Vanity Keys

://news.ycombinator.com/item?id=8873182 Apparently some of the funds will be donated to the GnuPG project. I suspect he hasn't been in contact, and I imagine the funds would not be welcome? -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF

Re: Automatic e-mail encryption

/Automatically_Encrypting_all_Incoming_Email https://grepular.com/Automatically_Encrypting_all_Incoming_Email_Part_2 -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B

Re: Calculating the Private Key

or so. FWIW, if you run your own mail system, this is a fairly trivial feature to set up. I've been doing it myself for about three and a half years. Here's how I do it, including links to the software: https://grepular.com/Automatically_Encrypting_all_Incoming_Email -- Mike Cardwell https

Re: How to determine who signed what

the following to your ~/.gnupg/gpg.conf file: keyserver keys.gnupg.net keyserver-options auto-key-retrieve -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C

Re: Google releases beta OpenPGP code

of OpenPGP.js source code yesterday: https://news.ycombinator.com/item?id=7843297 -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 signature.asc

Re: Access to www.gnupg.org only via TLS

warnings are a nuisance that needs to be ignored and clicked so they can continue doing what they were doing. For the average geek, an SSL warning seems to be a declaration of War. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5

Re: We are now at ic6au7wa3f6naxjq.onion

, which would redirect people out of the secure version of the site if they're using a browser which does not support HSTS, e.g Internet Explorer 11 and below. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP

Re: Managing Subkeys for Professional and Personal UIDs

, although I don't believe any of them used a smart card. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 signature.asc Description: Digital

Re: Managing Subkeys for Professional and Personal UIDs

, I revoked the UID containing the email address assigned by that company, and then added the new UID for the new company. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1

Re: It's 2014. Are we there yet?

Email though. I think it's more likely that various Email protocols will be extended and refined rather than an outright replacement though. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924

Re: It's 2014. Are we there yet?

. There will always be a system for pushing messages around electronically that isn't tied to a single provider. If email is replaced, it will be by something similar to email. Not by whichever social network the kids are currently using. -- Mike Cardwell https://grepular.com https://emailprivacytester.com

Re: PGP/GPG does not work easily with web-mail.

, if there are any XSS flaws, there's another potential way of losing the key. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 signature.asc Description

Re: GnuPrivacyGuard for Android v0.3 released!

encryption for email... -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 signature.asc Description: Digital signature

Re: Printing PGP Businesscard

/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF

Re: Using GPG for reading email in VPS

? I was thinking creating a new signing subkey and removing the master private key from keyring that I want to upload to the VPS. That way I might limit the damage to the subkey alone while keeping the master key a bit more secure? This is definitely a good idea. - -- Mike Cardwell https

Re: gnupg for android phones

, or the patience to pull it out and plug it in each time I want to read an email/sms. I agree that it would be cool though. - -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1

Re: OpenPGP Card CHV* failed: general error

for you. If it works the next line would be a scdaemon[17805]: DBG: response: sw=9000 datalen=0 However your SW will be different. What is it? 6581: 2011-08-10 10:16:02 scdaemon[5153] DBG: response: sw=6581 datalen=0 Regards, -- Mike Cardwell https://grepular.com/ https

Re: OpenPGP Card CHV* failed: general error

mount power glitch attacks). Damn. I didn't run any automated tests... What other operations can only be performed a limited number of times with one of these cards? If I were to PGP sign or decrypt 10,000 emails would that eventually kill the card too? -- Mike Cardwell https://grepular.com/ https

OpenPGP Card CHV* failed: general error

Reader 00 00' Application ID ...: D2760001240102050D58 Version ..: 2.0 Manufacturer .: ZeitControl Serial number : 0D58 Name of cardholder: Mike Cardwell Language prefs ...: en Sex ..: unspecified URL of public key : [not set] Login data ...: [not set

Re: How secure are smartcards?

. Every little helps. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F signature.asc Description: OpenPGP digital signature

Re: How secure are smartcards?

, this could include industrial espionage as well as governments. Ideally the key would be encrypted on the smartcard. I haven't found anything specifying that this is the case, so I have to assume it's not. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http

Re: How secure are smartcards?

and thus the effort to read off the key wouldn't be worth what you will gain from it. That is reassuring. Although, I'd be happier if I could find a technical description of the feasibility of such an attack. But if one doesn't exist, it doesn't exist. -- Mike Cardwell https://grepular.com

How secure are smartcards?

chipset by looking directly at the circuitry? Are the keys on the smartcard perhaps encrypted with the access PIN? That still wouldn't be perfect, definitely easier to bruteforce than a long passphrase, but it would be better than nothing... -- Mike Cardwell https://grepular.com/ https