On 02/08/2020 09:27 AM, africa131--- via Gnupg-users wrote:
> Hi,
> I am currently doing a course on online privacy. I have been trying to verify
> the signature on the 64 bit windows tor browser download.
> When I type in download directory I get 801 signature. asc for the signature
> file I
On 07/18/2019 04:21 AM, U'll Be King of the Stars wrote:
> On 18/07/2019 05:40, Mirimir via Gnupg-users wrote:
>> When I need to share stuff among GUI-less VPS, with no Javascript
>> capable browser, I sometimes use pastebins. I encrypt with GnuPG, and
>> then base64 encode.
On 07/17/2019 07:47 PM, Ryan McGinnis via Gnupg-users wrote:
> Is that to send them a message or an attachment?
>
> You might look into Firefox Send -- not sure if this satisfies the legal
> requirements, but it is very robust end to end encryption.
> https://send.firefox.com/
I also like
On 07/03/2019 10:19 PM, Mirimir wrote:
> Moved by Roland's requests, I've broken Enigmail in a fresh VM. And I'd
> appreciate some advice about how to fix it.
>
> I installed Thunderbird and Enigmail in a Debian 9.5 x64 VM with Gnome.
> Using Enigmail Key Management, I tried to get rjh's
On 07/03/2019 07:16 AM, Ryan McGinnis via Gnupg-users wrote:
> Not sure why the phone number thing bothers people -- having a
> phone at all in the first place means you are easily tracked.
Well, that's why I only use phones (and not smartphones) for routine
meatspace stuff where I don't care
Moved by Roland's requests, I've broken Enigmail in a fresh VM. And I'd
appreciate some advice about how to fix it.
I installed Thunderbird and Enigmail in a Debian 9.5 x64 VM with Gnome.
Using Enigmail Key Management, I tried to get rjh's 1DCBDC01B44427C7
from pool.sks-keyservers.net, but that
On 07/02/2019 11:42 PM, Michał Górny wrote:
> Dnia July 3, 2019 6:23:37 AM UTC, Mirimir via Gnupg-users
> napisał(a):
>> I don't think that it's necessary to stop using SKS keyservers. And I
>> suspect that doing so would be nontrivial. Given that requests to them
>&g
On 07/02/2019 08:28 PM, Konstantin Boyandin via Gnupg-users wrote:
> Hello All,
>
> After having read the recent multitude of messages related to SKS
> keyservers related issue, I figured out that
>
> a. The entire SKS keyservers design and interaction has a fundamental
> design flaw named
On 07/02/2019 05:18 AM, Robert J. Hansen wrote:
>> Signal went the other way. Build a verifiably secure communications
>> platform so easy that literally anyone can figure it out.
>
> I think this is a misunderstanding of Signal.
> Signal is, by its very nature, tightly tied to one specific
On 07/01/2019 07:29 AM, David wrote:
> My take on all this is that I have had to disable Enigmail because it's
> screwed - I was not able to send mail and all the settings in enigmail
> were lots of so I have been infected :(
>
> David
Damn. But all is likely not lost.
If you
On 06/30/2019 10:37 AM, Leo Gaspard via Gnupg-users wrote:
>> 1. We would have to ensure that all keyservers block the same
>> uploads. One permissive keyserver is a backdoor into the entire
>> system. We can’t block bad keys at reconciliation time for the same
>> reasons that have been hashed to
On 06/30/2019 08:55 AM, Andrew Gallagher wrote:
>
>> On 30 Jun 2019, at 15:07, Erich Eckner via Gnupg-users
>> wrote:
>>
>> maybe I don't get the original idea - but I thought, it was to block
>> *uploads/updates* which would poisson a certificate - not to blackhole them
>> after they got
On 06/30/2019 08:33 AM, Peter Lebbing wrote:
>> "Look, this one guy who just got mugged? [...]
>
> I had to read it twice to distill what I think Mirimir meant, but I
> think they meant that if you blacklist/blackhole all affected
> certificates, you remove the incentive for the attackers to
On 06/30/2019 07:33 AM, Robert J. Hansen wrote:
>> Your third point is actually why I suggested this. Maybe I'm just
>> twisted, but what if some dickhead goes after certs that would break
>> stuff for millions of people? One might, for example, block Linux kernel
>> maintenance and development.
On 06/30/2019 03:10 AM, Robert J. Hansen wrote:
>> Because a) it’s enumerating badness [1] but more importantly b) it’s
>> punishing the victim. Protecting the ecosystem by banning RJH and DKG’s
>> keys from the keyservers entirely is doing the bad guys’ work for them.
Currently, we know that
On 06/30/2019 01:34 AM, Andrew Gallagher wrote:
>
>> On 30 Jun 2019, at 09:19, Robert J. Hansen wrote:
>>
>> The next version of Enigmail will no longer use the SKS network by
>> default. Great! But what about existing Enigmail users? They'll see a
>> signature, click "Import Key", and ...
On 06/29/2019 11:26 PM, Robert J. Hansen wrote:
>> https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
>
> I stand by what I wrote.
>
> As usual, don't read the comments unless you want to despair for humanity.
It sounds like SKS is dead meat. And hagrid is coming. And you advise:
17 matches
Mail list logo
