Re: [Enigmail] ALLOW PASTING
On 06.07.17 15:12, Lancon Erocan wrote: > Hi, > I know there is indeed security issue on auto-filling, but there is no > reason to disallowing pasting. In that case I have no mean to input a > /*REALLY */secure password generated from my password manager. > Pls, /*DO NOT*/ F**K with pasting. There is no need to be rude. This is even more true given that your complaint was addressed to the wrong people. The passphrase dialog is part of GnuPG, not Enigmail -- telling us will not be heard by those in charge of GnuPG. -Patrick signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] ALLOW PASTING
Hi, On 06.07.17 15:12, Lancon Erocan wrote: > Hi, > I know there is indeed security issue on auto-filling, but there is no > reason to disallowing pasting. In that case I have no mean to input a > /*REALLY */secure password generated from my password manager. > Pls, /*DO NOT*/ F**K with pasting. Please moderate your tune. This not considered the right vocabulary here. Alos, you're barking up the wrong tree: Enigmail does NOT supply the Pinentry dialog. Ludwig signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] ALLOW PASTING
> I know there is indeed security issue on auto-filling, but there is no > reason to disallowing pasting. There are several, in fact. The moment you enter a passphrase into the clipboard it becomes available to any other process -- including, say, your web browser, which is currently parked on a webpage hosting malware that's watching for activity. If you want this to change, bring it up with GnuPG, not Enigmail. The pinentry dialog comes from them; we have no influence over it. Further, swearing at people who are giving you software for free, and answering your questions for free, doesn't do very much to encourage us to continue doing these things for free. Finally, I routinely enter a passphrase that's 128 bits of random noise encoded in base64. It was a bit of a headache to memorize, but it's certainly possible. ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] ALLOW PASTING
On Thu 2017-07-06 17:35:21 +0200, Ludwig Hügelschäfer wrote: > On 06.07.17 15:12, Lancon Erocan wrote: >> I know there is indeed security issue on auto-filling, but there is no >> reason to disallowing pasting. In that case I have no mean to input a >> /*REALLY */secure password generated from my password manager. >> Pls, /*DO NOT*/ F**K with pasting. > > Please moderate your tune. This not considered the right vocabulary > here. Alos, you're barking up the wrong tree: Enigmail does NOT supply > the Pinentry dialog. fwiw, many newer versions of pinentry tend to allow pasting, but given that Lancon hasn't mentioned even what platform he's using (let alone which pinentry or which version) i don't know how to help him debug. Lancon, if you don't feel like cursing any more, feel free to follow up over on gnupg-us...@gnupg.org with details about your system and we can have a discussion about pinentry and the copy/paste mechanism. Regards, --dkg signature.asc Description: PGP signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net