subject:"\[tor\-talk\] Quote Line Prefixes in Linux Text Editors"

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread Mirimir

On 10/16/2016 06:36 PM, ban...@openmailbox.org wrote:
> On 10/16/2016 7:11:03 PM, mirimir at riseup.net wrote:
>> In Thunderbird+Enigmail, do three things:
>>
>> 1) create a local folder "Drafts", and configure Thunderbird to use it;
>>
> 
> Yes good tip. Also Torbirdy configures this.

OK, cool.

>> 2) in "Thunderbird/Account Settings/OpenPGP Security", check "Encrypt
>> draft messages on saving"; and
>>
>> 3) in "Enigmail Preferences/Sending/Confirm before sending", check
>> "Always".
> 
> Enigmail seems to do this by default. Do you use convenient or manual
> encryption settings?

I use manual settings.

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread bancfc


On 10/16/2016 7:11:03 PM, mirimir at riseup.net wrote:

In Thunderbird+Enigmail, do three things:

1) create a local folder "Drafts", and configure Thunderbird to use it;



Yes good tip. Also Torbirdy configures this.


2) in "Thunderbird/Account Settings/OpenPGP Security", check "Encrypt
draft messages on saving"; and

3) in "Enigmail Preferences/Sending/Confirm before sending", check 
"Always".


Enigmail seems to do this by default. Do you use convenient or manual 
encryption settings?

--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread Mirimir

On 10/15/2016 08:31 PM, ban...@openmailbox.org wrote:
> For security its recommended to compose messages outside the e-mail
> client. There were at least two incidents where plaintext was leaked
> (claws mail saving drafts unencrypted and Enigmail sending unencrypted
> messages).

In Thunderbird+Enigmail, do three things:

1) create a local folder "Drafts", and configure Thunderbird to use it;

2) in "Thunderbird/Account Settings/OpenPGP Security", check "Encrypt
draft messages on saving"; and

3) in "Enigmail Preferences/Sending/Confirm before sending", check "Always".

> Does anyone know how to add quoted line prefixes [1] to messages
> composed in a Linux text editor?
> 
> [1] https://en.wikipedia.org/wiki/Posting_style#Quoted_line_prefix
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread Aeris

> For security its recommended to compose messages outside the e-mail 
> client.

Composing email outside the client is only possible if you use PGP/inline, 
which is also weak (no clear protection boundary & message tampering).
https://dkg.fifthhorseman.net/notes/inline-pgp-harmful/

 And you can’t attach file on this mail format, or you leak file names and 
sizes 
if you encrypt your attachments outside the client too. No way to send HTML 
mail too (even if it’s very bad :P).

So I don’t know what is the more secured between PGP/inline outside the client 
or PGP/MIME inside… For plain text and very simple email, surely the first, but 
in most cases, undecidable and for common emails (with attachments and 
multipart text/html) certainly the second…

Regards,
-- 
Aeris
Individual crypto-terrorist group self-radicalized on the digital Internet
https://imirhil.fr/

Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://café-vie-privée.fr/

signature.asc
Description: This is a digitally signed message part.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread bancfc


Enigmail

https://security-tracker.debian.org/tracker/CVE-2014-5369
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread Ben Tasker

On Sun, Oct 16, 2016 at 10:08 AM, Jim  wrote:

> ban...@openmailbox.org wrote:
>
>> For security its recommended to compose messages outside the e-mail
>> client. There were at least two incidents where plaintext was leaked (claws
>> mail saving drafts unencrypted and Enigmail sending unencrypted messages).
>>
>
> Would you post links about these incidents?  (My google-fu may be a
> little weak, assuming these are recent incidents.)
>
>
I may be remembering the wrong incident, but I thought the Engimail issue
was (arguably) a little less serious than that - it was sending certain
headers unencrypted, so whilst the content was still encrypted there was
additional metadata available for analysis. Not great for sure, but a
little lower on the scale than described (and if that bug were still
present, composing in a text editor still wouldn't help). Might be some
other bug though?

The claws thing was bug 2965 -
http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2965 -
when sending a mail, the unencrypted version was written to the Queue
folder (and written to the server via IMAP) before being encrypted and sent.

I recall seeing something similar and less MUA specific as well, again
relating to the fact that drafts were being saved to the server, can't
remember where I saw that but here's an OS X specific one -
http://arstechnica.com/security/2014/01/secops-failure-gpggmail-on-osx-mavericks-may-store-unencrypted-drafts/



>
-- 
Ben Tasker
https://www.bentasker.co.uk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread Jim


ban...@openmailbox.org wrote:
For security its recommended to compose messages outside the e-mail 
client. There were at least two incidents where plaintext was leaked 
(claws mail saving drafts unencrypted and Enigmail sending unencrypted 
messages).


Would you post links about these incidents?  (My google-fu may be a
little weak, assuming these are recent incidents.)

Thanks

Jim



--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-16 Thread Dave Warren

It might be a bit more complicated than that, as that approach won't
wrap properly and may generate the Outlook Express-like situation where
quoted lines wrap before 80 characters, resulting in alternating lines
being quoted and having a single unquoted word. 

Unfortunately wrapping while maintaining quoting is really more of a
science itself, and you probably won't get format=flowed right when
doing it outside your client anyway, so it's always going to look a
little janky.

On the other hand, maybe that's better than risking unencrypted text
leaking, it depends on your situation :)

On Sat, Oct 15, 2016, at 20:30, ban...@openmailbox.org wrote:
> Found answer for my own question:
> 
> sed 's/^/> /' original > reply
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-15 Thread bancfc


Found answer for my own question:

sed 's/^/> /' original > reply
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Quote Line Prefixes in Linux Text Editors

2016-10-15 Thread bancfc

For security its recommended to compose messages outside the e-mail 
client. There were at least two incidents where plaintext was leaked 
(claws mail saving drafts unencrypted and Enigmail sending unencrypted 
messages).


Does anyone know how to add quoted line prefixes [1] to messages 
composed in a Linux text editor?


[1] https://en.wikipedia.org/wiki/Posting_style#Quoted_line_prefix
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

[tor-talk] Quote Line Prefixes in Linux Text Editors

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

[tor-talk] Quote Line Prefixes in Linux Text Editors

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

Re: [tor-talk] Quote Line Prefixes in Linux Text Editors

[tor-talk] Quote Line Prefixes in Linux Text Editors

[tor-talk] Quote Line Prefixes in Linux Text Editors

10 matches

Site Navigation

Mail list logo

Footer information