Re: Intro/Projects

[rooty]

please crawl under rock it safer





 Original Message 
On Dec 6, 2016, 10:02 AM, amen a nema wrote:
> Ceessi:
> absolute truth

"And when people start to need lawyers and doctors, we have conclusive proof 
that the education system is worthless. Men in the courts before snoozing 
juries, trying to get remedies by legal trickery, is a proof positive that they 
don't have enough education to arrange their own lives properly. Just as 
disgraceful is going to the doctor, not with any real malady, but because 
they've filled their bodies with garbage, which the pompous medical profession 
manages to name as some new-fangled disease."

--
nan

Re: Intro/Projects

[Mirimir]

On 12/06/2016 07:43 AM, Charles Fox wrote:
> I agree Windows would be the weak link, but I think it is easier 
> to persuade someone to install an add-in than to learn Linux.

Please reply inline. It's hard to follow with top-posting.

Anyway, oshwm also noted that, with strong encryption, you _and_ Windows
both become weak links. See below about Windows.



>  Original Message 
> Subject: Re: Intro/Projects
> Local Time: December 5, 2016 11:17 PM
> UTC Time: December 6, 2016 7:17 AM
> From: os...@openmailbox.org
> To: [random asshole], cypherpunks@lists.cpunks.org



> If your encryption is sufficiently strong (ppl seem happy with
> AES256, any better suggestions) and your random number generator
> wasn't designed or influenced by the NSA then you're likely to
> keep your information private.
> 
> Note that you will then become the weak link and if the
> information is sufficiently important then it will get painful :)

Right. Against resourceful adversaries, anonymity arguably becomes as
important as strong encryption. If they know who to coerce, it doesn't
matter so much that they can't break the encryption.

> In terms of a Windows (you said Outlook) based remailer then I'd
> see Windows as the weak link, especially if its v7/8 or 10.
> Cheers.

The problem with Windows is that there's no way to know what it logs,
what information it sends, or where it sends it. So it's impossible to
keep anything reliably private. Not your identity. Not any encryption
credentials. Nothing is private.

So sure, it's probably "easier to persuade someone to install an add-in
than to learn Linux". But would that be helping them, or putting them at
greater risk, through false belief in privacy and security?

I do agree that it's unrealistic to expect most people to dual-boot
Windows and Linux. Or to devote a computer to Linux. But installing
VirtualBox in Windows is trivial, and most Linux VMs only need 1GB RAM.
Also, there are Linux distros that provide a similar desktop experience
<http://www.tecmint.com/best-alternative-linux-distributions-for-windows-users/>.

Re: Intro/Projects

[John Newman]

If you have a keybase account, you can access something similar with kbfs. 
Although the idea behind it is data signing, not encryption Actually, I 
think it's mostly useless at the moment, but could turn into something cool.


John

On December 6, 2016 10:07:22 AM EST, Razer  wrote:
>
>
>On 12/05/2016 11:53 PM, Georgi Guninski wrote:
>> On Tue, Dec 06, 2016 at 01:43:21AM -0500, Charles Fox wrote:
>>> Hi Everyone,
>>>
>>> I'm new to the list and to encryption generally. I don't consider
>myself a good programmer but I needed to learn a little about gpg for
>work and I'm increasingly curious about it. I had two ideas for things
>I could build but I want to know if they've already been done/whether
>they're bad ideas:
>>>
>>> 1) Cloud storage.
>>> I think it would be relatively easy to write a program where any
>file I save in folder X automatically gets encrypted and saved to
>folder Y Box/Dropbox/etc. Any new files saved in Y which my key can
>open get opened and put in folder X. Since the private key password
>would be saved for this to work automatically, it would be worthless if
>someone got on my machine, but if one of the cloud providers gets
>compromised, all they would have is a collection of encrypted files.
>>>
>> AFAIK there are many solutions for this on decent OSes, don't know if
>> any uses exactly gpg.
>>
>> Probably it is significantly easier to encrypt at file system level,
>not
>> at individual files.
>>
>> Search the web for "encrypted filesystem cloud" (without the quotes),
>> there are many results and tutorials.
>
>I believe mega.co.nz does this when you upload using their application
>or browser extension. The encryption is done on your computer before
>upload, and is stored onsite encrypted.
>
>Rr

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: Intro/Projects

[Razer]

On 12/06/2016 03:30 AM, Cecilia Tanaka wrote:
>
> Otherwise, you will see a lot of strange and polemic political
> positions here.  This list is almost a "Political Kama Sutra", with
> hundreds of different positions and some of them are pretty 'curious'
> or terribly bizarre, haha!!  ;)
>

Real world politics is complicated. Some people think I'm a
'jewkristiancommie' (Juan). Some think I'm a conservative. Some think
I'm a wild-eyed bomb-throwing anarchist black blockhead... Actually, I'm
all those things. It you have some 'party line' you're probably not
worth having a convo with. Indoctrinated people are boring.

Classic example. Here's someone I knew in the 60s who went down with Sam
Melville and it's said Melvill died in his arms at Attica. A Navy
Hardhat diver wh ran the Committee to support the National Liberation
Front, and one of Abbie Hoffman's closest friends. Written by a mutual
friend.


"October 17, 2010:
In early February 2009, I was skimming the Drudge Report and came across
a headline that went something like this: Protester Throws Shoes at
Mayor of Ithaca, New York. I immediately knew the shoe-thrower was my
friend Robin Palmer. Robin died this August at age 80. He was a born
rebel and lived in that skin all his life. He was never without a cause.
Usually multiple causes. Which sometimes seemed wildly contradictory.

Robin ran with the radical left Weathermen in the late 1960's and early
'70s. He spent several years in Attica prison for trying to bomb a New
York City bank. By this millennium he was sort-of right wing. Why
“sort-of”? Robin never regretted his terrorist actions or ceased
believing the U.S. was a villain in Vietnam. He referred to Ho Chi Minh
as “the George Washington of his people” and felt warmly toward his old
Weather-friends, Bill Ayers and Bernadine Dohrn. When candidate Barack
Obama's relationship with Ayers in Chicago became a hot topic during the
2008 presidential race, Robin wrote missives to local newspapers lauding
Ayers and defending the Weatherman bombings. When election day rolled
around Robin didn't vote for Obama or McCain-- he wrote in Bill Ayers.

Flip side: Robin disagreed vehemently with the standard left positions
on Cuba and the Mid-East. When Robin denounced Fidel Castro at
gatherings of old New Leftists, he was struck from the rad honor roll.
(Attica only counted for so much.) His opinions on the Mid-East were
equally heretical. Robin was always strongly pro-Israel. Not gung-ho for
the PLO. By this millennium he stood 100 percent behind President Bush
and the war in Iraq. The shoe hurling incident sprang from that support.
The City of Ithaca had passed a resolution condemning the war. By
tossing his shoes at the mayor, Robin was tearing a page from the book
of Iraqi protesters who did likewise to Bush. Turning it upside down in
the process.

That's so Robin.

I first met Robin in New York City in the Spring of 1968..."

More 60s radical history >
http://www.qtng.dreamhosters.com//deep_qt/deepqt_robin.html


> It's The Cypherpunk's Manifesto: 
> 
>
> "We cannot expect governments, corporations, or other large, faceless
> organizations to grant us privacy out of their beneficence."
>
> > > please forgive me.
> >
> > Only Jebus can forgive you
>
> There is absolutely nothing to be forgiven, Charles.  You have your
> personal convictions and you don't need to be an anarchist or the best
> mega-hyper-wow-master of cryptography to deserve our respect. 
>
> There is no absolute truth or knowledge in the world.  :)
>

Re: Intro/Projects

[Razer]

On 12/05/2016 11:17 PM, in re oshwm:
>
>
> obviously elle-twat wants to derail your sensible questions.
>
>

I trashcan all mail on this list from sigint. Problem solved.

Re: Intro/Projects

[oshwm]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 6 December 2016 14:43:09 GMT, Charles Fox <f...@protonmail.com> wrote:
>I agree Windows would be the weak link, but I think it is easier to
>persuade someone to install an add-in than to learn Linux.
>
>
>
>
>Sent with [ProtonMail](https://protonmail.com) Secure Email.
>
>
> Original Message ----
>Subject: Re: Intro/Projects
>Local Time: December 5, 2016 11:17 PM
>UTC Time: December 6, 2016 7:17 AM
>From: os...@openmailbox.org
>To: Elle Phent <reepublikk...@sigaint.org>,
>cypherpunks@lists.cpunks.org
>
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA512
>
>On 6 December 2016 07:08:44 GMT, Elle Phent <reepublikk...@sigaint.org>
>wrote:
>>> Charles Fox:
>>> I'm not an anarchist
>>
>>This isn't anarchist list
>>
>>This is christian conservitive pro-russian list
>>
>>> please forgive me.
>>
>>Only Jebus can forgive you
>
>I must be on the wrong list then, i am not Christian, conservative or
>pro any nation :D
>
>obviously elle-twat wants to derail your sensible questions.
>
>If your encryption is sufficiently strong (ppl seem happy with AES256,
>any better suggestions) and your random number generator wasn't
>designed or influenced by the NSA then you're likely to keep your
>information private.
>
>Note that you will then become the weak link and if the information is
>sufficiently important then it will get painful :)
>
>In terms of a Windows (you said Outlook) based remailer then I'd see
>Windows as the weak link, especially if its v7/8 or 10.
>
>Cheers.
>-BEGIN PGP SIGNATURE-
>
>iQI7BAEBCgAlHhxvc2h3bSA8b3Nod21Ab3Blbm1haWxib3gub3JnPgUCWEZl+wAK
>CRAqeAcYSpG1iHV6D/9WuPd84oHHl4hyGQ5s7+JKxAW5iw9g7Ur11DQ1R9inSXi0
>4C2JoinyucloRZ0bw0Mewu00qjkuUKsbe7gzUWYwg+Nu0vnxPgMaiSMS49dur/CK
>hpPkN37gt6dJe5mg1Sm5T73upkrrshsXFYU/nsTsCcuRoJdvvk+5tbngn6XTybw4
>KM3pOG8b4Mk7U4HA6Xd3Fm762uRIv9RnSGvpWUBa9ZdJEKWGpz6BCFmv6XrV5KFe
>8vrbx3G6gDXEP/g+AHmHKCAnkWxELHKrXlco2cCySq7uL39OyLsg7pn7m/BncRNS
>UUZ1dYWBRl6IU8eNBAFGzTf+niBs8JV/lK+18noEaXn1ZpQD3rZMNMKLhYaWpHyO
>8W3e5tFRwNY66imOKyBqBruQhNlLrIDzY3EOGK3WoG0aOT3UATKCivElCHwkqi7I
>L1dpE3re2TS0g6/RR/iBilfGiD+bABeDSFS8HgM55vaHcSdQKXmZDNdp9M41P+YM
>r6IE6BZ+WhkmeXgCYhCaaWo1V69fkxHFi7coTBrDU2s0Qk12Ux8t7gORYycJDb0Z
>ByBpiaD2AuCuHu+7wR8s5Ypd82hLeCFK9XW0CneC1Q7me+N2KQZfnrhv5F554OSy
>cwlG1MWx7o6XUjP1CXlVmwtcLHw2fBHUXjz/b9pXAsrLd6umW5Yt3S+VN1zMQQ==
>=5EoN
>-END PGP SIGNATURE-

But you're happy to convince them to install python as well as the stuff you've 
created for them? :)
-BEGIN PGP SIGNATURE-

iQI7BAEBCgAlHhxvc2h3bSA8b3Nod21Ab3Blbm1haWxib3gub3JnPgUCWEbPZwAK
CRAqeAcYSpG1iM66EACrfeI31Hl6oZLt2tXZaURT5+mQ/5OiXJIAqtC/UbxArPxQ
l7L5Kauwe/vuLPg6lxGkD6ML9ZOyy2ucyavmjWWeyoioKIOfT6hC1YxAFpfo9a2K
9W8512t+4Chl0BlShxL11rPpnW1fyAb5MY9l/YuCYj2pDS4HYNBu/jGcIjySzSXA
JgTX5+seW33PRbPwuVZwEnAZw2Mdmhq/PQzW3W22t7M3V2m5aW5VLVJBWA6aRlm6
PnVrO45gF2BuLEEhd7m/sgWYDUOqp6pGs4k2XZ/wcjDfhwsC3LwN8ESgSoodi70G
KfWorDg741gEKHR3M7PWlwUYo5MOAYwnRzDhn7mCI2ppFC9PY8Ffp6NYeOwD2MSO
7pWBcQErkqAOZghHubfde+lbyfaFTXaNFEWFFevQlAYNhbVqkusX+HsIYEZ1xzmg
PCt+SsYO0SNa/6VPRMOVRWFwbZ54tkm0N9gPsJdcEEnW9mz3Oy5cfVti1e6SkiJQ
x+HMH3T+a1wEBzQgxZMVWyxqcu2lkEVqqs574xmOCu4hsPG0SWDxrt3hlXZt1eiH
PZBvM1EqHkm55BnRO8RBa4gBIIqk9yjqfcLb1IHBH2xqqHQhOGFFLAitvy9psgdt
ejf2hM2OfU5RdpCIH5me5u3YnyVi8FS6aXE4nyOjHvaoXsii9BgFO8/3k2uRtA==
=iSCS
-END PGP SIGNATURE-

Re: Intro/Projects

[Cecilia Tanaka]

On Dec 6, 2016 4:09 AM, "Elle Phent"  wrote:
>
> > Charles Fox:
> > I'm not an anarchist
>
> This isn't anarchist list
>
> This is christian conservitive pro-russian list

I am not a "Christian Conservative Pro-Russia" person.  Charles can be
exactly who he wants to be and he is and always will be completely free to
make part of this list, little troll.

Charles, we have members with all kinds of personal and political
convictions.  I like to say it is an "anarchist list" because usually
cypherpunks want deep social and political changes, with no interference of
governments.

Otherwise, you will see a lot of strange and polemic political positions
here.  This list is almost a "Political Kama Sutra", with hundreds of
different positions and some of them are pretty 'curious' or terribly
bizarre, haha!!  ;)

It's The Cypherpunk's Manifesto:  <
http://www.activism.net/cypherpunk/manifesto.html>

"We cannot expect governments, corporations, or other large, faceless
organizations to grant us privacy out of their beneficence."

> > please forgive me.
>
> Only Jebus can forgive you

There is absolutely nothing to be forgiven, Charles.  You have your
personal convictions and you don't need to be an anarchist or the best
mega-hyper-wow-master of cryptography to deserve our respect.

There is no absolute truth or knowledge in the world.  :)

Re: Intro/Projects

[Georgi Guninski]

On Tue, Dec 06, 2016 at 01:43:21AM -0500, Charles Fox wrote:
> Hi Everyone,
> 
> I'm new to the list and to encryption generally. I don't consider myself a 
> good programmer but I needed to learn a little about gpg for work and I'm 
> increasingly curious about it. I had two ideas for things I could build but I 
> want to know if they've already been done/whether they're bad ideas:
> 
> 1) Cloud storage.
> I think it would be relatively easy to write a program where any file I save 
> in folder X automatically gets encrypted and saved to folder Y 
> Box/Dropbox/etc. Any new files saved in Y which my key can open get opened 
> and put in folder X. Since the private key password would be saved for this 
> to work automatically, it would be worthless if someone got on my machine, 
> but if one of the cloud providers gets compromised, all they would have is a 
> collection of encrypted files.
>

AFAIK there are many solutions for this on decent OSes, don't know if
any uses exactly gpg.

Probably it is significantly easier to encrypt at file system level, not
at individual files.

Search the web for "encrypted filesystem cloud" (without the quotes),
there are many results and tutorials.

Re: Intro/Projects

[oshwm]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 6 December 2016 07:08:44 GMT, Elle Phent  wrote:
>> Charles Fox:
>> I'm not an anarchist
>
>This isn't anarchist list
>
>This is christian conservitive pro-russian list
>
>> please forgive me.
>
>Only Jebus can forgive you

I must be on the wrong list then, i am not Christian, conservative or pro any 
nation :D

obviously elle-twat wants to derail your sensible questions.

If your encryption is sufficiently strong (ppl seem happy with AES256, any 
better suggestions) and your random number generator wasn't designed or 
influenced by the NSA then you're likely to keep your information private.

Note that you will then become the weak link and if the information is 
sufficiently important then it will get painful :)

In terms of a Windows (you said Outlook) based remailer then I'd see Windows as 
the weak link, especially if its v7/8 or 10.

Cheers.
-BEGIN PGP SIGNATURE-

iQI7BAEBCgAlHhxvc2h3bSA8b3Nod21Ab3Blbm1haWxib3gub3JnPgUCWEZl+wAK
CRAqeAcYSpG1iHV6D/9WuPd84oHHl4hyGQ5s7+JKxAW5iw9g7Ur11DQ1R9inSXi0
4C2JoinyucloRZ0bw0Mewu00qjkuUKsbe7gzUWYwg+Nu0vnxPgMaiSMS49dur/CK
hpPkN37gt6dJe5mg1Sm5T73upkrrshsXFYU/nsTsCcuRoJdvvk+5tbngn6XTybw4
KM3pOG8b4Mk7U4HA6Xd3Fm762uRIv9RnSGvpWUBa9ZdJEKWGpz6BCFmv6XrV5KFe
8vrbx3G6gDXEP/g+AHmHKCAnkWxELHKrXlco2cCySq7uL39OyLsg7pn7m/BncRNS
UUZ1dYWBRl6IU8eNBAFGzTf+niBs8JV/lK+18noEaXn1ZpQD3rZMNMKLhYaWpHyO
8W3e5tFRwNY66imOKyBqBruQhNlLrIDzY3EOGK3WoG0aOT3UATKCivElCHwkqi7I
L1dpE3re2TS0g6/RR/iBilfGiD+bABeDSFS8HgM55vaHcSdQKXmZDNdp9M41P+YM
r6IE6BZ+WhkmeXgCYhCaaWo1V69fkxHFi7coTBrDU2s0Qk12Ux8t7gORYycJDb0Z
ByBpiaD2AuCuHu+7wR8s5Ypd82hLeCFK9XW0CneC1Q7me+N2KQZfnrhv5F554OSy
cwlG1MWx7o6XUjP1CXlVmwtcLHw2fBHUXjz/b9pXAsrLd6umW5Yt3S+VN1zMQQ==
=5EoN
-END PGP SIGNATURE-