On Fri, Aug 26, 2011 at 01:41:41PM -0700, Doug Barton wrote:
> Actually I think https://www.xkcd.com/936/ says it better. :)
Yep, I was just going to comment that it's obvious that Randall Munroe
reads this list :)
> On 08/26/2011 11:08, David Tomaschik wrote:
> > On Fri, Aug 26, 2011 at 12:31 PM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Actually Anthony, you are correct. It can't be defeated, or at least as
far as I know. What I was suggesting was to move the vulnerable part
(bootloader and kernel) of the system off to a portable storage device,
so it would be easier to keep an ey
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/26/2011 16:45, Peter Pentchev wrote:
> On Fri, Aug 26, 2011 at 01:41:41PM -0700, Doug Barton wrote:
>> > Actually I think https://www.xkcd.com/936/ says it better. :)
> Yep, I was just going to comment that it's obvious that Randall Munroe
> re
[some snippage]
On 08/26/2011 14:29, Nicholas Cole wrote:
> On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
>>> BTW, this is another one of the reasons that I find the ability to have
>> multiple keyrings useful, and would very much miss that functionality if
>> it disappeared from gnupg 2.1.
On 08/26/2011 14:56, Nicholas Cole wrote:
> On Fri, Aug 26, 2011 at 10:34 PM, Doug Barton wrote:
>
>> One could certainly argue that my doing this is verification step is
>> overly fussy (and you wouldn't be the first), but that's my policy.
>
> I honestly did not mean to be critical.
I didn't
On Fri, Aug 26, 2011 at 10:29:04PM +0100, Nicholas Cole wrote:
> I *do* see the uses for them. The debian keyring, for example is
> huge, and it is useful to be able to selectively include it or not in
> the gpg.conf file. But there more I've thought about this, the more I
> think that it would b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 26-08-2011 15:08, David Tomaschik escribió:
> On Fri, Aug 26, 2011 at 12:31 PM, Faramir
> wrote:
>> According to keepass strength measurer, you can get more than 128
>> bits with just 30 characters (including some symbols of course).
...
> I
On Fri, Aug 26, 2011 at 10:34 PM, Doug Barton wrote:
> One could certainly argue that my doing this is verification step is
> overly fussy (and you wouldn't be the first), but that's my policy.
I honestly did not mean to be critical. I was just struggling to see
the security benefit. After all
On 08/26/2011 14:18, Nicholas Cole wrote:
> On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
>> http://dougbarton.us/PGP/gen_challenges.html
>
> Dear Doug,
>
> I don't mean this in a negative way, but I struggle to see the point
> of such challenges.
So feel free not to use them. :)
> The
On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
>> BTW, this is another one of the reasons that I find the ability to have
> multiple keyrings useful, and would very much miss that functionality if
> it disappeared from gnupg 2.1.
I know Warner has said all this before, but I sometimes think
On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On 08/25/2011 11:02, Aaron Toponce wrote:
>> On 08/25/2011 11:56 AM, Jameson Graef Rollins wrote:
>>> Do you want to sign every key in your keyring? If so, it's not
>>> hard to get gpg to e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
So in the course of another discussion on this group, I was told that I
might not actually need my 160+ random character passphrase for good
security. A few URL's were included, including this one
(https://secure.wikimedia.org/wikipedia/en/wiki/Passw
On 26/08/11 21:07, Anthony Papillion wrote:
>> Oh, you can own an encrypted filesystem, even if the box is down. The
>> Evil Maid attack makes this trivial. And it doesn't matter the
>> encryption software used either.
>
> I read about this attack a few years ago on Bruce Scheiner's blog. It
> sc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 8/26/2011 10:25 AM, Aaron Toponce wrote:
>
> Oh, you can own an encrypted filesystem, even if the box is down. The
> Evil Maid attack makes this trivial. And it doesn't matter the
> encryption software used either.
I read about this attack a fe
Actually I think https://www.xkcd.com/936/ says it better. :)
On 08/26/2011 11:08, David Tomaschik wrote:
> On Fri, Aug 26, 2011 at 12:31 PM, Faramir wrote:
>> El 26-08-2011 12:35, Aaron Toponce escribió:
>> ...
>>> Also, 62-character passphrase might be a bit extreme, giving you a
>>> false-sens
On Fri, Aug 26, 2011 at 12:31 PM, Faramir wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> El 26-08-2011 12:35, Aaron Toponce escribió:
> ...
>> Also, 62-character passphrase might be a bit extreme, giving you a
>> false-sense of security. Using a truly random sequence of characters
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 26-08-2011 12:35, Aaron Toponce escribió:
...
> Also, 62-character passphrase might be a bit extreme, giving you a
> false-sense of security. Using a truly random sequence of characters
> from the 94-printable ASCII pool of characters, a 12-char
On Fri, 26 Aug 2011 15:56, joh...@vulcan.xs4all.nl said:
> Does that mean we can expect GnuPG versions for mobile systems? I can't
> wait to install a Symbian or Android port.
Kmail (Kontact Touch) runs on the N900 (Linux based) and the HTC Touch
pro 2 (WindowsMobile 6.5). With full GnuPG crypto
> > My passphrases are
> > stored in a Keepass database that resides in a TrueCrypt container. It's
> > protected well. My actual key is protected by a 62 character passphrase
> One could argue that this is equivalent to having a passphrase-less
> keyring within the Truecrypt container.
Keepass is
> Does that mean we can expect GnuPG versions for mobile systems? I can't
> wait to install a Symbian or Android port.
There's APG for Android right now.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-us
XKCD says it best: https://www.xkcd.com/538/
On Fri, Aug 26, 2011 at 9:05 AM, Werner Koch wrote:
> On Fri, 26 Aug 2011 11:00, b...@adversary.org said:
>
>> I understand the reasons for this, but is there any reason for not
>> using an 8kb (or larger) master/certification key with more normal
>> s
On 26-08-2011 15:05, Werner Koch wrote:
> and also consider
> that nowadays more and more low-processing power devices are used.
Does that mean we can expect GnuPG versions for mobile systems? I can't
wait to install a Symbian or Android port.
--
Met vriendelijke groet,
Johan Wevers
On 26/08/11 11:05 PM, Werner Koch wrote:
> Actually the primary keys are the most worry some.
That's a shame.
> I have a one 8k key in my keyring
So do I, but it's mine and it is not used for correspondence at all.
> and checking the key signatures made but that key takes a noticeable
> time.
On Fri, 26 Aug 2011 11:00, b...@adversary.org said:
> I understand the reasons for this, but is there any reason for not
> using an 8kb (or larger) master/certification key with more normal
> subkeys (e.g. a 2048-bit signing subkey and a 4096-bit encryption
Actually the primary keys are the most
Hi,
I have the problem that the process 'scim-bridge' crashes (segfault)
from time to time on my system. After that, keyboard input doesn't work
anymore and I have to kill and restart scim in a console outside of X. I
suspect that this problem is related to pinentry (gtk2) because it
happens just
On 26/08/11 3:37 AM, Werner Koch wrote:
> On Thu, 25 Aug 2011 17:22, la...@thehaverkamps.net said:
>
>> changing from 4096 to 8192 bit)
>
> DON'T.
I understand the reasons for this, but is there any reason for not
using an 8kb (or larger) master/certification key with more normal
subkeys (e.g. a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Run "sudo apt-get install bzip2" and see if that helps. Have you
changed your kernel at all?
David Manouchehri
On 8/25/2011 11:22 AM, Lance W. Haverkamp wrote:
> gpg: invalid item `BZIP2' in preference string
-BEGIN PGP SIGNATURE-
Vers
27 matches
Mail list logo