Re: It's time for PGP to die.
On 19-08-2014 22:49, Robert J. Hansen wrote: And do they get it or will the government just ignore the supreme court? I could literally list *dozens* of cases where the Supreme Court told Congress and the President no on subjects where Congress and the President insisted they would only take yes for an answer. In each case that I'm aware of, the Supreme Court won the argument handily. Ah yes, the supreme court has had its say. Now the question is, do the prisoners at Guantanomo Bay notice anything of it? Or will they still be tortured, have no access to lawyers and get still no fair trial and the right to sue for damages if they win after many years of imp[risonment without any formal case? -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Wednesday 20 August 2014 at 7:04:23 AM, in mid:53f43a67.1030...@vulcan.xs4all.nl, Johan Wevers wrote: Now the question is, do the prisoners at Guantanomo Bay notice anything of it? Or will they still be tortured, have no access to lawyers and get still no fair trial and the right to sue for damages if they win after many years of imp[risonment without any formal case? Not to mention having first been abducted and forcibly transported halfway round the world. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net A closed mouth gathers no foot -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlP0QSdXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pdLcEAJlXSLYUxcm1QeZ+439MFZoZAyb5phu1hB5P vlwNDT7F5rmUdK+7lmgkBH4ySBwjimW5I7dflQjwP4BwNJo07SoiPBoJXWdZcJSx qqq5zEfowfxXkDw+FQwITgiLaeL0+05woa9VR2pHSYdBH0Rl5XjXNz4cBxRa2Na5 iKs/T0Z4 =Vb6j -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 8/20/2014 2:04 AM, Johan Wevers wrote: Ah yes, the supreme court has had its say. Now the question is, do the prisoners at Guantanomo Bay notice anything of it? Yes, as you could discover by checking interviews with their lawyers. ... have no access to lawyers ... Of course, checking interviews with their lawyers might disturb your narrative. smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On Aug 18, 2014, at 3:21 PM, Robert J. Hansen r...@sixdemonbag.org wrote: At least for US persons, iirc the protection doesn't extend beyond that? No, the Fourth Amendment protects all people within U.S. borders equally. Americans get no special protections over visitors to the country. The Fourteenth Amendment makes this clear. It was added to The Constitution after the American Civil War because southerners who were opposing reconstruction claimed that the former slaves did not have constitutional rights because they were not citizens. To be more precise, constitutional rights apply to “…all persons within the jurisdiction of the United States.” In a more recent event, the Supreme Court ruled that Guantanamo Bay is in the jurisdiction of the United States and, therefore, the detainees moved there gained the protection of The Constitution. signature.asc Description: Message signed with OpenPGP using GPGMail ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 18 August 2014 at 7:11:57 PM, in mid:53f241ed.4050...@sixdemonbag.org, Robert J. Hansen wrote: If you're a witness to a crime, you can be compelled to testify about what you see. Yes, but they can't make you remember accurately what you saw, or tell you what to say. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net Amateurs built the ark. Professionals built the Titanic. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPznQhXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pTuoD/RAU5zkY+d60HJlTpLtQAW4NS4FB2KhlNGzP srzm8iRsfPDH1K9jabFaxq/llGrlBK7DOPmGddMwe9ty4FXvW0Mep5YOo/0ubnUk 6pX3822P7pFCKCMNcGAuV+SKIUr/EBxrEUM2NNV00efqiyiukqKtVppMFDc1qEdG Ljoz7ig6 =9q7P -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 19-08-2014 17:10, James Platt wrote: In a more recent event, the Supreme Court ruled that Guantanamo Bay is in the jurisdiction of the United States and, therefore, the detainees moved there gained the protection of The Constitution. And do they get it or will the government just ignore the supreme court? -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 18 August 2014 at 8:21:06 PM, in mid:53f25222.1040...@sixdemonbag.org, Robert J. Hansen wrote: No, the Fourth Amendment protects all people within U.S. borders equally. Americans get no special protections over visitors to the country. Do people at a border crossing point count as being within the borders? - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net Puns are bad but poetry is verse. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPzoplXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pCeID/1mH059v5L/9psR+zFB1tdJVK05sceROanmo 7PK43SJ98/d4uYD6mMZryGSwYpNhMzCqUOJrmxex6pTJZ2InINYt9ZvyQxYDysiM IWMbhuFyYzetxO2FWtkjnWowNQ1th4Tx4F034kAV2NrwBJMSDXhc03eIYGSDKysK Av0I3acr =Pdnf -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 19.08.2014 um 21:16 schrieb MFPA: Hi On Monday 18 August 2014 at 8:21:06 PM, in mid:53f25222.1040...@sixdemonbag.org, Robert J. Hansen wrote: No, the Fourth Amendment protects all people within U.S. borders equally. Americans get no special protections over visitors to the country. Do people at a border crossing point count as being within the borders? As far as I know, at (international) airports the answer is no. There is a zone (that can be extended at will*), where you are basically in no mans land. I think that relates to the word transit zone[0] A search for airport transit zone might get you some better information. [0] https://en.wikipedia.org/wiki/International_zone * see also Snowden and his whereabouts during the phase were he applied for asylum -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlPzpooACgkQ/6vdZgk46shoFgCfc2qWkoQDDkCAH2cy/FtEH3e6 cpQAnjoh/s+VWS3wzNpbPwx9Yhb1LQBY =7VNg -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Mon, Aug 18, 2014 at 10:43:49PM -0400, Robert J. Hansen wrote: On 8/18/2014 9:32 PM, Bob Holtzman wrote: There are quite a few ways police and prosecutors can coerce a suspect to hand over his encryption key(s). Your examples which involve coercion are illegal, and the ones that are legal do not involve coercion. Dangling the prospect of a lighter sentence under the poor bugger's nose Not coercion. Prosecutor: We know you have an encrypted drive partition with a lot of child porn on it. Give up your passphrase and we'll reduce it to ten counts of possession and drop the intent to distribute, and we won't object to sentences running concurrently. Which, of course, carries the implied threat of not reducing it to ten counts and objecting to concurrency if he doesn't come across with the keys. Not coercion? Defendant: ... that sounds really good. Or, alternately, imagine the defendant is innocent of the charge: Defendant: I can't accept that deal. I'm innocent of that. (True: if you're innocent of the charge, you're not allowed to plead guilty to it. You might be able to talk the judge into accepting an Alford, but it'd be an uphill battle.) ...and if the prosecutor is hungry for another conviction to aid in his political ambitions it's Katy bar the door and the hell with the truth. BTW what's an Alford? Or, alternately, imagine the defendant is guilty, but only of eight counts of possession: Defendant: No deal. I'll take my risks in court. Good luck producing these 'thousands of images' you're talking about. or conversely, threatening to come down hard, perhaps going for a death penalty. Grossly illegal, in violation of the canons of legal ethics, So is hiding exculpatory evidence. Of course prosecutors would never do such a thing, right?right? and wil get an attorney disbarred. If caught. Some were caught and are still practicing. It made the papers. http://usatoday30.usatoday.com/news/washington/judicial/2010-09-22-federal-prosecutors-reform_N.htm http://reason.com/archives/2009/08/17/innocent-man-freed-but-shabby There are a bunch more. Don't confuse Law Order re-runs with real life. Give me some credit, pal. The DA is allowed to threaten prosecution of only those crimes the DA reasonably believes a person violated, and the DA is expressly forbidden from using the threat of the death penalty to persuade someone to taking a lesser sentence. What should be and what is isn't always the same. The surrender of a suspect's keys would be voluntary and therefore constitutional. In your first example yes, in your second example no. Don't get me wrong: prosecutors have a lot of power, and I personally believe they have too much power with too little accountability. However, it's not a de-facto state of tyranny, either. Of course not. Some prosecutors are real, live, human beings with consciences. Others...pregnant pause As always, my best advice for people facing legal problems is shut up and get a lawyer. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Bob Holtzman Giant intergalactic brain-sucking hyperbacteria came to Earth to rape our women and create a race of mindless zombies. Look! It's working! signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
Not coercion? Nope. That's a trade. Passphrase coercion is like so: you will produce the passphrase, or you will sit in jail until you decide to produce the passphrase, and we're just fine if you sit in there the rest of your natural life, and once we get the passphrase then we'll decide whether we want to prosecute you further, and if we do then your time sitting in jail while deciding to cough up the passphrase won't count against whatever prison term you ultimately get. What the prosecutor is offering there is, you will plead guilty to lesser charges, but I'm only willing to do this if you're willing to show me the full extent of your illegal activities, so cough up the passphrase so I can verify it for myself. When you're facing coercion, you're not getting anything out of the trade. When you agree to something as part of a plea agreement, you do. Or maybe you think that you should be allowed to get a plea deal just by showing up, without cooperating with the State in any way? BTW what's an Alford? http://lmgtfy.com/?q=alford+plea So is hiding exculpatory evidence. Of course prosecutors would never do such a thing, right?right? The vast majority of prosecutors would not. Some would, and in such cases I think the doctrine of prosecutorial immunity should be waived. Snark is not serious argument. There are a bunch more. So what? There are a bunch of prosecutors. If even 1% of prosecutors are corrupt -- which would make them on balance a bunch of saints by the standards of the rest of society -- that's still a large number. The fact there are a large number of abuses is kind of unsurprising given a country with over 300 million people. It's the law of large numbers: one-in-a-million events literally happen thousands of times a day. Don't confuse Law Order re-runs with real life. Give me some credit, pal. You're the one who didn't know what an Alford plea was. Just sayin'. Please note: I'm not saying prosecutorial abuse doesn't happen, that it's not a problem, or that we haven't vastly overcriminalized our civil life. But this paranoid fantasy some people have going, where they believe *every* prosecutor is corrupt... that's just childish. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Tuesday 19 August 2014 at 10:05:23 PM, in mid:53f3bc13.8040...@sixdemonbag.org, Robert J. Hansen wrote: What the prosecutor is offering there is, you will plead guilty to lesser charges, but I'm only willing to do this if you're willing to show me the full extent of your illegal activities, so cough up the passphrase so I can verify it for myself. When you're facing coercion, you're not getting anything out of the trade. In my opinion that is pure semantics. The situation you described can be characterised as the prosecutor telling the accused that they will suffer X regardless, plus the threat that they will additionally suffer Y if they refuse to co-operate. That seems to resemble the definition of Coercion [0]:- The action or practice of persuading someone to do something by using force or threats. [0] http://www.oxforddictionaries.com/definition/english/coercion - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net No matter what a man's past may have been, his future is spotless. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPzxDJXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5ph5kD/0q4ZWtNYVLRdgmtcCv877H8fV+o0yaoC2Ud h4nkA/K9kEC8ILA9QLhYOnLB7cpXwwATWAsLCgDTOHmK7R+raQANQKfAXnxaDKaR 9k/CfoSyUsB7+eXinVrIjRq7ELMhnRbMsBsPhS8mEKcz2p8wCafC3HkW5CuHYRvx RewEIzom =9Mhf -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
In my opinion that is pure semantics. In other news, water is wet, bricks are heavy, and politicians lie. Yes, it's pure semantics. It's *law*. What, were you expecting something else? Wake up and realize the essential nature of what you're talking about: law is *all about* formalism, syntax, semantics. If you think law is other than this, then -- well -- this conversation just ceased being worth my time. Discussing law with people who complain about semantics is like discussing biology with Creationists. The situation you described can be characterised... The great thing about liberty is everyone has the right to an opinion. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Tuesday 19 August 2014 at 11:48:29 PM, in mid:53f3d43d.2030...@sixdemonbag.org, Robert J. Hansen wrote: Yes, it's pure semantics. It's *law*. What, were you expecting something else? Fair comment, but what has been described as bargaining is still coercion. The great thing about liberty is everyone has the right to an opinion. It had to be good for something. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net To know what we know, and know what we do not know, is wisdom. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPz24RXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pshsEAI5Zg1+T2KqDdeVsAOx63fsYukAi4hCDOsj1 REqcD0ChkBXRxTo0o2He2WQKo5Ojst5jPSlbGRqnkJz5DC9jkS9JwvTyTLye7r/W Fn+t4r9pgO7yH/fJl2KEhvlq/hxI1iMQTHbIZXHczONrVwUUUFZsEG3jxuLku7dt uNiTe+TU =FtsL -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 17-08-2014 22:42, Robert J. Hansen wrote: The only time production of a passphrase is permitted is when it lacks any testimonial value. And who determines wether it has any testimonial value? That sounds like a fine legal loophole to pressure someone into telling the passphrase. In those cases where the US government is actually interested in paying lip service that it will obey the law that is - they could just as easily declare you an illegal combattant or something like that and just torture it out of you. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On Sun, Aug 17, 2014 at 10:14 PM, Robert J. Hansen r...@sixdemonbag.org wrote: Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. But even if they weren't, the problem is that OpenPGP protects such a small part of the problem that it is hard to justify the additional time and effort to users. If the revelations of the last year have proved anything, it is that most computer systems are vulnerable at a very deep level to all kinds of sophisticated attacks. In that context, where the underlying operating systems themselves are so vulnerable, OpenPGP really doesn't solve very much for most users. Supposing the following threat model (which I think corresponds to how must people use email): - physical security of hardware. - the need for secure communication contents (but the fact of the communication is not secret). - connection of the computers to the internet. - attackers who are interested in the content of the communication and who are willing to launch electronic attacks to get it. OpenPGP would be an ideal solution for the actual transmission in this scenario -- except that there is simply no operating system that can be trusted to be a secure platform upon which to run OpenPGP. There will always be a weaker link than the encryption, and so the right solution for most users is not to send confidential information by email at all. Now, there are still plenty of uses for OpenPGP, but they tend to be niche ones with particular threat models and especially motivated users. To expect mass-adoption of a tool with only niche uses is not reasonable. It doesn't mean that the project is a failure. N. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
I read an article or something a while back stating the legal theory that if your passphrase is an admittance to a past crime, to hand over said passphrase would constitute as having said testimonial value and you could get away with not disclosing the passphrase. But it is just legal theory, and I am no expert in law, american law, or even cryptography. So what happens in practice is anyone's guess really. On 18 August 2014 07:01:46 BST, Johan Wevers joh...@vulcan.xs4all.nl wrote: On 17-08-2014 22:42, Robert J. Hansen wrote: The only time production of a passphrase is permitted is when it lacks any testimonial value. And who determines wether it has any testimonial value? That sounds like a fine legal loophole to pressure someone into telling the passphrase. In those cases where the US government is actually interested in paying lip service that it will obey the law that is - they could just as easily declare you an illegal combattant or something like that and just torture it out of you. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Sent from my Android device with K-9 Mail. Please excuse my brevity.___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 8/18/2014 5:04 AM, Rob Ambidge wrote: I read an article or something a while back stating the legal theory that if your passphrase is an admittance to a past crime, to hand over said passphrase would constitute as having said testimonial value and you could get away with not disclosing the passphrase. That's one of the exceptions, yes. Basically, if the fact you know something would tend to implicate you in the commission of a crime, then you can't be compelled to reveal that you know it. Whether it's a passphrase or a safe combination makes no difference. There are a lot of nuances and exceptions here. This isn't legal advice. If you need legal advice, ask a real lawyer, not an internet mailing list... smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On Mon, 18 Aug 2014 10:04:54 +0100, Rob Ambidge stated: I read an article or something a while back stating the legal theory that if your passphrase is an admittance to a past crime, to hand over said passphrase would constitute as having said testimonial value and you could get away with not disclosing the passphrase. But it is just legal theory, and I am no expert in law, american law, or even cryptography. So what happens in practice is anyone's guess really. On 18 August 2014 07:01:46 BST, Johan Wevers joh...@vulcan.xs4all.nl wrote: On 17-08-2014 22:42, Robert J. Hansen wrote: The only time production of a passphrase is permitted is when it lacks any testimonial value. And who determines wether it has any testimonial value? That sounds like a fine legal loophole to pressure someone into telling the passphrase. In those cases where the US government is actually interested in paying lip service that it will obey the law that is - they could just as easily declare you an illegal combattant or something like that and just torture it out of you. Much of the discussion has been about what analogy comes closest. Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings. The entire article is available here: http://www.cnet.com/news/judge-americans-can-be-forced-to-decrypt-their-laptops/ -- Jerry ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 8/18/2014 2:01 AM, Johan Wevers wrote: And who determines wether it has any testimonial value? Johan, we're entering paranoid fantasy here. If you truly believe the whole of the USG is corrupt, and that our independent judiciary is in cahoots with a corrupt Executive and Legislature in order to systematically violate people's rights, well... then I think I'm going to need to stop talking with you, which I regret. :( smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Sun, Aug 17, 2014 at 12:41:52AM +0100, Nicholas Cole wrote: On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen r...@sixdemonbag.org wrote: [snip] OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in this blogpost: OpenPGP can't protect your metadata, and that turns out to often be higher-value content than your emails themselves are. Further, exposed metadata is inherent to SMTP, which means this problem is going to be absolutely devilish to fix. That is true. But perhaps it would be a start if email clients actually put the actual email (with subject and references headers etc.) as an attachment to a bare email that contained only the minimal headers for delivery. It wouldn't be a perfect solution, but it would at least fix a certain amount of metadata analysis. Perhaps it would be a start if sites providing SMTP would turn on STARTTLS. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Mon, Aug 18, 2014 at 09:59:33AM -0400, Mark H. Wood wrote: Perhaps it would be a start if sites providing SMTP would turn on STARTTLS. STARTTLS does not encrypt mail. It only provides safe passage over the network. It is also client/server encrypted and decrypted. Thus, an administrator with root at an SMTP server can view the mail once the mail transfer is decrypted. Also, many big mail vendors have already enabled SSL/TLS/STARTTLS, such as Google, Yahoo, and Microsoft. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o pgprklDx6SXoi.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Mon, Aug 18, 2014 at 08:15:49AM -0600, Aaron Toponce wrote: On Mon, Aug 18, 2014 at 09:59:33AM -0400, Mark H. Wood wrote: Perhaps it would be a start if sites providing SMTP would turn on STARTTLS. STARTTLS does not encrypt mail. It only provides safe passage over the network. Sure, it does encrypt mail. My SMTP has mail from me to deliver. It contacts an SMTP that it thinks can get the mail closer to its addressee. My SMTP sends STARTTLS, the receiving SMTP agrees, they handshake, and the rest of the session, including MAIL FROM, RCPT TO, and my mailgram following the DATA, is encrypted over the wire. It is also client/server encrypted and decrypted. Thus, an administrator with root at an SMTP server can view the mail once the mail transfer is decrypted. As is often said here, what's your threat model? Keeping nonprivileged people out of the transaction is worthwhile, if I am worried about mail being spied on in transit. STARTTLS greatly reduces the number of parties who could just read email metadata if they have access to the wire. Sysadmin.s take a risk if they are prying into the mail spool -- they could be discovered. Governments, too, may judge that the cost of exposure of such activity is worth more than the advantage of doing it. But I wouldn't depend solely on STARTTLS for securing email any more than I am satisfied to depend solely on encrypting the message body with OpenPGP or similar means. I believe in making the bad guys take as much time, create as much mess, and make as much noise as I can compel. It costs almost nothing to make as much trouble as possible for snoopers, and it's interesting work, so why not do it? Also, many big mail vendors have already enabled SSL/TLS/STARTTLS, such as Google, Yahoo, and Microsoft. You mean those webmail thingies that I never use? There's so much we don't know about their security practices that I wasn't even thinking about such services. My remark was focused on the scenario above: there is a local MUA, a local MTA and a remote MTA. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On Sun, Aug 17, 2014 at 10:41:27AM +0100, da...@gbenet.com wrote: Time to die? Well after 20 years I think it is all very academic - professors sit in class rooms the world over - not much common sense comes out of their mouths. The real issues are: (a) do we want to implement our own security on our own devices as a geek or Yes. I know what tools I used and how I used them. (b) have some automated pre-installed software that will create all that's necessary at first boot or No. I have no idea what it actually did. (c) rely on some large corporation to handle the encryption and decryption for us Same answer as (b). -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Mon, Aug 18, 2014 at 12:24:43PM -0400, Mark H. Wood wrote: Sure, it does encrypt mail. My SMTP has mail from me to deliver. It contacts an SMTP that it thinks can get the mail closer to its addressee. My SMTP sends STARTTLS, the receiving SMTP agrees, they handshake, and the rest of the session, including MAIL FROM, RCPT TO, and my mailgram following the DATA, is encrypted over the wire. The connection is encrypted, not the mail itelf. SSL/TLS behave like a tunnel. The end result is the same, but the details are different. Much like on OpenSSH tunnel, where SSH does not know anything of the data moving through the tunnel, STARTTLS knows nothing about the data going through its tunnel. You mean those webmail thingies that I never use? There's so much we don't know about their security practices that I wasn't even thinking about such services. My remark was focused on the scenario above: there is a local MUA, a local MTA and a remote MTA. No, I mean the POP3S/IMAPS/SMTPS/MAPIS protocols your MUA, and other SMTP MTAs connects to. Not HTTPS. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o pgp2Xw45OQOkz.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 18-08-2014 11:04, Rob Ambidge wrote: But it is just legal theory, and I am no expert in law, american law, or even cryptography. So what happens in practice is anyone's guess really. I've seen what happens in practice: some group of people was accused of organized growing of hennep. They arrested a lot of people, then dropped the charges against some minor members of the gang. And then they became witnesses and had to testify. Considering what could happen to them if they talked they suddenly all had amnesia... -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 18-08-2014 14:31, Robert J. Hansen wrote: And who determines wether it has any testimonial value? Johan, we're entering paranoid fantasy here. If you truly believe the whole of the USG is corrupt, Well, I see some ridiculous sentences of US judges published here, but I realize that only the most stupid ones reach the press here. However, since US law has something called subphoena, which I consider a grave violation of the right to remain silent, I have not much trust in US law. And as I described in another reply, I've seen in practice what they do to make someone testify: drop charges against person 1 so he can be declared witness against person 2. and that our independent judiciary is in cahoots with a corrupt Executive and Legislature in order to systematically violate people's rights, That seems to be what Snowden showd. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
(OT) It's time for PGP to die.
On 18/08/14 19:28, Johan Wevers wrote: And then they became witnesses and had to testify. Considering what could happen to them if they talked they suddenly all had amnesia... Classic prisoners dillemma! You know, they should arrest a whole lot of these groups, and in a controlled setting try this many times. For science! ;P Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 17/08/14 23:14, Robert J. Hansen wrote: But let's be real careful about thinking we are in any way better than other people. We're not. I completely agree with that statement but never read any disrespect in the mail you are replying to. It /can/ be read that way, I agree. So it might be good to point it out, as you did. If a new email cryptography standard comes out that's significantly better than GnuPG, do you think Werner is going to sit around drinking Tanqueray straight out of the bottle because nobody's using GnuPG anymore? I don't. I think he'll cheerfully send GnuPG off into maintenance, applaud the new standard, and volunteer to help with a free implementation of the new standard. [...] When (not if) GnuPG dies out, the only question will be, is this on balance good for people? If so, then let's be thankful GnuPG existed, celebrate its passing, and cheerfully move on. Thank you for that! It was something that bothered me about the blog post. If the writer then and there came with a great new successor to OpenPGP and put the title OpenPGP needs to die above his article that then goes on ... because here is my killer application, then I would congratulate him. Now it's nothing but hot air. OpenPGP doesn't need to die; who is it bothering by merely existing? What has OpenPGP ever done to him? Present large blocks of base64 at the bottom of a mail? :) Something better needs to live. That's the opposite of what he is saying. What a negative Nancy. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
Well, I see some ridiculous sentences of US judges published here, but I realize that only the most stupid ones reach the press here. However, since US law has something called subphoena, which I consider a grave violation of the right to remain silent, I have not much trust in US law. Err -- *what* right to remain silent? No country has a universal right to remain silent. If you're a witness to a crime, you can be compelled to testify about what you see. If you're in possession of documents that are relevant to a police investigation, you can be ordered to produce them, and so on and so on. That's the subpoena duces tecum in a nutshell, right there. Keep in mind that the idea of a subpoena duces tecum is so uncontroversial that it's been formalized in *two* separate Hague conventions: the Hague Service Convention and the Hague Evidence Convention. If you don't have trust in U.S. law because we have the subpoena duces tecum, you should have no more faith in Dutch law... That seems to be what Snowden showd. Been nice talking to you, Johan. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On Aug 18, 2014, at 7:13 AM, Jerry je...@seibercom.net wrote: The entire article is available here: http://www.cnet.com/news/judge-americans-can-be-forced-to-decrypt-their-laptops/ As the article says, the question of whether the 5th Amendment applies to passphrases remains unclear. There have been conflicting rulings in various other cases. The article also mentions the issue of inspections at border crossings which are not criminal investigations. I discussed this a while back with an ACLU lawyer and his take was that the border crossing is more like civil law than criminal law. In a civil case, you can assert a 5th Amendment right but then still be compelled to testify (including disclosure of passphrases) if they grant you immunity from criminal prosecution for anything revealed by the testimony. In this way, the 5th amendment can not protect you from civil liability. So, if the ACLU lawyer is correct, then you can assert a 5th amendment right at a border crossing to not decrypt your laptop, they could then compel decryption of the laptop on condition of giving you immunity from prosecution. We use PGP whole disk encryption for laptops which have HIPAA regulated data on them. Doctors here have raised questions about whether it’s right for border agents to get access to this data. signature.asc Description: Message signed with OpenPGP using GPGMail ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
Something better needs to live. That's the opposite of what he is saying. What a negative Nancy. (Long anecdote, but I promise, it's relevant.) = I live maybe ten miles away from the world's largest firearms museum. When I first moved to this area a couple of years ago I figured I'd take a look around and see what it was like. While there, I got the chance to see an original M-16 rifle from *1959* -- before it had even been accepted for military service. The museum curator explained to me that the original rifle from 1959 was the product of extremely strict requirements. The strictest was, it couldn't mass more than 2.7 kilograms. The rifle was built to meet this seemingly-impossible weight target, and many of the worst defects of the rifle were in reality triumphs of engineering that let them reach this goal. For instance: the M-16 feeds hot gases directly from the barrel back into the action in order to tap some of that energy to cycle the action and chamber a new round. The AK-47 has the hot gases operate on a piston, and the piston in turn works the action. This has the effect of the AK-47 being much more reliable than the M-16, since it isn't channeling hot gas and gunpowder residue directly back into the weapon. For the last 50-odd years, people have called the M16's direct gas impingement operation Eugene Stoner's biggest blunder. The reality was, the AK-47's piston-style arrangement is *heavy*, and they had a 2.7-kg weight limit... so by doing it this way, they saved about 200 grams of weight. That's a big deal when your total allowed mass is 2.7 kilos. That it had an unpleasant effect on the reliability, everyone knew... but everyone also knew that if they hadn't done it, there's no way they would've hit 2.7kg. Today, when the basic M-16 model weighs in at 3.8kg (they waived the 2.7kg limit in the 1980s), it's easy to look at the defects and start criticizing Eugene Stoner's biggest mistake. When you've got a 3.8kg rifle there's no excuse for direct gas impingement. When your rifle is 3.8kg, the direct gas impingement can only be thought of as a terrible blunder. But it didn't start out that way. = There's a big difference between saying, this needs to die, and something better needs to live, I agree. I find myself wishing, though, that before people said either of them they would give more thought to why *this particular thing* came to live in the first place. Because I keep on thinking about that walk through the National Firearms Museum, and seeing that old M-16, and hearing the curator explain that everything people hated about it were actually features demanded by the government, and it would have never been adopted -- much less been so successful -- without those defects. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
The article also mentions the issue of inspections at border crossings which are not criminal investigations. A U.S. appellate court recently ruled that inspections of laptop contents at border crossings violated the Fourth Amendment. It's currently being appealed, but so far the tea leaves are the Supreme Court won't touch it and will instead simply let the appellate decision stand. Just FYI. :) signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 08/18/2014 09:03 PM, Robert J. Hansen wrote: The article also mentions the issue of inspections at border crossings which are not criminal investigations. A U.S. appellate court recently ruled that inspections of laptop contents at border crossings violated the Fourth Amendment. It's currently being appealed, but so far the tea leaves are the Supreme Court won't touch it and will instead simply let the appellate decision stand. Just FYI. :) At least for US persons, iirc the protection doesn't extend beyond that? - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - Potius sero quam numquam Better late then never -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJT8k5sAAoJEPw7F94F4TaguwkP/j2m6HBdFskiyQtcriEfMOus +uaOCoSQOXyoF1G/PZILne66o1PkrMgjd4K7I1Mzg5CvI061V0YAjlskwMo5/y3J 92hZivc14GMdusk6ozhLtnd+lP2V6XUUfuxoPOJJ+jwlpnMMfb5iliCg6GmVm2FI iQN1UY7+VpJVHebnT2vkYPAmIBrzFkJ3F7lJKo0uNygPwa0LK4EWq7oOWCRLAiOC sDOQYM3L4RDt1bx2VWQcH9Sp/O6gNJMJb1/E0o/0i25owtiO77F7IM8AWMA3H69Y G2FJTfs32sCcIG93OQftdZIGjLKa9+LiqrMVvcZvMmbubtkB37DSScZJNDrVKGik fhBV3wUL7XfJ3SRoaHN9oAX8wb+B/2tyB0eGy9Fmt6A2InO5KRDC5Su+qld/f1xi CqbuICZ0b/EDzSVewanRVPWj7uNHg61Cn+3UdnFE0QT4iMGX9wKq+P5abEyenG6p u+hwD62g8QsWtBtALe+SIObwXTXJtK/9HvKZT7sUm4ygzB+rjy7W3Lwi2pFOCMR0 E0IZST/Kh7g7acbhrkrvWlWgSChNFfHQErL64IHckeATVudgHVw1346oQZoNBtvq cn3vgU+4x84Oh/K1n8T1/k2nUejVy2InMqwTcuHFEJpxV5D2Agw2yF3XUJBT9HaU Nrok4Vu1aNVRB2aWMOsl =0WAA -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
At least for US persons, iirc the protection doesn't extend beyond that? No, the Fourth Amendment protects all people within U.S. borders equally. Americans get no special protections over visitors to the country. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 18-08-2014 20:11, Robert J. Hansen wrote: Err -- *what* right to remain silent? No country has a universal right to remain silent. If you're a witness to a crime, you can be compelled to testify about what you see. Yes, unfortunately. If you're in possession of documents that are relevant to a police investigation, you can be ordered to produce them, and so on and so on. No, not here. When the police thinks I have such documents they can get a search order, but if they can't find them and I remain silent it's too bad for them. I am not in violation of any law when I don't give them, not even when they later find out I did have them. Same for when I would destroy or encrypt said documents after I found out the police was looking for them. Keep in mind that the idea of a subpoena duces tecum is so uncontroversial that it's been formalized in *two* separate Hague conventions: the Hague Service Convention and the Hague Evidence Convention. Perhaps, but the Dutch law doesn't wortk like that. If you don't have trust in U.S. law because we have the subpoena duces tecum, Not ONLY because of that. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die
Once a crisp and nicely implementable asynchronous protocol with forward secrecy comes up, however, we should have it implemented immediately.(The synchronous ones are easy, of course.) Whispersystems has done a good job with Textsecure as ar as I read the opinions about it. In practice their application is very usable too, except that MMS does not work in some circumstances (but who uses that anyway in 2014?) Think about implementing forward secrecy for a moment and imagine, you had to develop a forward secret PGP(actually in my opinion it should properly be called backward secrecy for that matter.) You have to keep track of all one to one communications with their current status of shared secrets. This is much more data to be kept secret than without fs. In fact depending on your activity possibly so much more that simply enciphering the whole database would not be efficient anymore. You would have to use a random access cipher (like e.g. in truecrypt). You dont have it yet? Then you have to code it - a formidable task- or get it from some other source. Just in case - do you trust the other source...? And if you have a random access cipher, what amount of information is visible to the intruder just from viewing the outer structure and its reaction to activity of this random access database cipher? How do you deal with simultaneously maintaining one to one communications that exchange messages 10 times a day as well as comms that talk to each other once every other year. This is a problem if you have a systen that changes public keys on a time basis. You will have to delete info regarding dead communication strands to keep the database compact. What time do you set to declare a strand dead? How do you recover if messages were lost or if a deleted strand suddenly is reanimated by your peer? How do you recover without opening a soft flank to attackers who want to highjack the strand? How do you detect it when a strand was highjacked by a MITM-Attack? How do you deal with highly asymmetric communication strands, once a year into one direction, twice a day into the other direction? How about a busy strand where one strand sends two messages in rapid succession and resets his timer in between and the messages arrive in reversed order? How do you recover in this case? How do you synchronize databases if a user wants to sustain the one to one communication using different systems(e.g. office PC - netbook-smartphone) intermittingly. I can go on and on and on. To me this IS like opening a can of worms. And I seriosly doubt if the pain is worth the reward(forward secrecy). Matthew Green mentions the Axolotl protocol and TextSecure(which you refer to in your post as well) as a product that uses it. Well if TextSecure/Axolotl -which I havent used and dont seriously know yet- solved all these problems satisfactorily and securely I bow in humble adoration(seriously). You should have a look at the Axolotl protocol https://github.com/trevp/axolotl/wiki First look at the humongous state variable! Then it takes about 60 lines of description where a standard public key protocol would take about 5. From studying the protocol, you can see that some of the above mentioned problems might be solved, yet we dont know how it stands against a brilliant attacker. The sheer complexity makes me feel very uneasy. In my view, the axolotl protocol has the elegance of transporting water in a bucket with twenty something holes, where each hole got a cork plugged into it. I wouldnt want to code it. By the way - Green (rightfully) critizises PGP for bad defaults (e.g. using SHA1) yet he praises TextSecure which heavily relies on SHA1. This leaves me baffled. Cheers, Michael Anders ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Sun, Aug 17, 2014 at 04:42:52PM -0400, Robert J. Hansen wrote: Unfortunately most of us do. Including the US, UK and the Dutch are aklso pushing for such laws. Speaking only for the U.S., this is not the case. Dream on. The United States Constitution protects an individual's right not to testify against themselves. If the production of a passphrase would have any kind of testimonial value, then such production cannot be ordered. The only time production of a passphrase is permitted is when it lacks any testimonial value. There are quite a few ways police and prosecutors can coerce a suspect to hand over his encryption key(s). Dangling the prospect of a lighter sentence under the poor bugger's nose, or conversely, threatening to come down hard, perhaps going for a death penalty. The surrender of a suspect's keys would be voluntary and therefore constitutional. Even if the role production serves is testimonial, if it's voluntary, and the statement the poor sod is required to sign will so state, it's constitutional (I think). Don't forget, even non-testimonial key surrender can be used to build a body of evidence. DISCLAIMER: I'm not a lawyer and the above is opinion only. Many people look at one particular case and say, hey, production was required in that case, clearly the U.S. can compel you to produce!, or production wasn't required in that case, clearly the U.S. can't compel you to produce! The reality is different. You need to look at the role the production serves. Testimonial in nature? Nope, forbidden. Non-testimonial? Yep, permitted. -- Bob Holtzman Giant intergalactic brain-sucking hyperbacteria came to Earth to rape our women and create a race of mindless zombies. Look! It's working! signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 8/18/2014 9:32 PM, Bob Holtzman wrote: There are quite a few ways police and prosecutors can coerce a suspect to hand over his encryption key(s). Your examples which involve coercion are illegal, and the ones that are legal do not involve coercion. Dangling the prospect of a lighter sentence under the poor bugger's nose Not coercion. Prosecutor: We know you have an encrypted drive partition with a lot of child porn on it. Give up your passphrase and we'll reduce it to ten counts of possession and drop the intent to distribute, and we won't object to sentences running concurrently. Defendant: ... that sounds really good. Or, alternately, imagine the defendant is innocent of the charge: Defendant: I can't accept that deal. I'm innocent of that. (True: if you're innocent of the charge, you're not allowed to plead guilty to it. You might be able to talk the judge into accepting an Alford, but it'd be an uphill battle.) Or, alternately, imagine the defendant is guilty, but only of eight counts of possession: Defendant: No deal. I'll take my risks in court. Good luck producing these 'thousands of images' you're talking about. or conversely, threatening to come down hard, perhaps going for a death penalty. Grossly illegal, in violation of the canons of legal ethics, and will get an attorney disbarred. Don't confuse Law Order re-runs with real life. The DA is allowed to threaten prosecution of only those crimes the DA reasonably believes a person violated, and the DA is expressly forbidden from using the threat of the death penalty to persuade someone to taking a lesser sentence. The surrender of a suspect's keys would be voluntary and therefore constitutional. In your first example yes, in your second example no. Don't get me wrong: prosecutors have a lot of power, and I personally believe they have too much power with too little accountability. However, it's not a de-facto state of tyranny, either. As always, my best advice for people facing legal problems is shut up and get a lawyer. smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 16.08.2014, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. [] The use of PGP/GPG depends entirely on the respective needs and and context. For me, it has been working perfectly in many years, and thus, what's described in this article is a good example for theory which doesn't affect practice. At least in my case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 17/08/14 08:57, Heinz Diehl wrote: On 16.08.2014, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. [] The use of PGP/GPG depends entirely on the respective needs and and context. For me, it has been working perfectly in many years, and thus, what's described in this article is a good example for theory which doesn't affect practice. At least in my case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users I've been using gnupg for many many years. I have 199 users in my key ring and 99.99 per cent are untrusted. A fact that I for one do not mind. You don't trust my key is from me - right? Trust is relative - you have all been here for many many years - but I will not sign keys from you as trusted. Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. They just go into PC World and buy what they like. There is No Microsoft pre-loaded security features built-in and so end users have no idea about encrypting their emails - and no easy way to instantly share keys between users. There is no automatic key generation at the point of switching the computer on for the very first time and then sharing your key with millions of other people. Same with so-called smart phones and tablets - there is no automatic simple key creation and automatic posting to a secure key server. We make an effort - but I have very very few friends that I have had to install gnupg on their computers - every one I know knows nothing about computers. While we are concerned with our rights to private communication - concerned with NSA GCHQ 99.99 per cent of the world's population while having a general or non-existent idea of security have no idea of what they should do. We fiddle while Rome burns. After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. No wonder Yahoo and Google (who can not be trusted) are providing solutions to end users who are completely ignorant. Can you imagine the horror of Microsoft entering the market? That thought scares me to death. But we have to face the fact that Microsoft has a hold on hard drive manufacturers - in that they are all sold with a version of Windows on them. What is required is that at first boot up of a computer an Iphone or an Itablet whatever a programme needs to run that will install and create a set of keys automatically. Your public key will automatically be sent to key servers. If there are any bugs security holes - then updates should be automatic. Time to die? Well after 20 years I think it is all very academic - professors sit in class rooms the world over - not much common sense comes out of their mouths. The real issues are: (a) do we want to implement our own security on our own devices as a geek or (b) have some automated pre-installed software that will create all that's necessary at first boot or (c) rely on some large corporation to handle the encryption and decryption for us Will global encryption and de-cryption of all emails and there attachments be fully automatic? The implications for security and intelligence services are a real head ache but who cares!! Some countries do not allow encryption by law and those that do will change their laws to have access to All private keys or face long term jail sentences. All governments are against the people. GNUpg would have a great future if the developers had greater vision. We are in a very very tiny minority of people. So small we are insignificant. The use of gpg will die out because we are ALL getting a bit long in the tooth. Service providers will make their own solutions available simply as an added end-user benefit but without any legal binding on their own security. We know that the NSA and GCHQ would be horrified by the thought of every one in the entire world encrypting their emails. They have a vested interest of keeping it under their control. The fact is 99.99 per cent of the world's population does not know gnupg exists. Or GPG4WIN. Perhaps when we are all in our 90's we will say Oh gpg was a good idea, pity it did not catch on. David -- “See the sanity of the man! No gods, no angels, no demons, no body. Nothing of the kind.Stern, sane,every brain-cell perfect and complete even at the moment of death. No delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com 0xAAD8C47D.asc Description: application/pgp-keys ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Mail header encryption (was Re: It's time for PGP to die.)
On 17/08/14 03:05, Garreau, Alexandre wrote: Well, afaik, there’s *no* MIME header which is required for delivery However, in practice, MTA's, and specific configurations of MTA's, might depend on headers in the mail: - Spam filtering setups. Enough said. - Microsoft Exchange[1] is not an RFC2822-based messaging system. When interfacing through SMTP, POP3 or IMAP, messages are converted to and from X.400. And then there is the problem of RFC 6409, Message Submission for Mail, which specifies that the SMTP server receiving the message from the user (in other terms, the MSA receiving the message from the MUA) /is/ allowed to alter the message. I see a very nice example in the RFC which could be a problem with your proposal: 8.1. Add 'Sender' The MSA MAY add or replace the 'Sender' field, if the identity of the sender is known and this is not given in the 'From' field. The MSA MUST ensure that any address it places in a 'Sender' field is, in fact, a valid mail address. And as a very specific example, I can't get my Exim server to interface to Spamassassin without acting as an MSA to Spamassassin. This means it will invariably add missing 'Date' and 'Message-ID' headers to any mail delivered to me. This would not be a problem for what you're proposing; I'm just pointing out that in practice, some unexpected issues might crop up. (maybe RFC says there is, but currently mail servers accepts mails with no headers at all) The ones acting as MSA's will usually add them, though. Then things like the subject, the date, the message-id, the list of attached things, etc. would be protected. The date is usually the same as the moment it is passing through the internet. A monitoring adversary doesn't learn anything worthwhile. The Message-ID by itself doesn't seem interesting to me. However, when combined with the In-Reply-To and References headers, it can be very interesting. That makes less metadata, but it still leaks the more important: recipient and receiver. Yes, it only solves minor issues but leaves the major one untouched. Peter. [1] I'm unsure if there are versions that are pure RFC2822. AFAIK, all Exchange servers are prone to mangling your message, whether that's caused by X.400 conversions or not. Of course, Microsoft often knows better than RFC's, and treats MUST NOT as purely optional. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On Sun, 17 Aug 2014 01:08, r...@sixdemonbag.org said: this blogpost: OpenPGP can't protect your metadata, and that turns out to often be higher-value content than your emails themselves are. Further, exposed metadata is inherent to SMTP, which means this problem is going to be absolutely devilish to fix. Right; this is an SMTP thing (RFC-821). However SMTP is only for transport and the content format RFC-822 defines a simple way to encapsulate messages in other messages: Content-Type: message/rfc822. Using this feature it is possible to keep the entire RFC-822 based mail infrastructure while using a different transport mechanism. This can be done mostly transparent for existing applications using a private or corporate gateways. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 17/08/14 11:57, Werner Koch wrote: Using this feature it is possible to keep the entire RFC-822 based mail infrastructure while using a different transport mechanism. This can be done mostly transparent for existing applications using a private or corporate gateways. So basically what you're suggesting is: - MUA's still work with RFC-822 based mail, with a sort of dummy envelope that holds an encrypted MIME message/rfc822 inside with the real metadata. These MUA's still talk IMAP and SMTP. - We define a new transport; the message the MUA hands via SMTP is not sent on with SMTP, but with a different transport that's not quite as leaky with metadata. This transport ultimately delivers the message to a mailbox server allowing access over IMAP for the MUA. Did I interpret it correctly? Regards, Peter. BTW: I still think hop-by-hop encryption with TLS, with the certificates authenticated through something different than the CA system, goes a long way in thwarting mass surveilance. For massive, passive data trawling surveilance, even the CA system combined with ephemeral TLS keying might be enough, since it requires a MITM to intercept TLS with a fake certificate. Ephemeral keys just to be on the safe side :). -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 17.08.2014, da...@gbenet.com wrote: Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. They just go into PC World and buy what they like. Looking around where I live and work, nearly nobody is even able to install Windows itself, and software installation is mainly done by IT specialists. I agree that this phenomenon is caused at least halfways by ignorance. How would these people ever be able to use GPG? The anwer is: they would if they would care - but they don't. I've got nothing to hide, so why bother? (*). These people won't use GPG, even if they were capable to do so. Even in the light of the recent spying on the privacy of the general public. I've got nothing to hide, so I can be sure that they didn't that to me. You won't change those peoples attitudes and perception - ever. We make an effort - but I have very very few friends that I have had to install gnupg on their computers - every one I know knows nothing about computers. While we are concerned with our rights to private communication - concerned with NSA GCHQ 99.99 per cent of the world's population while having a general or non-existent idea of security have no idea of what they should do. We fiddle while Rome burns. I'm afraid this won't change. After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. This is a global phenomenon wrt the information society. Knowledge as a capacity for action has never worked. The know-do gap, failing in getting evidence into action, is well documented (**). No wonder Yahoo and Google (who can not be trusted) are providing solutions to end users who are completely ignorant. Giving the people what they want is a common marketing strategy. This is not about security, it's all about binding the customers. Time to die? Not for me. Never. I appreciate to be able to have at least a little bit of privacy when communication via the Internet. Even if the use of GPG encrypted email is limited to 4-5 persons. It's worth every word written, in every email. The implications for security and intelligence services are a real head ache but who cares!! I also care about the personnel working for my uplink who is tempted to snook in other peoples email. Some countries do not allow encryption by law and those that do will change their laws to have access to All private keys or face long term jail sentences. They fear their own population, because they lie and misbehave. Unfortunately, this is nothing new either. GNUpg would have a great future if the developers had greater vision. We are in a very very tiny minority of people. So small we are insignificant. The use of gpg will die out because we are ALL getting a bit long in the tooth. It won't. At least not for me. We (= the people using it) have never been more. I'm quite sure this won't change. Service providers will make their own solutions available simply as an added end-user benefit but without any legal binding on their own security. We know that the NSA and GCHQ would be horrified by the thought of every one in the entire world encrypting their emails. Provider encryption is useless if you don't trust your provider. It's like letting your private key get handled by somebody else who does the decryption for you. The fact is 99.99 per cent of the world's population does not know gnupg exists. Or GPG4WIN. Perhaps when we are all in our 90's we will say Oh gpg was a good idea, pity it did not catch on. And that's where the big providers like Go*gle and Yah*o step in. Wonder why they exactly came on with that after Snowden (and others) blowed the whistle? Now, at least some are frightened they could be a target for spying and surveillance, and the big providers give them what they need... Just my 5ø. (*) http://tinyurl.com/45xpmjr (**) http://www.inco.hu/inco3/kozpont/cikk0h.htm ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
I share most of Greene's arguments agaist PGP to a limited extent, however, he seems strongly biased against it. There are two points, in which I strongly disagree with Greene: A) For me forward secrecy is not of utmost importance for asymmetric end to end mail encryption. Your private key is compromized if your system has been hacked(if you don't live in a police state where authorities can force you to reveal it). Most likely the important private messages will still reside on your system then, so they are leaked anyways in this case. So there is limited gain by implementing forward secrecy. So the complaint about lacking forward secrecy is exaggerated in my eyes. Nevertheless, there do exist solutions for asynchronous message exchange with forward secrecy and we need to have an eye on them and watch out for new publications on these. At present IMHO they are awkwardly difficult to implement and maintain and just keeping a watchful eye on them seems perfectly reasonable today. Once a crisp and nicely implementable asynchronous protocol with forward secrecy comes up, however, we should have it implemented immediately.(The synchronous ones are easy, of course.) B) A minor point. Greene complains, that in PGP securing ciphers with a MAC is not enforced in the standard. For an asymmetrically enciphered message IMHO it does not make any sense whatsoever, to secure message authenticity with a MAC. A correct MAC is proof that the message has not been altered by someone not knowing the symmetric key. But knowledge of the symmetric key doesn't prove anything since it is essentially a random number selected by the unauthenticated sender. So a correct MAC in a RSA cipher just proves that the sender is the sender - so what? (I know that many people disagree with me on this point, yet I have never heard a convincing argument for the MAC in an asymmetric cipher.) If you want authenticity, you have to have the message or cipher be digitally signed by the sender. For me the critcism of PGP is clearly unfair regarding this second aspect. Regards, Michael Anders ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 17-08-2014 17:08, Michael Anders wrote: Your private key is compromized if your system has been hacked(if you don't live in a police state where authorities can force you to reveal it). Unfortunately most of us do. Including the US, UK and the Dutch are aklso pushing for such laws. Once a crisp and nicely implementable asynchronous protocol with forward secrecy comes up, however, we should have it implemented immediately.(The synchronous ones are easy, of course.) Whispersystems has done a good job with Textsecure as ar as I read the opinions about it. In practice their application is very usable too, except that MMS does not work in some circumstances (but who uses that anyway in 2014?) -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Sunday 17 August 2014 at 10:41:27 AM, in mid:53f078c7.2060...@gbenet.com, da...@gbenet.com wrote: I've been using gnupg for many many years. I have 199 users in my key ring and 99.99 per cent are untrusted. A fact that I for one do not mind. You don't trust my key is from me - right? Trust is relative - you have all been here for many many years - but I will not sign keys from you as trusted. I suspect that percentage is only slightly over-stated. (-; For most of my communications, if the person has told me their email address and it works, that's good enough for me. Use of GnuPG adds encryption, and signing if we should want it. The Web of Trust adds nothing in this usage case. Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. They just go into PC World and buy what they like. There is No Microsoft pre-loaded security features built-in and so end users have no idea about encrypting their emails - and no easy way to instantly share keys between users. There is no automatic key generation at the point of switching the computer on for the very first time and then sharing your key with millions of other people. Why would you want to automatically share your key with millions? You would hope not to receive email from millions, and at first boot your computer does not know your email address. Same with so-called smart phones and tablets - there is no automatic simple key creation and automatic posting to a secure key server. If that did happen, whose control would the server be under? Would it provide security or an illusion of security? After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. No wonder Yahoo and Google (who can not be trusted) are providing solutions to end users who are completely ignorant. Is this mainly advertising hype, and there will still be limited take-up? Can you imagine the horror of Microsoft entering the market? That thought scares me to death. Wasn't that what you were advocating with automatic key generation at the point of switching the computer on for the very first time? But we have to face the fact that Microsoft has a hold on hard drive manufacturers - in that they are all sold with a version of Windows on them. What is required is that at first boot up of a computer an Iphone or an Itablet whatever a programme needs to run that will install and create a set of keys automatically. Your public key will automatically be sent to key servers. Why on earth would we want that? (a) do we want to implement our own security on our own devices as a geek or (b) have some automated pre-installed software that will create all that's necessary at first boot or (c) rely on some large corporation to handle the encryption and decryption for us What's the difference between (b) and (c) for a Windows or Mac user? - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net Learning without thought is naught; thought without learning is dangerous. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPxC8pXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pUAoD/2BxQsjaN2/+HAHsCI+XNLLuWLSOzVivOF5Q G+Xr55o3puBmzoT7NkAPYQSPe/brVtcqQ+4cH+ofjAhbcXyp8OeMhlBSJGm1zkjT m8quXFxvXVAqBjUeitXmt0/GX9Mm9JK+Bojyv1jhdfpLAHYvF23UkkTM3+pVWu/z E+SfcNNL =7b6U -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. Completely ignorant is an overstatement. Few people today are completely ignorant about software and hardware. Most people do not have the sort of knowledge about computers that I'd like, but... you know what I realized a few weeks ago? I was watching a janitor mop a floor... without leaving footprints in anything. It struck me because I mopped my kitchen floor recently and wound up with soapy water all over my shoes and tracked it through some of my apartment before I realized what I was doing. I mean to go back to that janitor sometime soon and ask him, hey, man, you look like you know how to mop a floor correctly: what am I doing wrong? The janitor probably doesn't know the minimum voltage to flip a transistor (200mV, usually) and couldn't build an adder out of NAND gates if his life depended on it. I can't mop a floor without tracking soapy water throughout my place. Kind of puts in perspective which one of us is the ignorant one, you know? Saying most people today know very little about computers is true, and it deserves to be said. But let's be real careful about thinking we are in any way better than other people. We're not. There is No Microsoft pre-loaded security features built-in Microsoft has a *ton* of security features built into their operating systems. Post-XP, Microsoft radically overhauled their kernel and started enabling a ton of useful features. DEP, ASLR, enabling some of the cool security features of the x64 architecture... In the XP and Win2K days, yes, Microsoft's security was a joke and it deserved to be mocked. It has not been that way for several years now. After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. Considered reading any of the available peer-reviewed papers that have explored why this is the case? But we have to face the fact that Microsoft has a hold on hard drive manufacturers - in that they are all sold with a version of Windows on them. No, Microsoft doesn't. Walk into a Best Buy, a Fry's Electronics, or whatever store you choose, and it's *easy* to find hard drives that aren't pre-loaded with Windows. GNUpg would have a great future if the developers had greater vision. Then fork the source code and code up your own vision. The use of gpg will die out because we are ALL getting a bit long in the tooth. So what? If a new email cryptography standard comes out that's significantly better than GnuPG, do you think Werner is going to sit around drinking Tanqueray straight out of the bottle because nobody's using GnuPG anymore? I don't. I think he'll cheerfully send GnuPG off into maintenance, applaud the new standard, and volunteer to help with a free implementation of the new standard. If GnuPG dies out because nobody cares about privacy, I'm not going to mourn the loss of GnuPG. I'm going to mourn how nobody cares about privacy any more. GnuPG is useful and good only to the extent that it is a useful and good thing for human beings. *People* are the important thing. The authors hope GnuPG will help people. But, by itself, GnuPG is ... really rather pointless. When (not if) GnuPG dies out, the only question will be, is this on balance good for people? If so, then let's be thankful GnuPG existed, celebrate its passing, and cheerfully move on. Perhaps when we are all in our 90's we will say Oh gpg was a good idea, pity it did not catch on. The good ideas in computer science are overwhelmingly rejected. The ones that endure are usually really bad ones. Compare the Intel 80x86 architecture against *any* of its competitors, for instance. x86 Assembler makes me bleed through my eyeballs and beg for the sweet sweet release of death. It isn't MIPS or PA-RISC or PowerPC or any of the literally *dozens* of superior architectures I've worked with over the years. And yet, x86 won in the marketplace. I think everyone on this list who has more than ten or so years of experience in the industry will have their own tales of technological woe. Good technologies get rejected, and then ten years later they get rediscovered and renewed. Look at VMS and UNIX. UNIX won the server wars of the '80s and early '90s and completely crushed VMS... up until VMS came back as Windows NT. Now, VMS has won the desktop, where UNIX is completely dead... except for how UNIX got re-resurrected a few years ago as OS X, and as the Mac desktop it's making a strong showing. Good technologies rarely win, but they almost always get re-adopted later. It's a cycle. :) (No, I'm not kidding regarding Windows NT/VMS. The parallels between them are *profound*. The same guy, Cutler, designed both, and the Windows desktops that most people use nowadays are direct descendants of VMS!)
Re: Fwd: It's time for PGP to die.
Unfortunately most of us do. Including the US, UK and the Dutch are aklso pushing for such laws. Speaking only for the U.S., this is not the case. The United States Constitution protects an individual's right not to testify against themselves. If the production of a passphrase would have any kind of testimonial value, then such production cannot be ordered. The only time production of a passphrase is permitted is when it lacks any testimonial value. Many people look at one particular case and say, hey, production was required in that case, clearly the U.S. can compel you to produce!, or production wasn't required in that case, clearly the U.S. can't compel you to produce! The reality is different. You need to look at the role the production serves. Testimonial in nature? Nope, forbidden. Non-testimonial? Yep, permitted. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Sunday 17 August 2014 at 10:14:51 PM, in mid:53f11b4b.1040...@sixdemonbag.org, Robert J. Hansen wrote: I was watching a janitor mop a floor... without leaving footprints in anything. It struck me because I mopped my kitchen floor recently and wound up with soapy water all over my shoes and tracked it through some of my apartment before I realized what I was doing. I mean to go back to that janitor sometime soon and ask him, hey, man, you look like you know how to mop a floor correctly: what am I doing wrong? To mop a floor (or, indeed, to concrete a floor) you start at the opposite end to the door you will leave through and you work towards the door, keeping off the bit you have already done. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net It is easy to propose impossible remedies. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPxIb5XFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5p7wgD/RWd4o+hxCKgRTs1kZwU2lF6Ky3+oU6I9Yw/ luXgAFzuFbLo84MEDLByAxuDvtViIr9JY7ScGTcWGbWqtU9/npm/MMEaqp0UeUqJ uC9Zg6eAB4qeTlimxDQWf2i+Y1yyws09Nq2/sIaHEqXM5E4dwBLYPOtFnEWjkHhL 9p33zSUu =Fk1y -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
To mop a floor (or, indeed, to concrete a floor) you start at the opposite end to the door you will leave through and you work towards the door, keeping off the bit you have already done. Yes. And somehow, I keep on getting soapy water on my shoes. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
It's time for PGP to die.
Sorry for that crap subject. I just want to leave this. http://blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.html Regards, Chambers ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 2014-08-16 at 19:14, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. http://blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.html Yeah, PGP’s what I’d call something coming with and for the “old” Internet, the slow, federated, cleartext, client–server, monocast and sedentary one. Another critique: http://secushare.org/PGP. But if you really want to fix all these issues, what you need is not improving PGP/GnuPG, but rebuilding the whole Internet. That’s not the goal of GnuPG, you’d better give a look at GNUnet. To fix these issues, it doesn’t only plan to replace GnuPG, but also mail, IRC, jabber, web forums, web itself, HTTP(S), newsgroups, FTP, bittorrent, TLS, DNS(SEC), TCP–UDP/IP, BGP, and quite everything that you could imagine in Internet, which is all fundamentally completely broken, obsolete and way excessively complicated, if you try to see things from this point of view. Yet PGP hides some information in a more secure way than cleartext, is usable by the people who need it the most and is part of our internet tech culture. So waiting during we try to rebuild and revolution the world again, it stays fine to keep using it, but we need to know its deficiencies, and to take care of who, how, when, where and why to teach it. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 8/16/2014 1:14 PM, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. Meh. Color me unimpressed. * PGP keys suck. No, asymmetric key infrastructure sucks in general. OpenPGP provides no infrastructure, only tools with which to build infrastructure. If your organization doesn't build its infrastructure, that's not OpenPGP's fault. * PGP key management sucks. Sigh. Ditto. * No forward secrecy. Not everyone needs PFS, and frankly, obsession with PFS is one of those things I really wish people would grow out of. Before complaining about what OpenPGP needs or where it's lacking, try looking at where OpenPGP has been broken in the real world. Hint: PFS ain't a panacea. * The OpenPGP format and defaults suck. Good Lord, no. As Jon Callas pointed out recently on the OpenPGP working group list, there's a big difference between what the standard *requires* and what implementations are encouraged to *use*. Most implementations have moved far beyond minimal conformance with the standard. The standard exists so that there is a common minimal core that all clients can conform to: the reality is the two biggest players (PGP and GnuPG) both go *far* beyond the defaults. * Terrible mail client implementations. Again, unimpressed. Consider his criticism that most OpenPGP-enabled mail clients store passphrases in memory for longer than he'd like. Well, one, this is easily configurable via gpg-agent, and two, *so what*? If an attacker is in a position where he or she can read arbitrary memory locations on your PC, you're completely screwed anyway and there's nothing OpenPGP can do to help you. * So what should we be doing? I'd start by ignoring the recommendations. Do your own homework on where OpenPGP fails and how, and start thinking about how to fix those. The author falls into the trap of knowing how to fix A, B, and C, and so he wants to fix A, B, and C, without realizing the real problems are X, Y and Z. OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in this blogpost: OpenPGP can't protect your metadata, and that turns out to often be higher-value content than your emails themselves are. Further, exposed metadata is inherent to SMTP, which means this problem is going to be absolutely devilish to fix. smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Fwd: It's time for PGP to die.
On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen r...@sixdemonbag.org wrote: On 8/16/2014 1:14 PM, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. Meh. Color me unimpressed. This was a terrific post. Thank you, Robert. [snip] * No forward secrecy. Not everyone needs PFS, and frankly, obsession with PFS is one of those things I really wish people would grow out of. Before complaining about what OpenPGP needs or where it's lacking, try looking at where OpenPGP has been broken in the real world. Hint: PFS ain't a panacea. I agree people are obsessed with this, and it is unhealthy. I think the name doesn't help. I've seen various definitions. http://en.wikipedia.org/wiki/Forward_secrecy This means that the compromise of one message cannot lead to the compromise of others. In the case of PGP, of course, it is true that the compromise of the Public key would compromise all messages, but in other ways PGP does help. It is possible, for example, to surrender just the session key, in the case that it is necessary to do so to comply with a legitimate law-enforcement request. But I don't see how PFS could really apply to something like email, as opposed to something like an http request. * So what should we be doing? There are 25 years invested in making PGP work. Many subtle bugs and security errors in the protocol and the gnupg implementation have been worked out. Throwing out PGP would be a bit like making this mistake: http://www.joelonsoftware.com/articles/fog69.html OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in this blogpost: OpenPGP can't protect your metadata, and that turns out to often be higher-value content than your emails themselves are. Further, exposed metadata is inherent to SMTP, which means this problem is going to be absolutely devilish to fix. That is true. But perhaps it would be a start if email clients actually put the actual email (with subject and references headers etc.) as an attachment to a bare email that contained only the minimal headers for delivery. It wouldn't be a perfect solution, but it would at least fix a certain amount of metadata analysis. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 2014-08-17 at 01:41, Nicholas Cole wrote: On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen r...@sixdemonbag.org wrote: OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in this blogpost: OpenPGP can't protect your metadata, and that turns out to often be higher-value content than your emails themselves are. Further, exposed metadata is inherent to SMTP, which means this problem is going to be absolutely devilish to fix. That is true. But perhaps it would be a start if email clients actually put the actual email (with subject and references headers etc.) as an attachment to a bare email that contained only the minimal headers for delivery. It wouldn't be a perfect solution, but it would at least fix a certain amount of metadata analysis. Well, afaik, there’s *no* MIME header which is required for delivery (maybe RFC says there is, but currently mail servers accepts mails with no headers at all). The headers that are needed for delivery are not MIME ones (the ones like “From:”, “To:”, “Date:”, “Message-Id:”, “Subject:”, etc.) but the SMTP one (the “MAIL FROM:” and “RCPT TO:”) which are separated. So I think mail clients could just send a void mail with just as much MIME informations to says its content is a MIME message (“message/rfc822” MIME type I think). Then things like the subject, the date, the message-id, the list of attached things, etc. would be protected. That makes less metadata, but it still leaks the more important: recipient and receiver. So the only way is to build an asynchronous communication system based on anonymity, like GNUnet’s doing. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 8/16/2014 7:41 PM, Nicholas Cole wrote: There are 25 years invested in making PGP work. Many subtle bugs and security errors in the protocol and the gnupg implementation have been worked out. Throwing out PGP would be a bit like making this mistake: More or less, yeah. Someday I'm going to wind up getting frustrated to the point where I write an angry, bitter, ranty screed on how the biggest headache with OpenPGP is unrealistic expectations and demands on the part of people who claim to know better, but obviously don't... smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
