Re: vPro and secure Debian systems

2017-08-03 Thread Zlatan Todoric
On 08/03/2017 11:00 AM, Daniel Pocock wrote: On 02/08/17 21:41, Zlatan Todoric wrote: On 08/02/2017 10:24 AM, Daniel Pocock wrote: Hi all, There is a page[1] about AMT / vPro on the wiki, it doesn't mention any of the security concerns[2] about this technology. Is there anything that Debia

Re: rm ~/.gnupg/secring NOW!

2017-08-03 Thread Adam Borowski
On Thu, Aug 03, 2017 at 09:54:28AM +0100, Daniel Pocock wrote: > On 02/08/17 21:30, Adam Borowski wrote: > > On Wed, Aug 02, 2017 at 09:53:27PM +0200, Adam Borowski wrote: > >> If you have ever generated or imported a gpg secret key using gpg 1 or 2.0 > >> (ie, before Stretch), then used --delete-s

Re: wanted: educate us please on key dongles

2017-08-03 Thread Daniel Pocock
On 02/08/17 21:16, Adam Borowski wrote: > Hi! > Continuing from IRC: > It would be nice if someone knowledgeable could educate the rest of us about > physical key dongles -- a number of DDs/DMs/contributors still keep their > secret keys on a regular disk, and could use a primer. Me included. I d

Re: wanted: educate us please on key dongles

2017-08-03 Thread Wouter Verhelst
On Thu, Aug 03, 2017 at 11:19:25AM +0200, Wouter Verhelst wrote: > Having said all that, I'll repeat what I said on the gnupg-users > mailinglist a while back[1]: [...] > [1] That should have said https://lists.gnupg.org/pipermail/gnupg-users/2017-April/058035.html Having said all that, I'd be ha

Re: wanted: educate us please on key dongles

2017-08-03 Thread Wouter Verhelst
On Wed, Aug 02, 2017 at 10:16:29PM +0200, Adam Borowski wrote: > Hi! > Continuing from IRC: > It would be nice if someone knowledgeable could educate the rest of us about > physical key dongles -- a number of DDs/DMs/contributors still keep their > secret keys on a regular disk, and could use a pri

Re: vPro and secure Debian systems

2017-08-03 Thread Daniel Pocock
On 02/08/17 21:41, Zlatan Todoric wrote: > > > On 08/02/2017 10:24 AM, Daniel Pocock wrote: >> Hi all, >> >> There is a page[1] about AMT / vPro on the wiki, it doesn't mention any >> of the security concerns[2] about this technology. >> >> Is there anything that Debian can do as an OS (e.g. defaul

Re: rm ~/.gnupg/secring NOW!

2017-08-03 Thread Daniel Pocock
On 02/08/17 21:30, Adam Borowski wrote: > On Wed, Aug 02, 2017 at 09:53:27PM +0200, Adam Borowski wrote: >> If you have ever generated or imported a gpg secret key using gpg 1 or 2.0 >> (ie, before Stretch), then used --delete-secret-key, please >> rm ~/.gnupg/secring.gpg > Obviously, this assumes