://news.ycombinator.com/item?id=8873182
Apparently some of the funds will be donated to the GnuPG project. I suspect
he hasn't been in contact, and I imagine the funds would not be welcome?
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF
/Automatically_Encrypting_all_Incoming_Email
https://grepular.com/Automatically_Encrypting_all_Incoming_Email_Part_2
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B
or so.
FWIW, if you run your own mail system, this is a fairly trivial feature to
set up. I've been doing it myself for about three and a half years. Here's
how I do it, including links to the software:
https://grepular.com/Automatically_Encrypting_all_Incoming_Email
--
Mike Cardwell https
the following to
your ~/.gnupg/gpg.conf file:
keyserver keys.gnupg.net
keyserver-options auto-key-retrieve
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C
of OpenPGP.js
source code yesterday:
https://news.ycombinator.com/item?id=7843297
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
warnings are a nuisance that needs to be
ignored and clicked so they can continue doing what they were doing. For
the average geek, an SSL warning seems to be a declaration of War.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5
, which would redirect
people out of the secure version of the site if they're using a
browser which does not support HSTS, e.g Internet Explorer 11 and
below.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP
, although I don't believe
any of them used a smart card.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital
, I revoked the UID
containing the email address assigned by that company, and then
added the new UID for the new company.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1
Email though. I think it's more likely that
various Email protocols will be extended and refined rather than an
outright replacement though.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924
.
There will always be a system for pushing messages around electronically
that isn't tied to a single provider. If email is replaced, it will be
by something similar to email. Not by whichever social network the kids
are currently using.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
, if there are
any XSS flaws, there's another potential way of losing the key.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description
encryption for email...
--
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
/mailman/listinfo/gnupg-users
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
--
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF
? I was thinking creating a new
signing subkey and removing the master private key from keyring that I want
to upload to the VPS. That way I might limit the damage to the subkey alone
while keeping the master key a bit more secure?
This is definitely a good idea.
- --
Mike Cardwell https
, or the patience to pull it out and plug it in
each time I want to read an email/sms. I agree that it would be cool
though.
- --
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1
for you. If it works the next line would be
a
scdaemon[17805]: DBG: response: sw=9000 datalen=0
However your SW will be different. What is it?
6581:
2011-08-10 10:16:02 scdaemon[5153] DBG: response: sw=6581 datalen=0
Regards,
--
Mike Cardwell https://grepular.com/ https
mount power
glitch attacks).
Damn. I didn't run any automated tests... What other operations can only
be performed a limited number of times with one of these cards? If I
were to PGP sign or decrypt 10,000 emails would that eventually kill the
card too?
--
Mike Cardwell https://grepular.com/ https
Reader 00 00'
Application ID ...: D2760001240102050D58
Version ..: 2.0
Manufacturer .: ZeitControl
Serial number : 0D58
Name of cardholder: Mike Cardwell
Language prefs ...: en
Sex ..: unspecified
URL of public key : [not set]
Login data ...: [not set
.
Every little helps.
--
Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
signature.asc
Description: OpenPGP digital signature
, this could include industrial
espionage as well as governments.
Ideally the key would be encrypted on the smartcard. I haven't found
anything specifying that this is the case, so I have to assume it's not.
--
Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc
Professional http
and thus the effort to read off
the key wouldn't be worth what you will gain from it.
That is reassuring. Although, I'd be happier if I could find a technical
description of the feasibility of such an attack. But if one doesn't
exist, it doesn't exist.
--
Mike Cardwell https://grepular.com
chipset by looking directly
at the circuitry?
Are the keys on the smartcard perhaps encrypted with the access PIN?
That still wouldn't be perfect, definitely easier to bruteforce than a
long passphrase, but it would be better than nothing...
--
Mike Cardwell https://grepular.com/ https
23 matches
Mail list logo