today's world, with events like the infamous 9/11,
identity theft, debit and credit card fraud, a plethora of Bernhard Madoffs
making Carlo Ponzi sit up in his grave and take notice, and jobs going
down the toilet
Required reading:
Garfinkel, S. L., Margrave, D., Schiller, J. I.,
Nordlander, E., and Miller, R. C. 2005. How to make secure
email easier to use. In _Proceedings of the SIGCHI Conference
on Human Factors in Computing Systems_ (Portland, Oregon, USA,
April
On Mon, Feb 23, 2009 at 11:55:51AM -0500, gerry_lowry (alliston ontario canada)
wrote:
The easier it is for beginners to understand PGP/GPG technology,
the faster its adoption into general use by the public will occur.
Suggestion: add help as an option to
gpg --gen-key
and
Hi!
gerry_lowry (alliston ontario canada) schrieb:
Sven Radde wrote, in part:
... there are more usable ways of managing one's passwords
than storing them in a GnuPG file.
I'm curious what more usable ways there are that Sven and others
can recommend.
/First of all,
On Mon, Feb 23, 2009 at 01:42:32PM -0500, Robert J. Hansen wrote:
Open up my wallet, fish out the list, and there it is.
Although I think this one of the most secure but usable places, what if
a real life phisher gets your wallet?
No problem to cancel credit cards. But are you able to reset all
Robert J. Hansen wrote:
Required reading:
And let's add to that:
Gaw, S., Felten, E. W., and
Fernandez-Kelly, P. 2006. Secrecy, flagging, and
paranoia: adoption criteria in encrypted email.
In Proceedings of the SIGCHI Conference on Human
Factors in
On Mon, Feb 23, 2009 at 01:15:58PM -0500, gerry_lowry (alliston ontario canada)
wrote:
Sven Radde wrote, in part:
... there are more usable ways of managing one's passwords
than storing them in a GnuPG file.
I'm curious what more usable ways there are that Sven and others
gerry_lowry (alliston ontario canada) wrote:
The Internet took off when Microsoft, for better or worse, included
and promoted Internet Explorer in Windows 95, thus beginning the so
called browser wars.
That's quite arguable. Why do you assume that MS introducing IE
*cause* the internet to
opensuse 11.0 and 11.1
gpg2 -r name -be file
Creates a detached signature file, but does not encrypt the file. I could
do it in two steps (gpg2 -e file ; gpg2 -b encrypted-file) but can it be
done in one?
Felipe
___
Gnupg-users mailing list
While in general I agree with what you've said in this thread Robert,
I do want to present one small ray of hope. At my last job we dealt
with a great deal of sensitive information (usually time sensitive,
i.e., it would be released eventually but needed to be just right
first) and being the
26 matches
Mail list logo