Re: Tor Download Verify Signature. Asc Prblem

On 02/08/2020 09:27 AM, africa131--- via Gnupg-users wrote: > Hi, > I am currently doing a course on online privacy. I have been trying to verify > the signature on the 64 bit windows tor browser download. > When I type in download directory I get 801 signature. asc for the signature > file I

Re: Essay on PGP as it is used today

On 07/18/2019 04:21 AM, U'll Be King of the Stars wrote: > On 18/07/2019 05:40, Mirimir via Gnupg-users wrote: >> When I need to share stuff among GUI-less VPS, with no Javascript >> capable browser, I sometimes use pastebins. I encrypt with GnuPG, and >> then base64 encode.

Re: Essay on PGP as it is used today

On 07/17/2019 07:47 PM, Ryan McGinnis via Gnupg-users wrote: > Is that to send them a message or an attachment? > > You might look into Firefox Send -- not sure if this satisfies the legal > requirements, but it is very robust end to end encryption. > https://send.firefox.com/ I also like

Re: Local solutions: SKS Keyserver Network Under Attack

On 07/03/2019 10:19 PM, Mirimir wrote: > Moved by Roland's requests, I've broken Enigmail in a fresh VM. And I'd > appreciate some advice about how to fix it. > > I installed Thunderbird and Enigmail in a Debian 9.5 x64 VM with Gnome. > Using Enigmail Key Management, I tri

Re: Your Thoughts

On 07/03/2019 07:16 AM, Ryan McGinnis via Gnupg-users wrote: > Not sure why the phone number thing bothers people -- having a > phone at all in the first place means you are easily tracked. Well, that's why I only use phones (and not smartphones) for routine meatspace stuff where I don't care

Re: Local solutions: SKS Keyserver Network Under Attack

Moved by Roland's requests, I've broken Enigmail in a fresh VM. And I'd appreciate some advice about how to fix it. I installed Thunderbird and Enigmail in a Debian 9.5 x64 VM with Gnome. Using Enigmail Key Management, I tried to get rjh's 1DCBDC01B44427C7 from pool.sks-keyservers.net, but that

SKS and GnuPG related issues and possible workarounds

On 07/02/2019 11:42 PM, Michał Górny wrote: > Dnia July 3, 2019 6:23:37 AM UTC, Mirimir via Gnupg-users > napisał(a): >> I don't think that it's necessary to stop using SKS keyservers. And I >> suspect that doing so would be nontrivial. Given that requests to them >&g

Re: SKS and GnuPG related issues and possible workarounds

On 07/02/2019 08:28 PM, Konstantin Boyandin via Gnupg-users wrote: > Hello All, > > After having read the recent multitude of messages related to SKS > keyservers related issue, I figured out that > > a. The entire SKS keyservers design and interaction has a fundamental > design flaw named

Re: Your Thoughts

On 07/02/2019 05:18 AM, Robert J. Hansen wrote: >> Signal went the other way. Build a verifiably secure communications >> platform so easy that literally anyone can figure it out. > > I think this is a misunderstanding of Signal. > Signal is, by its very nature, tightly tied to one specific

Re: New keyserver at keys.openpgp.org - what's your take?

On 07/01/2019 07:29 AM, David wrote: > My take on all this is that I have had to disable Enigmail because it's > screwed - I was not able to send mail and all the settings in enigmail > were lots of so I have been infected :( > > David Damn. But all is likely not lost. If you

Re: SKS Keyserver Network Under Attack

On 06/30/2019 10:37 AM, Leo Gaspard via Gnupg-users wrote: >> 1. We would have to ensure that all keyservers block the same >> uploads. One permissive keyserver is a backdoor into the entire >> system. We can’t block bad keys at reconciliation time for the same >> reasons that have been hashed to

Re: SKS Keyserver Network Under Attack

On 06/30/2019 08:55 AM, Andrew Gallagher wrote: > >> On 30 Jun 2019, at 15:07, Erich Eckner via Gnupg-users >> wrote: >> >> maybe I don't get the original idea - but I thought, it was to block >> *uploads/updates* which would poisson a certificate - not to blackhole them >> after they got

Re: SKS Keyserver Network Under Attack

On 06/30/2019 08:33 AM, Peter Lebbing wrote: >> "Look, this one guy who just got mugged? [...] > > I had to read it twice to distill what I think Mirimir meant, but I > think they meant that if you blacklist/blackhole all affected > certificates, you remove the ince

Re: SKS Keyserver Network Under Attack

On 06/30/2019 07:33 AM, Robert J. Hansen wrote: >> Your third point is actually why I suggested this. Maybe I'm just >> twisted, but what if some dickhead goes after certs that would break >> stuff for millions of people? One might, for example, block Linux kernel >> maintenance and development.

Re: SKS Keyserver Network Under Attack

On 06/30/2019 03:10 AM, Robert J. Hansen wrote: >> Because a) it’s enumerating badness [1] but more importantly b) it’s >> punishing the victim. Protecting the ecosystem by banning RJH and DKG’s >> keys from the keyservers entirely is doing the bad guys’ work for them. Currently, we know that

Re: SKS Keyserver Network Under Attack

On 06/30/2019 01:34 AM, Andrew Gallagher wrote: > >> On 30 Jun 2019, at 09:19, Robert J. Hansen wrote: >> >> The next version of Enigmail will no longer use the SKS network by >> default. Great! But what about existing Enigmail users? They'll see a >> signature, click "Import Key", and ...

Re: SKS Keyserver Network Under Attack

On 06/29/2019 11:26 PM, Robert J. Hansen wrote: >> https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f > > I stand by what I wrote. > > As usual, don't read the comments unless you want to despair for humanity. It sounds like SKS is dead meat. And hagrid is coming. And you advise:

Re: ProtonMail and Anonymity

On 06/09/2019 01:20 AM, Stefan Claas wrote: > Mirimir wrote: > >> Some years ago, I got Quicksilver Lite working in Debian with Wine. >> But even then, it hadn't been updated for years. And now I find that >> https://www.quicksilvermail.net isn't loading. Are people s

Re: ProtonMail and Anonymity

On 06/08/2019 01:25 AM, Stefan Claas wrote: > Christopher W. Richardson wrote: > >> >> >>> On 9 May 2019, at 22:34, Stefan Claas wrote: >>> >>> Am Wed, 8 May 2019 22:08:22 +0200 >>> schrieb Christopher W. Richardson : >>> > On 6 May 2019, at 16:15, Stefan Claas >

Re: GnuPG signature of mails && web.de

On 05/19/2019 12:17 AM, Matthias Apitz wrote: > Am Samstag, 18. Mai 2019 17:36:07 CEST schrieb Stefan Claas > : >> Am Sat, 18 May 2019 11:59:00 +0100 >> schrieb MFPA <2017-r3sgs86x8e-lists-gro...@riseup.net>: >> >>> All that a web search gave me was [0] >>> >>>     Secure mail account >>>     You

Re: ProtonMail and Anonymity

On 05/09/2019 01:03 PM, Stefan Claas wrote: > Am Thu, 9 May 2019 15:28:36 -0400 > schrieb Tony Lane : > >> Uhh... no. >> You can absolutely hide the recipient with the '-R' option in Gnupg. >> -BEGIN PGP SIGNATURE- > > > Sorry for my bad wording! I was refering to the email recipient,

Re: ProtonMail and Anonymity

On 05/08/2019 03:41 PM, Tony Lane wrote: > Or you could just use qmail+GPG with the -R option. Seriously, you're recommending that people run their own mail servers? > Or heck, just post it the clearnet on some *chan. Isn't the whole point of > GPG to hide the content or who it's intended to? >

Re: ProtonMail and Anonymity

On 05/08/2019 01:08 PM, Christopher W. Richardson wrote: > > >> On 6 May 2019, at 16:15, Stefan Claas > > wrote: >> >> ProtonMail's procedure is not anonymous like >> real anonymous email services > > What are some such “real” anonymous email services? Any service

Re: ProtonMail and Anonymity

On 05/05/2019 09:52 PM, Stefan Claas wrote: > Am Sun, 5 May 2019 17:16:12 -0700 > schrieb Mirimir : > >> Well of course that's not anonymous! >> >> So what you do, if you want ~anonymity, is to use their Tor onion >> site. That doesn't ask for anything beyond a

Re: ProtonMail and Anonymity

On 05/05/2019 03:12 AM, Stefan Claas wrote: > Hi all, > > appologies for posting this, but I think it could > be of interest for GnuPG users, because ProtoMail > uses the OpenPGP protocol too. > > Some of you may have signed up with ProtonMail and > enjoy the service, due to it's ease of use and

Re: How to start gnupg?

On 12/01/2018 03:33 PM, John Broyles wrote: > I just installed gnupg software from source. There were no complaints that I > could see. In fact when I typed sudo apt install gnupg, the response was > that the current version was the latest. So, I assume that that means that > the program is

Re: A Solution for Sending Messages Safely from EFAIL-safe Senders to EFAIL-unsafe Receivers

On 05/28/2018 12:15 AM, Werner Koch wrote: > On Thu, 24 May 2018 00:05, gnupg-us...@spodhuis.org said: > >> up at . > > Given that I see more and more mails with "Encrypted mail" as subject, > this feature is getting more and more annoying. It will

Re: I just got an odd message

On 05/22/2018 12:41 AM, Andrew Gallagher wrote: > On 22/05/18 07:30, Mirimir wrote: >> Those are just screwed-up text-encoded images, right? > > Without seeing the full email, it's hard to tell. They don't appear to > represent any well-known file type when run through a base64

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

On 05/21/2018 03:38 PM, Mark Rousell wrote: > On 22/05/2018 02:16, Mauricio Tavares wrote: >> Stupid question: what is wrong with a "encrypt/decrypt old >> format" flag/config option? If I have the need to use old stuff, I can >> turn that on. All I see here is a "do not open old stuff" as a

Re: Breaking changes

On 05/21/2018 02:57 PM, Mark Rousell wrote: > On 22/05/2018 02:39, Mark Rousell wrote: >> Get real. These people are long-time GnuPG users and now you want to >> throw them under the bus because... well, because you prefer it that >> way. No, that's not a fair, it's not reasonable, it's not

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

On 05/21/2018 02:41 PM, Mirimir wrote: > Yes, "accepting new emails with old crypto" is the problem. But Efail > relies on cyphertext embedded in URLs, which won't unauthenticate. Damn copypasta :( Please make that: > Yes, "accepting new emails with old crypto&qu

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

On 05/21/2018 02:06 PM, Mark Rousell wrote: > On 21/05/2018 23:17, Mirimir wrote: >> On 05/21/2018 02:06 AM, Ed Kellett wrote: >> >> >> >>> Maybe they just want to be able to read emails that they received a long >>> time ago? >> So decrypt t

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

On 05/21/2018 02:06 AM, Ed Kellett wrote: > On 2018-05-21 09:56, Andrew Skretvedt wrote: >> It seems to me that if the pearl-clutchers who would howl too loudly >> about breaking backwards compatibility were as concerned as they claim, >> they would realize that software evolves. But this

Re: A postmortem on Efail

On 05/21/2018 02:31 AM, Ben McGinnes wrote: > On Sun, May 20, 2018 at 01:43:07PM -1100, Mirimir wrote: >> On 05/19/2018 11:44 PM, Aleksandar Lazic wrote: >>> >>> I do not want to create a conspiracy theory but it's wiggy that >>> EFF favors *NO* security ,pgp o

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

On 05/21/2018 02:06 AM, Ed Kellett wrote: > Maybe they just want to be able to read emails that they received a long > time ago? So decrypt them all into a ramdisk, tar, and encrypt with GnuPG. Or put it on a backup box with LUKS. Or both. ___

Re: A postmortem on Efail

On 05/19/2018 11:44 PM, Aleksandar Lazic wrote: > Hi Robert. > > On 20/05/2018 02:26, Robert J. Hansen wrote: >> Writing just for myself -- not for GnuPG and not for Enigmail and >> definitely not for my employer -- I put together a postmortem on Efail. >> You may find it worth reading. You may

Re: A postmortem on Efail

On 05/19/2018 08:28 PM, Robert J. Hansen wrote: >> Break backwards compatibility already: it’s time. Ignore the haters. I >> trust you. > > :) :) :) :) :) I'm OK with that :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: Kommentar: Efail ist ein Megafail für E-Mail-Verschlüsselung | heise online

On 05/18/2018 08:51 AM, Mark Rousell wrote: > On 18/05/2018 20:27, Martin wrote: >> Hello Matthias, >> >> Friday, May 18, 2018, 3:40:53 PM, you wrote: >> >>> Jürgen Schmidt is a dedicated OpenPGP hater. Be warned and/or just >>> ignore this comment. >> And again recommandatioin for Signal. It

Re: Breaking MIME concatenation

On 05/16/2018 08:59 PM, Werner Koch wrote: > On Thu, 17 May 2018 01:39, miri...@riseup.net said: > >> However, I get that many users expect HTML, embedded images and links. > > Well they expect a bit of markup like *bold* or _underlined_ or > /italics/ and links like https://gnupg.org but any

Re: Breaking MIME concatenation

On 05/16/2018 02:46 AM, Martin wrote: > Hi > > Am Dienstag, 15. Mai 2018, 22:19:17 schreiben Sie: > >> On 05/15/2018 04:44 AM, Patrick Brunschwig wrote: > >> > >>> I think the correct solution must be to treat each MIME part >>> independently, i.e. it needs to be parsed independently by the

Re: Efail or OpenPGP is safer than S/MIME

On 05/16/2018 05:48 AM, Werner Koch wrote: > On Tue, 15 May 2018 11:56, andr...@andrewg.com said: > >> We should also be very careful to note that none of this discussion >> thread applies to the MIME concatenation vulnerability, which is a >> problem in Thunderbird and other mail clients, and

Re: Don't Panic.

On 05/13/2018 08:27 PM, Robert J. Hansen wrote: > [taps the mike] > > Hi. I maintain the official GnuPG FAQ. So let me start off by > answering a question that is certainly about to be asked a lot: "Should > we be worried about OpenPGP, GnuPG, or Enigmail? The EFF's advising us > to uninstall

Attention PGP Users: New Vulnerabilities Require You to Take Action Now

| A group of European security researchers have released a warning | about a set of vulnerabilities affecting users of PGP and S/MIME. | EFF has been in communication with the research team, and can | confirm that these vulnerabilities pose an immediate risk to | those using these tools for email

Re: Option to select "Which topic categories would you like to subscribe to?" under Gnupg-users Subscription Options

On 07/06/2017 01:50 AM, S via Gnupg-users wrote: > Hello, > Apologies for having to ask this. Didn't find any options in the relevant > page. > I would like to receive messages only for topics I'm subscribed to. But, I > don't see an option to select topics of my choice either in "Gnupg-users >

Re: What could make GnuPG + Enigmail "easier"?

On 04/10/2017 01:11 AM, Robert J. Hansen wrote: >> What you *aren't* hearing is: > > [good points snipped] > > Shirley Gaw's 2006 paper addresses these factors dead-on. > http://www.soe.ucsc.edu/classes/cmps223/Spring09/Gaw%2006.pdf > > It's worth reading. A major additional factor Gaw found

Re: Terminology - certificate or key ?

On 09/30/2016 08:24 AM, Robert J. Hansen wrote: >> I'd start with -BEGIN PGP PUBLIC KEY BLOCK- :) > > You are technically correct (the best kind of correct!) [1] -- no, wait! > That's "key block", not "keyblock"! > > I'm more technically correct! I win! :) > > In all seriousness,

Re: keybase.io

On 09/01/2016 02:15 AM, Werner Koch wrote: > On Thu, 1 Sep 2016 08:34, miri...@riseup.net said: > >> Ensuring that you keep talking to the same key is pretty easy. >> The hard thing is knowing what key is correct for someone who's >> defined only by an online presence. Where you have no WoT >>

Re: keybase.io

On 09/01/2016 12:02 AM, Werner Koch wrote: > On Thu, 1 Sep 2016 02:55, miri...@riseup.net said: > >> verification of meatspace identity is a benefit, no? There's no >> privacy in attending a key signing party, is there? > > I have long stopped to consider key signing parties a useful thing. >

Re: keybase.io

connect the key into a way > larger network than what we have with the Web of Trust. Kind of key > signing party for the Twitter generation. But that's what I like about it :) Mirimir can't have an old-school Web of Trust. Nobody that I know in meatspace knows that I use that pseudonym.

Re: Key Discovery Made Simple

On 08/30/2016 10:04 AM, John Hein wrote: > Werner Koch wrote at 16:39 +0200 on Aug 30, 2016: > > Hi, > > > > I just published a writeup on how to setup the Web Key Service at > > https://gnupg.org/blog/20160830-web-key-service.html > > > > A plain text copy is below. If you have

Re: 2 Q's

On 08/15/2016 04:48 PM, Francesco Ariis wrote: > On Mon, Aug 15, 2016 at 06:33:47AM -0700, Daniel H. Werner wrote: >> 2) What is the best way to automatically send my Public Key to message >> recipients? > > Why not upload it to your site (if you have it) or to a keyserver? I like

Re: Inability to export and then import my secret key

On 08/12/2015 03:58 AM, Peter Lebbing wrote: On 12/08/15 04:00, Mirimir wrote: It's simplest to just copy the gpg folder. Importing private keys is broken by design. I don't think I agree with either statement. Copying the folder comes with its own caveats: don't copy random_seed, and you

Re: Inability to export and then import my secret key

On 08/12/2015 04:39 AM, Werner Koch wrote: On Wed, 12 Aug 2015 12:25, miri...@riseup.net said: Well, GnuPG 1.4 _definitely_ doesn't support importing secret keys. But That is not correct. All version support import of secret keys. What versions 2.1 don't allow is merging (updating) a

Re: upgrading v1 to v2

On 03/25/2015 08:39 PM, Dave Kimble wrote: Ubuntu 14.04 with gnupg 1.4.16 installed from Ubuntu repository. Enigmail says it is about time I upgraded to gnupg v2. Ubuntu Software Centre says I have the latest version. In Ubuntu 12.04 x64, I just did: $ sudo apt-get install gnupg2 That gave

Re: German ct magazine postulates death of pgp encryption

On 02/27/2015 01:12 PM, Andreas Schwier wrote: SNIP So what exactly is the purpose of the keyserver then ? If you expect me to still verify fingerprints out of band, why would I grab a - probably bogus key - from a keyserver first place ? I could immediately ask my peer to send it by mail.

Re: Anonymous payment for hardware tokens

On 02/03/2015 11:50 PM, georgeorwellhardwi...@riseup.net wrote: Hello. Is there anyone that knows where you can buy yubikeys or smartcards anonymously? Doing anything anonymously in physical space is hard. You could buy with cash in a store, in a city where you are not known, and take

Re: Thoughts on Keybase

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/06/2015 08:29 PM, MFPA wrote: Hi On Wednesday 7 January 2015 at 2:14:43 AM, in mid:54ac9693.2090...@riseup.net, Mirimir wrote: I also favor compartmentalization. But reading https://keybase.io/, I don't see any requirement

Re: Thoughts on Keybase

On 01/06/2015 09:30 PM, Robert J. Hansen wrote: SNIP I understand you [MFPA] believe there is a right to be forgotten; I hope you will understand I consider that to be Pollyannic fantasy. Indeed. I agree. But what about a right to authenticated pseudonymity?

Re: Encryption on Mailing lists sensless?

On 11/24/2014 09:57 AM, michaelquig...@theway.org wrote: MFPA 2014-667rhzu3dc-lists-gro...@riseup.net wrote on 11/22/2014 04:16:38 PM: From: MFPA 2014-667rhzu3dc-lists-gro...@riseup.net To: michaelquig...@theway.org on GnuPG-Users gnupg-users@gnupg.org Cc: michaelquig...@theway.org

Re: Encryption on Mailing lists sensless?

What distinguishes a mail list from email with bcc? Software? Size? As long as messages were separately encrypted to each recipient, no third parties would be involved. ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: Encryption on Mailing lists sensless?

On 11/18/2014 03:43 PM, MFPA wrote: Hi On Tuesday 18 November 2014 at 6:15:57 PM, in mid:546b8cdd.5010...@riseup.net, Mirimir wrote: As long as messages were separately encrypted to each recipient, no third parties would be involved. For an email message with multiple recipients, I

Re: Encryption on Mailing lists sensless?

On 11/18/2014 12:21 PM, NdK wrote: Il 18/11/2014 19:15, Mirimir ha scritto: What distinguishes a mail list from email with bcc? Software? Size? That you're sending to a *single* address that hides the others. As soon as a recipient replies, their address is no longer hidden. As long

producing GnuPG keys as proof of work

Would it be feasible to use gpg in batch mode to generate numerous keys, selecting for a particular key ID, or perhaps a longer part of the fingerprint? I'm aware of shortcuts for creating keys with arbitrary key IDs, but they produce keys with atypical key lengths etc. Based on limited

Re: producing GnuPG keys as proof of work

On 10/02/2014 12:28 PM, Daniel Kahn Gillmor wrote: On 10/02/2014 02:02 PM, Mirimir wrote: Would it be feasible to use gpg in batch mode to generate numerous keys, selecting for a particular key ID, or perhaps a longer part of the fingerprint? I'm aware of shortcuts for creating keys

Re: producing GnuPG keys as proof of work

On 10/02/2014 12:45 PM, Robert J. Hansen wrote: Would it be feasible to use gpg in batch mode to generate numerous keys, selecting for a particular key ID, or perhaps a longer part of the fingerprint? Depends. Expert users, sure; new users, or people who aren't that interested in GnuPG but

Re: producing GnuPG keys as proof of work

On 10/02/2014 02:58 PM, Robert J. Hansen wrote: It struck me that a GnuPG key, produced as proof of work, would be more generally useful than an arbitrary hash. But now I see that challenge-based proof of work could just be used to authenticate a GnuPG key for signing and message encryption.

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

among multiple personae. Each persona has its unique set of interests and activities. Some, such as mirimir, are stable and very public. Others are very transient, and private. Each is appropriately isolated from my true identity, and from the other personae, through such technologies as virtual

Re: crypto code of conduct (Crypto-Knigge)

On 07/29/2014 01:35 PM, Hauke Laging wrote: Hello, I would like to abuse this list for something IMHO important though slightly off-topic... I think we (and we is the Internet users not just those who write on gnupg-users...) are missing a culture of secured communication (which can

Re: symmetric email encryption

On 07/18/2014 08:37 PM, Hauke Laging wrote: SNIP I have prepared a mail file for those who want to give this a try: http://www.crypto-fuer-alle.de/docs/mail-symmetric/mail.cr-lf.eml I just emailed that to myself using Thunderbird + Enigmail in Ubuntu. I was prompted for a password, and foo

Re: New user needs some help

On 06/06/2014 12:32 AM, Bob Holtzman wrote: On Thu, Jun 05, 2014 at 05:32:38PM -0600, Mirimir wrote: On 06/05/2014 12:09 PM, Bob Holtzman wrote: On Thu, Jun 05, 2014 at 03:26:16AM -0400, Cpp wrote: Dear GnuPG users, As part of the ResetTheNet campaign I decided to start using email

Re: New user needs some help

On 06/06/2014 01:11 AM, Anthony Papillion wrote: On June 6, 2014 1:58:47 AM CDT, Mirimir miri...@riseup.net wrote: On 06/06/2014 12:32 AM, Bob Holtzman wrote: On Thu, Jun 05, 2014 at 05:32:38PM -0600, Mirimir wrote: On 06/05/2014 12:09 PM, Bob Holtzman wrote: On Thu, Jun 05, 2014 at 03:26

Re: New user needs some help

. This is not a critism, but with who do you plan on communicating using encryption? Absolutely no one I know uses it or is remotely interested in it. I get the standard answer I have nothing to hide. I've used GnuPG almost exclusively with people who know me only as mirimir, or as another of my

Re: Trustworthy Android implementation ?

On 04/27/2014 09:55 AM, Old_Professor wrote: I'm looking for a trustworthy and user-friendly encryption product to use on my Android smart phone. I found four implementations of GPG. I don't know anything about the competence or trustworthiness of the implementers. I'm concerned that if

Re: Trustworthy Android implementation ?

Somebody doesn't like me :( Original Message Subject: Re: Re: Trustworthy Android implementation ? Date: Sun, 27 Apr 2014 13:20:35 -0700 From: [REDACTED] Reply-To: [REDACTED] To: mirimir miri...@riseup.net hi Mirimir I'm [REDACTED], I'm 24 and here're two photos of myself

Re: Trustworthy Android implementation ?

On 04/27/2014 02:48 PM, Peter Lebbing wrote: On 27/04/14 22:40, Mirimir wrote: Somebody doesn't like me :( It's just a spam issue here at the mailing list currently. Every message I write, I get at least one, but more commonly two mails from so-called bachelor ladies, usually with a picture

Re: Trustworthy Android implementation ?

On 04/27/2014 02:48 PM, Peter Lebbing wrote: On 27/04/14 22:40, Mirimir wrote: Somebody doesn't like me :( It's just a spam issue here at the mailing list currently. Every message I write, I get at least one, but more commonly two mails from so-called bachelor ladies, usually with a picture

Re: It's 2014. Are we there yet?

On 04/09/2014 10:16 PM, John Clizbe wrote: Robert J. Hansen wrote: The “secure communications” paradigm of course spans a whole spectrum from “I don’t give a ” to “I’ll do anything to protect my communications, including giving away my first born”. I suspect the “average Joe user” in 2014

Re: How to add only specified public key from an asc file containing many keys?

On 10/20/2013 10:28 PM, Veet Vivarto wrote: Hi, Please consider this situation. The user has a file containing some 30 public keys. He/she lists the keys and only wants to import only 2 of these keys. How can he/she do that? Is there a command that allows to specify the keys to import?

Re: [Announce] [security fix] GnuPG 1.4.15 released

On 10/06/2013 02:21 AM, Daniel Kahn Gillmor wrote: On 10/05/2013 10:09 PM, mirimir wrote: On 10/05/2013 08:56 AM, Werner Koch wrote: We are pleased to announce the availability of a new stable GnuPG-1 release: Version 1.4.15. This is a *security fix* release and all users are advised

Re: [Announce] [security fix] GnuPG 1.4.15 released

On 10/05/2013 08:56 AM, Werner Koch wrote: Hello! We are pleased to announce the availability of a new stable GnuPG-1 release: Version 1.4.15. This is a *security fix* release and all users are advised to updated to this version. See below for the impact of the problem. I'm using

Re: CryptoList - Looking for beta testers

On 09/22/2013 11:08 PM, Kenneth Jones wrote: On 09/23/2013 04:45 AM, Daniel Kahn Gillmor wrote: SNIP Hmmm... Last two messages from Daniel prompt my Thunderbird/Enigmail setup that an OpenPGP secret key is needed to decrypt the message (which nonetheless shows up in cleartext). What's

Re: Why trust gpg4win?

On 08/25/2013 02:09 PM, Larry Brower wrote: On 08/24/2013 11:34 PM, mirimir wrote: Small flash cards are cheap enough to use once and then destroy. This doesn't resolve the problem of the device being compromised as soon as it is plugged into a compromised system. There is a lot of malware

Re: Why trust gpg4win?

On 08/25/2013 04:04 AM, Robert J. Hansen wrote: On 8/24/2013 5:14 PM, Jan wrote: SNIP It seems quite easy to advice people to have an offline windows PC with gpg4win on it and all their private stuff and a windows(?) online PC next to it. They could transfer encrypted messages with an USB

Re: [#JYM-378-41570]: Re: Why trust any software?

On 08/06/2013 07:43 AM, Werner Koch wrote: On Tue, 6 Aug 2013 05:07, miri...@riseup.net said: Why can't gnupg.org just blackhole everything from TeamSpeak's hosts? The address was subscribed to gnupg-users. Yeasterday I enabled the moderation flag for this address but for unknown

Re: [#JYM-378-41570]: Re: Why trust any software?

On 08/06/2013 02:28 AM, Henry Hertz Hobbit wrote: On 08/06/2013 12:42 AM, Jean-David Beyer wrote: On 08/05/2013 09:23 AM, TeamSpeak Piracy wrote: Jean-David Beyer, Thank you for contacting us. This is an automated response confirming the receipt of your ticket. One of our agents will get

Re: GPG weakness

On 07/25/2013 12:59 PM, Manu García wrote: Hi. I'm not a member of this list, but have read an article that I'd like to share, and put into your knowledge (if you don't know it already) because I think is rather important. In said article, about security in the Cloud you can read this:

Re: Privacy concerns

On 04/17/2013 06:45 PM, NdK wrote: Il 17/04/2013 18:22, Doug Barton ha scritto: It's very safe to assume that e-mail address harvesting from the key servers is not anything to worry about. At least for now. But spam is just one of the possible issues... Anyway I can see that the easiest

Re: gpg for pseudonymous users

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/07/2013 02:19 PM, Daniel Kahn Gillmor wrote: snip But let's bring this discussion back out of the metaphysical territory of what is the true nature of identity. In response to adrelanos' question, I tried to give an example of what sort