Re: No, it is not.

[Thomas Harning Jr.]

On Wed, Apr 27, 2011 at 4:19 PM, M.R.  wrote:
> For most individuals who really *need* (as opposed to those
> that do it as a matter of ideology or principle) to protect
> their communication, the need to keep confidential who is
> communicating with whom is as important as is the protection
> of the content.
...
GnuPG has a mode to handle this sort of encryption without identification...
While the default is to provide a reference for the key that is usable
to decrypt the message, you can opt to not include this information at
the cost of making the other party take a little more time to decrypt
(it has to scan all of its available keys).

If you want authentication in there as well, you'd just need to wrap
the signature inside the encrypted-body rather than around it.

An example use of this would be to send a message to a bulk mailing
list or post it on the web at a known "drop" point (preventing the
intermediate servers from knowing both parties directly) wrapped as
follows: GPG(encrypt-to-X but dont mention X, GPG(sign-with-Y(msg))

-- 
Thomas Harning Jr.
Support my wife, Jenn, as she runs her first 10k, donations
appreciated... every dollar helps!
http://www.akidagain.org/site/TR/Cincinnati5k10k2011/General?px=1127201&pg=personal&fr_id=1140

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

No, it is not.

[M.R.]

For most individuals who really *need* (as opposed to those
that do it as a matter of ideology or principle) to protect
their communication, the need to keep confidential who is
communicating with whom is as important as is the protection
of the content.

Current "secure computer communication systems" do nothing
for them. WoT is actually a complete antithesis of their
requirements. This is probably why, after all these years,
the fraction of encrypted e-mails remains so minuscule.
Encrypted e-mail between private individuals is today the
province of the enthusiasts instead of those who are in the
need of it.

Mark R.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Updating signature cert-level

[Kevin Kammer]

On Wed, Apr 27, 2011 at 08:59:49AM -0400 Also sprach David Shaw:


Incidentally, it is possible to tweak the trust calculations to take
signature level into account.  GnuPG supports reading a trust "map"
generated by an external process that can use whatever trust rules it
likes.  I don't know of anyone using this ability offhand.


This is the first I have heard of any implementation of the cert level,
whatsoever. Until now, I have never heard of any software using the cert
level in any practical way. That's why, as a previous reply mentioned,
you may want to ask yourself if it's worth the bother.

--
"Le hasard favorise l'esprit préparé."
  --Louis Pasteur

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Passphrase

[David Shaw]

On Apr 26, 2011, at 6:38 PM, Stephen H. Dawson wrote:

> Hi,
>  
>  
> Dire need, hoping for help.
>  
> I have my private and public keys, but you have neither the passphrase nor a 
> revocation certificate.  I need to revoke my published key.  Can they 
> recommend a bash script to discover the passphrase using brute force on the 
> private key?

It depends.  If you have a strong passphrase, you're pretty much out of luck.  
After all, if it was easy to brute force a strong passphrase, it would defeat a 
lot of the point of the crypto here.

That said, frequently when someone forgets their passphrase, they half remember 
it.  They know it starts with such-and-such characters, or that it ends with a 
number, or has a hyphen in there... that sort of recollection.  For those 
cases, there are tools that might be useful to you, since your half memory of 
the passphrase reduces the search space that will need to be brute-force.  If 
you can manage to remember enough of the passphrase, you might be able to use a 
tool like http://www.roguedaemon.net/rephrase/ to brute force the missing parts.

There is also a commercial product from Elcomsoft that claims very fast 
distributed brute forcing.  I haven't tried it myself.  
http://www.elcomsoft.com/edpr.html

David


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keylogers

[Robert J. Hansen]

On Wed, 27 Apr 2011 12:56:19 -0400, Mike Acker 
wrote:

> This is why we need the Software Audit Tool I've discussed at times on
> various boards.  The Software Audit Tool will need to be on a separate,
> read-only, bootable media such as a DVD.  On boot-up it would mount the
> C: drive of the target system and then pull a software inventory. When
> complete this inventory would be audited, checking the data-time stamp
> and CRC of every executable software in the inventory.  This would be
> checked against OEM specifications and system owner's noted.  System
> Owners Notes should specify: what packages are supposed to be on this
> system.

Already exists: a copy of md5deep and the forensics signature database
will do it for you.

Unfortunately, as people have learned, this technique doesn't actually
work -- at least, not reliably.  False positives abound all over the place.
The problem is the signature db: it simply cannot work the way people
think it should.  Some system patches use data from the host system as part
of the patch.  (As an example, your processor ID might be used as a unique
identifier somewhere within the code.)  This means the updated executables
will not have a reproducible hash: each machine will report a slightly
different one.

You can get around this somewhat with fuzzy hashing, but in the main this
is an unresolved problem in computer forensics.  You can easily tell when a
file is known-good, but just because a file isn't on the known-good list
doesn't mean it's bad -- and telling the bad apart from the good is a
Herculean task.

My next door neighbor (okay, so he lives a block away) is pretty big in
the digital forensics community: if you like, I'd be happy to ask him about
the latest research in this the next time we go out for beers (probably
Monday, to celebrate his Sunday marathon).


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Updating signature cert-level

[David Shaw]

On Apr 27, 2011, at 1:25 PM, Kevin Kammer wrote:

> On Wed, Apr 27, 2011 at 08:59:49AM -0400 Also sprach David Shaw:
> 
>> Incidentally, it is possible to tweak the trust calculations to take
>> signature level into account.  GnuPG supports reading a trust "map"
>> generated by an external process that can use whatever trust rules it
>> likes.  I don't know of anyone using this ability offhand.
> 
> This is the first I have heard of any implementation of the cert level,
> whatsoever. Until now, I have never heard of any software using the cert
> level in any practical way. That's why, as a previous reply mentioned,
> you may want to ask yourself if it's worth the bother.

Yes, as I said in the part of the email you didn't quote :)

David


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

HTTPS as well

[Mike Acker]

On 14:59, Robert J. Hansen wrote:
>> yep. Phil Zimmerman noted that in his original essay on PGP.  If you
>> > have a malware infection you can no longer speak to what your computer
>> > is or is not doing.
> In fact, it's quite a bit worse than that.  Your traffic is secure only so 
> long as both endpoints are secure.  Depending on who does the numbers, 
> 15%-30% of all desktops are pwn3d.  Even if your desktop is safe, the odds 
> aren't good the other end will be, too.
>
> There are many reasons why I feel OpenPGP is more or less irrelevant in the 
> world today, outside of some very special case scenarios.  This is one of the 
> big ones: OpenPGP's necessary precondition -- that our endpoints are both 
> securable and secured -- is not met.
>
>
>
>

you are 100% correct.  and this applies to HTTPS as well. also S/FTP

-- 
/MIKE


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keylogers

[Mike Acker]

On 04/27/2011 09:10, Robert J. Hansen wrote:
>> yep. Phil Zimmerman noted that in his original essay on PGP.  If you
>> > have a malware infection you can no longer speak to what your computer
>> > is or is not doing.
> In fact, it's quite a bit worse than that.  Your traffic is secure only so 
> long as both endpoints are secure.  Depending on who does the numbers, 
> 15%-30% of all desktops are pwn3d.  Even if your desktop is safe, the odds 
> aren't good the other end will be, too.
>
> There are many reasons why I feel OpenPGP is more or less irrelevant in the 
> world today, outside of some very special case scenarios.  This is one of the 
> big ones: OpenPGP's necessary precondition -- that our endpoints are both 
> securable and secured -- is not met.
>
>
*That would be 100% correct.*

This is why we need the Software Audit Tool I've discussed at times on
various boards.  The Software Audit Tool will need to be on a separate,
read-only, bootable media such as a DVD.  On boot-up it would mount the
C: drive of the target system and then pull a software inventory. When
complete this inventory would be audited, checking the data-time stamp
and CRC of every executable software in the inventory.  This would be
checked against OEM specifications and system owner's noted.  System
Owners Notes should specify: what packages are supposed to be on this
system.

this is the only way to certify a system: a running system cannot be
used to certify itself.  for those who don't understand this an old and
common malware trick is to replace the directory list program.  when the
system owner types dir c:\windows\*.* the modified dir list program
simply fails to report the presence of the malware programs, instead
adding the space taken by the malware back into the reported
free-space.  the original dir program is hidden someplace on the c:
drive and then reported on the dir list with its orignal directory
info.  if you dump the program out you get this back-up copy; but when
you run it -- the bad copy runs.  the system-- has had a bug purposely
installed,-- one with produces INCOROUT (incorrect output) ,-- it has
been "pwn3d".

Wolfgang Stiller (Stiller Research ) did an inventory program as I've
described -- for DOS.  We need one for Win/7. when we get it we can
begin certifying systems and once that is underway we can begin
identifying failure points which still need corrections.



-- 
/MIKE

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Имя компании

[Simona Kehler]

День добрый! Помогите придумать название для фирмы, будем заниматься
установкой окон в Москве! Друзьям придумали название тут
http://sovetuem.in/main/18-kak-pridumat-nazvanie-firmy.html но нам не
подошло!
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Is the OpenPGP model still useful?

[Robert J. Hansen]

On Wed, 27 Apr 2011 10:11:51 -0400, Charly Avital 
wrote:
> I'm buying.
> 
> May I cross-post and quote, with attribution (CC3 maybe)?

Sure.  Consider it CC BY-ND.  Repost how you like, commercial use OK.  :)


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Is the OpenPGP model still useful?

[Robert J. Hansen]

On Wed, 27 Apr 2011 11:09:00 -0400, "Mark H. Wood" 
wrote:
> o  Media-hopping:  each segment can be treated separately.  The users
>know there is a thread of conversation but the technologies do
>not.  So, is this point relevant?

Yes.  E.g., OpenPGP messages cannot be reduced to fit in an SMS message:
you'd need to break them apart multiple SMS messages.  Different media have
different technical requirements.

>Today the chief difficulty for a state really isn't technical or
>financial, but legal.

Strongly disagree.  Figuring out the difference between signal and noise
seems to be highly nontrivial.

> o  "Encrypt each communication (Facebook post, SMS, whatever) with a
>random 40-bit key.  Throw the key away.  Send it."  Isn't that what
>we do now?

No.  Encryption -- even weak encryption -- is not pervasive.  It's my
position that pervasive weak encryption would make large-scale data
analysis difficult (further hammering the differentiation issue and making
a hard problem harder), while impacting regular users only slightly.

>Or do you mean:  encrypt *everything*; don't ask, just
>make encryption the default for all communication.  I could get
>behind that.  (I've argued for some time that we ought to do away
>with HTTP-not-S, not-S-SMTP, etc. and this just extends the
>argument to another layer.)

My problem with HTTPS, SMTPS, etc., is they typically have scalability
problems.  Asymmetric crypto is CPU intensive.  I'd like to see, e.g.,
HTTPS for commerce, but if I visit Slashdot go to a weaker system that's
not CPU-intensive but would still make mass surveillance problematic.

> o  Just so long as those who *do* care can plug in or wrap on something
>stronger and more manageable if they wish.

Yes, absolutely.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Is the OpenPGP model still useful?

[Werner Koch]

On Wed, 27 Apr 2011 17:09, mw...@iupui.edu said:

> o  Agreed:  OpenPGP is difficult.

Nope.  It is not difficult.  The trust model most of us are using is
difficult to explain and to use properly.  However this model (Web of
Trust) has nothing to do with OpenPGP; it is not even specified in
RFC4880 [1].  You can use OpenPGP with all kind of other trust models;
in fact only some MUAs recently switched to enforce key validation
(i.e. dropping the --always-trust option).

BTW, the discussion is not OpenPGP specific but applies also to S/MIME.
A better subject would have been: "Is desktop to desktop encryption
still useful?".

Shalom-Salam,

   Werner


[1] In contrast, S/MIME is difficult to use because the specs require
the use of an external PKI and a certain trust model - something a
user can't setup simply. (Unless he uses self-signed certificates,
which most email implementations won't grok.)

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Passphrase

[John Clizbe]

Stephen H. Dawson wrote:
> Dire need, hoping for help.
>  
> I have my private and public keys, but you have neither the passphrase
> nor a revocation certificate.  I need to revoke my published key.  Can
> they recommend a bash script to discover the passphrase using brute
> force on the private key?
> 
> Please advise.

Bad news. Sorry. Game over. Unfortunately you're S-o-L.

If it was as easy as a bash script to brute force a passphrase, do you think
people would even consider using PGP?  The passphrase is /intentionally/
designed to resist brute force attacks.

I'm sure programs exist that purport to brute force passphrases. I think that
their success rate, r, is probably somewhere between epsilon and zero.
-- 
John P. Clizbe  Inet:   John (a) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
 mailto:pgp-public-k...@gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Is the OpenPGP model still useful?

[Charly Avital]

Robert J. Hansen wrote the following on 4/27/11 9:48 AM:
> (The subject line may be provocative, but please don't think I'm arguing
> that it's not useful.  I don't know.  I just had an idea a couple of
> days ago, and I figure it might be worth some discussion.)
> 
> 
> 
> OpenPGP takes its origins from ClassicPGP,

I'm buying.

May I cross-post and quote, with attribution (CC3 maybe)?

Thanks.

Charly

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Is the OpenPGP model still useful?

[Mark H. Wood]

Some thoughts:

o  Agreed:  OpenPGP is difficult.

o  Media-hopping:  each segment can be treated separately.  The users
   know there is a thread of conversation but the technologies do
   not.  So, is this point relevant?

o  Who is the attacker?  A government with sufficient motivation and
   money should have little trouble getting carriers to inform them of
   who is involved in a given flow in near realtime (say, by forwarding
   the log streams out of their RADIUS servers), and matching that
   to a watch list is trivial.  These are exactly the people who would
   be doing large-scale collection.  A personal rival probably
   couldn't afford it.  (This is directed at the "distinguishment"
   factor.)

   Today the chief difficulty for a state really isn't technical or
   financial, but legal.

o  "Encrypt each communication (Facebook post, SMS, whatever) with a
   random 40-bit key.  Throw the key away.  Send it."  Isn't that what
   we do now?  Or do you mean:  encrypt *everything*; don't ask, just
   make encryption the default for all communication.  I could get
   behind that.  (I've argued for some time that we ought to do away
   with HTTP-not-S, not-S-SMTP, etc. and this just extends the
   argument to another layer.)

o  Agreed:  most people don't care about most of their messaging.

o  Just so long as those who *do* care can plug in or wrap on something
   stronger and more manageable if they wish.

-- 
Mark H. Wood, Lead System Programmer   mw...@iupui.edu
Asking whether markets are efficient is like asking whether people are smart.


pgpBKtqaT8xV6.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Re: Passphrase

[Sven Radde]

Hi!

Am 20:59, schrieb Mark H. Wood:
> someone probably could suggest a brute-force tool

I tried to respond to this thread already, but somehow mixed up email
settings and my relies appear to be lost, so let's try again:

There's a tool called "nasty" that does 'pure' brute forcing:

It is described as a proof of concept and if your passphrase is worth
its salt (pun intended ;-) it probably won't help you...

However, if you still know some parts of your passphrase, you'd probably
be better off with "rephrase":


(I did not yet have to actually try one of these myself, I simply looked
through Ubuntu's repos for relevant packages.)

HTH, Sven

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Passphrase

[Mark H. Wood]

On Wed, Apr 27, 2011 at 02:29:51AM -0400, Grant Olson wrote:
> Issuing a revocation would be more critical if you thought the key had
> been compromised.  But if the private key inaccessible to everyone,
> including you, I don't think there are any exploits you need to worry about.

Maybe he thinks that the key might be compromised in the future.  It's
still out there.  There is a lot of future left.  He has lost control
of the key.

(I know:  I'm arguing both sides.  I don't have a key guesser to share,
and we don't know enough about the problem as the OP sees it.)

-- 
Mark H. Wood, Lead System Programmer   mw...@iupui.edu
Asking whether markets are efficient is like asking whether people are smart.


pgpK5oiqB4fVj.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Passphrase

[Mark H. Wood]

On Tue, Apr 26, 2011 at 09:37:57PM -0700, Robert Holtzman wrote:
> On Tue, Apr 26, 2011 at 06:38:11PM -0400, Stephen H. Dawson wrote:
> > Hi,
> >  
> >  
> > Dire need, hoping for help.
> >  
> > I have my private and public keys, but you have neither the passphrase nor a
> > revocation certificate.  I need to revoke my published key.  Can they 
> > recommend
> > a bash script to discover the passphrase using brute force on the private 
> > key?
> 
> That would render encryption useless.

Then it's useless.  Because brute force will *always* succeed.  It may
not succeed in your lifetime, however. :-/

To the OP: someone probably could suggest a brute-force tool, but if
your passphrase is strong enough to have been worth using then the
tool would likely run far longer than you care to spend.  That's the
point of having a passphrase.

-- 
Mark H. Wood, Lead System Programmer   mw...@iupui.edu
Asking whether markets are efficient is like asking whether people are smart.


pgpQZw6OOoHzX.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: A better way to think about passwords

[Ben McGinnes]

On 27/04/11 7:04 PM, Aaron Toponce wrote:
> On Sun, Apr 17, 2011 at 03:49:58PM -0700, Doug Barton wrote:
>> Summary: A 3-word password (e.g., "quick brown fox") is secure against
>> cracking attempts for 2,537 years.
>>
>> http://www.baekdal.com/tips/password-security-usability
> 
> I'm just going to drop this here:
> 
> http://www.troyhunt.com/2011/04/bad-passwords-are-not-fun-and-good.html

Nice.  I noticed the author of the first article commented on the second
one too.


Regards,
Ben



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Is the OpenPGP model still useful?

[Robert J. Hansen]

(The subject line may be provocative, but please don't think I'm arguing that 
it's not useful.  I don't know.  I just had an idea a couple of days ago, and I 
figure it might be worth some discussion.)



OpenPGP takes its origins from ClassicPGP, which in turn comes out of a 
military threat model of the sort that was more or less standard policy 
everywhere from WW2 forwards:

Attackers can apply significant resources to interception, and they already 
know who they want to intercept
Communication technicians are trained, skilled and motivated
Communication channels are centrally defined and structured
Communiqués must be secure for decades or more

There are other elements, but these four are what interest me right now.  
OpenPGP defends quite neatly against point one, point two explains why it's 
okay for OpenPGP to have a learning curve like the Matterhorn, the Web of Trust 
(which is to say, a loose confederation of CAs) follows from point three, and 
long-term security is point four.

Now, while there are still environments in which those four criteria hold, the 
modern day seems to mostly be governed by four different principles:

Attackers need distinguishment more than interception
Defenders are unskilled and perhaps incompetent
Communication channels are ephemeral, media-hopping and ad hoc
Most people don't care if an individual email — or even a series of them — gets 
compromised

"Distinguishment versus interception" may need some explanation.  Intercepting 
communications is not very hard: finding what communications need to be 
intercepted is a labor of Hercules.  We are, figuratively speaking, drowning in 
a sea of irrelevant and useless data.  The major task is not being able to read 
the information, but being able to pick signal out from noise.  Distinguishment 
— differentiating signal from noise — is more important than interception — 
picking up the signal once you know what it is.

With respect to communication channels being ephemeral, media-hopping and ad 
hoc: today it's not unusual for a conversation to begin in SMS, hop to 
Facebook, migrate to email, and finish on IM.  Whatever tool we use to secure 
our messages needs to be as media-agile as our conversations.

And finally, most people simply don't care if their emails get read.  Open a 
stand outside a McDonald's offering "FREE BIG MAC AND FRIES FOR YOUR EMAIL 
SERVER PASSWORD" and see how many coupons you give away.  Odds are good that 
the loudest voices of outrage would come from Burger King and Wendy's, and 
they'd shut up once you set up booths outside their restaurants, too.[*]



... So, finally, here's my Modest Proposal.  Encrypt each communication 
(Facebook post, SMS, whatever) with a random 40-bit key.  Throw the key away.  
Send it.  The only way for your recipient to recover the key is to brute-force 
the message.  By our existing standards this would be absolutely crazy: and 
yet, it would foil large-scale Hoovering of email messages (adding that work 
factor to each email message would make large-scale analysis difficult), would 
address point 2 by getting rid of the learning factor ("install this plugin and 
that's all you have to do"), would address point 3 by being broadly applicable 
over a large swath of the problem domain, and if someone recovers a particular 
message anyway... well, as point 4 shows us, "meh."

(Note: if the phrase "Modest Proposal" wasn't enough of a giveaway, this is not 
a serious proposal.  It's a thought experiment, just something I found to be 
interesting enough to spend a few minutes contemplating.)






[*] Some years ago while teaching a computer literacy class, I had the 
undergrads reading David Brin's "The Transparent Society."  In it, Brin 
suggests offering a free Big Mac with a mouth swab and driver's license, and 
plugging these DNA samples into a database of unsolved crimes.  He cheerfully 
argues there are no privacy concerns since it is so obviously a bad idea, and 
yet people will voluntarily choose to do it anyway despite knowing it's stupid. 
 The class had a good talk about this.  The next Monday a couple of students 
talked to me after class.  "After class last week, we went down to the Pita 
Pit.  We were sitting around talking about how stupid Brin's idea was and how 
he was wrong and nobody would be that stupid ... and then we realized we were 
saying this while we were filling out credit-card applications in order to get 
a free pita."  When I asked them what they did next, they shrugged.  "We felt 
kind of stupid.  But we filled them out, got our free pita, and started talking 
about something else."

You can lead a horse to water, and you can even give the horse a straw, but...


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keylogers

[Robert J. Hansen]

> yep. Phil Zimmerman noted that in his original essay on PGP.  If you
> have a malware infection you can no longer speak to what your computer
> is or is not doing.

In fact, it's quite a bit worse than that.  Your traffic is secure only so long 
as both endpoints are secure.  Depending on who does the numbers, 15%-30% of 
all desktops are pwn3d.  Even if your desktop is safe, the odds aren't good the 
other end will be, too.

There are many reasons why I feel OpenPGP is more or less irrelevant in the 
world today, outside of some very special case scenarios.  This is one of the 
big ones: OpenPGP's necessary precondition -- that our endpoints are both 
securable and secured -- is not met.



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Keylogers

[Mike Acker]

On 14:59, Faramir wrote:
>   If there are key loggers involved, then you are toasted, even if the
> passwords are kept inside your mind instead of a password database. At
> the moment you type them, they would be captured. Of course, we might
> say it is better to lose one password at a time, and not the whole
> database, but... well, I guess it's a personal decision (unless you have
> to follow some policy).

yep. Phil Zimmerman noted that in his original essay on PGP.  If you
have a malware infection you can no longer speak to what your computer
is or is not doing.

which is why we need that software inventory tool.

-- 
/MIKE



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Updating signature cert-level

[David Shaw]

On Apr 27, 2011, at 5:11 AM, Aaron Toponce wrote:

> On Tue, Apr 26, 2011 at 01:12:00PM -0700, Doug Barton wrote:
>> I think you can delsig, then sign again. The keyservers would have
>> both, but hopefully client software (like gpg) would be smart enough
>> to use the more recent? I would imagine that revoking a signature
>> and then signing again would make it worse instead of better?
>> 
>> Meanwhile, add ask-cert-level to your gpg.conf.
> 
> This is what I ended up doing. I deleted the signature, and resigned.
> Further, I've added 'ask-cert-level' to my gpg.conf, for future signings.
> And, out of curiosity, I checked the signatures on my own key, and found
> them all to be cert level '0', which I was a bit bummed about. Oh well.

Given the people involved in a key signing (the signer, the signee, and a third 
party who sees the signature later), more than anything else, it's an 
informational (only) message from the signer to the third party.  Since by 
default it doesn't really change how the key signature is interpreted (that is, 
level 2 == level 3 == level 0), most people don't bother to set one.

Incidentally, it is possible to tweak the trust calculations to take signature 
level into account.  GnuPG supports reading a trust "map" generated by an 
external process that can use whatever trust rules it likes.  I don't know of 
anyone using this ability offhand.

David


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: A better way to think about passwords

[Aaron Toponce]

On Sun, Apr 17, 2011 at 03:49:58PM -0700, Doug Barton wrote:
> Summary: A 3-word password (e.g., "quick brown fox") is secure against
> cracking attempts for 2,537 years.
>
> http://www.baekdal.com/tips/password-security-usability

I'm just going to drop this here:

http://www.troyhunt.com/2011/04/bad-passwords-are-not-fun-and-good.html

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o


signature.asc
Description: Digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: A better way to think about passwords

[Aaron Toponce]

On Tue, Apr 26, 2011 at 07:47:55PM -0300, Faramir wrote:
>   Indeed. In fact, I keep some passwords on paper, just in case I can't
> use my password manager (like the password to access the site where I
> stored the password manager database backup. It doesn't include the
> passphrase to open the backup, just in case).

https://passwordcard.org

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o


signature.asc
Description: Digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Updating signature cert-level

[Aaron Toponce]

On Tue, Apr 26, 2011 at 01:12:00PM -0700, Doug Barton wrote:
> I think you can delsig, then sign again. The keyservers would have
> both, but hopefully client software (like gpg) would be smart enough
> to use the more recent? I would imagine that revoking a signature
> and then signing again would make it worse instead of better?
>
> Meanwhile, add ask-cert-level to your gpg.conf.

This is what I ended up doing. I deleted the signature, and resigned.
Further, I've added 'ask-cert-level' to my gpg.conf, for future signings.
And, out of curiosity, I checked the signatures on my own key, and found
them all to be cert level '0', which I was a bit bummed about. Oh well.

Thanks for the help!

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o


signature.asc
Description: Digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users