On Mon, 8 Jul 2013, Fraser Tweedale wrote:
How about an armadillo?
On Sun, Jul 07, 2013 at 11:09:20PM +0200, Randolph D. wrote:
http://www.pierros.de/images/Masken_Larven_Larve_Domina_schwarz.jpg
2013/7/7 reynt0 rey...@cs.albany.edu:
On 07.07.2013, Hauke Laging wrote:
. . .
Linux has its
On 07.07.2013, Hauke Laging wrote:
. . .
Linux has its cuddly penguin, BSD its devil, openSUSE the
chameleon... Whether the GNU gnu increases the fun factor
is a difficult question... ;-)
I guess it would be good to have something like that for
OpenPGP. Something that people both like and
On Sun, 9 Jun 2013, Robert J. Hansen wrote:
. . .
That's why I'm so skeptical of all claims that if we just fix the UI
we'll solve the adoption problem. The problem isn't UI.
. . .
As pointed out at the start of a gestural interface
programming book I have, Apple iOS made it possible
to use
On Tues, May 28, 2013 Mark H. Wood wrote:
. . .
Were we doing stuff by email five years ago which really
didn't fit the email model very well, which stuff is
today escaping to media better designed for it?
. . .
Speaking only from my own observations, the quick chatty
time-wasting email
On Sat, 2 Mar 2013, Anonymous wrote:
. . .
It's really not a good time to attempt to prop these guys up, when
every economy in the world is suffering acutely from their colossal
and aggregate incompetence.
Not to mention the situations where available intelligence
was used to do various
On Wed, 1 Aug 2012, Robert J. Hansen wrote:
. . .
Feynman warned against this thinking in science. He called it
cargo-cult science, after the South Pacific islanders who built
. . .
Really excellent. Thanks for taking the time to contribute
so much detail elucidating the metaphor so well.
On Tue, 29 May 2012, Robert J. Hansen wrote:
. . .
Tabular data is the Right Thing To Do in two major use cases.
The first is when you have a noninteractive display of identical
field(s) for multiple pieces of data. Consider a printed almanac: if it
wants to convey a list of countries and
On Thu, 24 May 2012, Robert J. Hansen wrote:
On 5/24/12 7:56 PM, reynt0 wrote:
. . .
The idea is just to maximize usability to maximum audience,
. . .
Maximum audience is not the same as maximum usability. The two are
different properties. When it comes to the written word, ease
On Wed, 23 May 2012, Robert J. Hansen wrote:
On 5/23/12 6:50 PM, reynt0 wrote:
Also, just to mention, best to avoid smart apostrophes/quotes
in the final version, naturally, right?
Not a whelk’s chance in a supernova. Those aren’t smart quotes, they’re
perfectly valid UTF-8 typographic
On Wed, 23 May 2012, Robert J. Hansen wrote:
. . .
I have a draft version of nine frequently asked questions ready for
community review:
http://keyservers.org/gnupgfaq.xhtml
Any and all feedback (save for visual design, layout, etc.) will be
gratefully accepted. Thank you!
Here
On Fri, 2 Mar 2012, Post Carter wrote:
. . . so I think we just have a terminology discrepancy
here. What is a bit confusing is using the words encrypted
vs. decrypted and ciphertext vs. cleartext when we're talking
about an attacker inserting contents into the message.
I have been reading
On Thu, 23 Feb 2012, Robert J. Hansen wrote:
The United States 11th Circuit Court of Appeals, which is one small step
away from the United States Supreme Court, has issued a decision in
connection to a grand jury's subpoena requiring the appellant to produce
unencrypted copies of six hard
On 2/20/12 2:24 PM, steveb...@gulli.com wrote:
. . .
Mozilla is founded [funded probably] by Google. Without Google
they would be gone.
Googles business model is not to protect the user but to analyze him.
That is not possible when you use mail encryption.
The question is still valid and imo,
On Thu, 2 Feb 2012, Robert J. Hansen wrote:
. . .
Oh, Wittgenstein's wonderful. I have a quote from him on a Post-It on
my monitor:
What makes a subject difficult to understand ... is not
that some special instruction about abstruse things is
necessary to understand
On Tue, 31 Jan 2012, re...@webconquest.com wrote:
Most problems these days on the internet are,
in my opinion, related to people being completely
anonymous. If you stand behind your words, show
so by signing your posts.
If the idea is more important than who said it, signing
(in both the
On Oct 25, 2011, gn...@lists.grepular.com wrote:
. . .
(*) there's a nasty privacy issue when you're able to trigger a
receiving email client to do arbitrary http lookups. It means the sender
is able to determine when the recipient downloaded the email, and what
IP address they were using at
On Wed, 19 Jan 2011, Werner Koch wrote:
I'd like to see a feature in MUAs to wrap the entire mail as presented
in the composer into a message/rfc822 container and send the actual
message out with the same headers as in the rfc822 container. This
allows to sign the entire mail including the
On Mon, 15 Mar 2010 14:49:32 + MFPA wrote:
. . .
In fact, just by posting to this mailing list we have
given up some privacy or anonymity. The nature of the
way we write, what we think, the experiences that we
relate--all of these reveal something about ourselves.
When the reader is Big
On Wed, 3 Mar 2010, Robert J. Hansen wrote:
. . .
system. For that matter, I'm writing this from a true-blue,
certified UNIX: OS X. I think it's quite real, despite the
fact major parts of the desktop are closed-source.
And despite, sadly, that the EULA for OS10.4+ (like WinXP+,
IIUC)
On Sun, 28 Feb 2010, David Shaw wrote:
On Feb 28, 2010, at 4:20 PM, reynt0 wrote:
On Sat, 27 Feb 2010, Robert J. Hansen wrote:
. . .
The perfect is the enemy of the good.
Just to note, did RJH actually intend to write
...the enemy of the good enough., which I believe is
the usual quote
On Sat, 27 Feb 2010, Paul Richard Ramer wrote:
. . .
Speculation isn't any more progress than an idea is action. Speculation
buttressed with facts leads, in time, to progress. But speculation,
. . .
And speculation often has the very useful effect of stimulating
search for new facts where
On Sun, 28 Feb 2010, MFPA wrote:
. . .
no way to prove you're MFPA. So I can't sign your key.
If you knew me personally, you could.
And as I already said, do you know MFPA's not my legal identity?
There used to be somebody in my town who had officially changed his
name to FREFF. (Never did
On Sat, 27 Feb 2010, Robert J. Hansen wrote:
. . .
The perfect is the enemy of the good.
Just to note, did RJH actually intend to write
...the enemy of the good enough., which I believe is
the usual quote? The two are rather different ideas,
even more so if morality has been included as an
(responding to only the parts of ZZ's post which seem directed
to my prior post)
On Wed, 24 Feb 2010, Zy Zylek wrote:
. . .
By full many-to-many encryption/decryption functionality,
do you mean many people and many files? Basically yes (to that).
I apologize for being too brief. By
On Fri, 2009-09-11 Christoph Anton Mitterer wrote:
. . .
sell bad devices that produce poor entropy thus rendering
our (symmetric and asymmetric) keys, signatures etc. useless.
. . .
Just out of curiousity, about how poor entropy might make
it easy to break encryption: Is it necessary for
On Sun, 28 Jun 2009, Werner Koch wrote:
. . .
really stop us from putting invalid email address in the UID, so is
Before doing so, you should evaluate whether it is still worth the
trouble. Without an email address most people would not bother to send
you an encrypted message.
. . .
I
On Mon, 15 Jun 2009 gpg2.20.mani...@dfgh.net wrote [both
and are by gpg2.20.maniams]:
. . .
3. This sender has so far sent me multiple files with signatures. The
data files are named filename_dd_mm_yy.html and the signature is
always called signature.bin (no date of no identifiable marks).
On Fri, 5 Jun 2009, Robert J. Hansen wrote:
. . .
Active MitM is pretty much the military incendiary bomb in the living
room. A competent attacker who is controlling your network traffic and
wishes to subvert your system has so many ways to do it that you stand
effectively no chance of
On Fri, 5 Jun 2009, Robert J. Hansen wrote:
. . .
I do not believe it is possible to ensure the security of your computers
or your communications when in the presence of an active MitM done by a
competent attacker.
. . .
I'm curious. Not counting DOS (which can always be done
by cuting your
On Thu, 16 Apr 2009, Robert J. Hansen wrote:
. . .
Add it all together and USENET was at best a network-choking bandwidth hog,
and at worst was a lawsuit waiting to happen. And thus, many full USENET
. . .
H :), when I was starting to learn about computers,
I thought USENET was a candy
This might not be the right place to post this, but
gnupg-users is the only crypto-related list I
follow so I'll mention this here since possibly of
interest, and people can repost elsewhere if they
feel it appropriate.
DIMACS (Center for Discrete Mathematics and Theoretical
Computer Science)
To be brief, since this is pretty far OT:
On Thu, 22 Jan 2009, Faramir wrote:
. . .
And the third and last question is: why the AV detected the virus
_before_ I visited the site?
. . .
It is easy to imagine a software automatically reviewing
all browser page-loads, and, before any links are
On Tue, 2 Dec 2008, Barry wrote:
. . .
Sorry for not posting the link. A little Mistake, but... Google is
eberybody's friend, I see.
Well, maybe not people who worry about Google's
mega-info-vacuum adding more information to Google's profile
of them. Or (in maximum paranoid mode), googling
On Mon, 1 Dec 2008, Robert J. Hansen wrote:
reynt0 wrote:
So newbies may be due some slack when they don't do well with
learning trust as logic, because it isn't logic.
On the contrary, it _is_ logic. It's an exercise in theorem proving.
Given: I trust Alice to sign keys; Alice has signed
On Wed, 5 Nov 2008, David Shaw wrote:
. . .
I'm always in favor of documentation. I wouldn't restrict it to notes about
signatures though - a general quick start guide (there are several out there
that can be used or adapted) would be very handy to ship in the installer.
If someone really
Some months ago the topic arose of sniffability of keyboard
sounds, about which I gave a little information. I now see
that some researchers in der Schweiz recently did sniffing
of keyboard EMF radiations which might be of interest here
(http://lasecwww.epfl.ch/keyboard/ (note the lab name
On Mon, 3 Nov 2008, Robert J. Hansen wrote:
. . .
Right, and this much doesn't bother me. It's when people start ascribing
meaning to bad signatures, or the nonexistence of signatures, that I begin to
get frustrated. A bad signature doesn't mean the message was tampered with
-- the
On Tue, 4 Nov 2008, Robert J. Hansen wrote:
. . .
Idiot-proofing is a very bad idea. Systems cannot be made idiot-proof, since
we're constantly developing higher and better grades of idiots. Systems can
be made user-friendly; they cannot be made idiot-proof.
. . .
H, so the problem is
On Tue, 4 Nov 2008, Robert J. Hansen wrote:
. . .
signatures. They're very useful when you have:
* a correct signature
* from a validated key
* belonging to someone you trust
If any of those three conditions fail, I think digital signatures are
pretty much useless.
On Tue, 4 Nov 2008 [EMAIL PROTECTED] wrote:
. . .
then, in that case,
. . .
how about this as a feature;
. . .
FWIW, as others in this thread have suggested without
being explicit, the KISS (Keep It Simple Stupid) idea
may be better than an aim to have something like a
popup wizard
On Sun, 21 Sep 2008, Robert J. Hansen wrote:
. . .
GnuPG's preference lists are arcane and counterintuitive, and the source
of a great deal of frustration. If it would help to get some
documentation written outlining precisely how it works and why, I would
be happy to stop the bikeshedding and
On Thu, 18 Sep 2008, David Shaw wrote:
. . .
1) Take the intersection of all recipients preference lists. This rules out
any algorithms that would be unusable by someone.
2) Elect a decider. The decider is the one person whose ordered list we
will honor the rankings for. If the user has
On Thu, 11 Sep 2008, Robert J. Hansen wrote:
. . .
My rephrasing would be,
Using GnuPG doesn't make your communications perfectly secure: however,
it potentially makes your communications a heck of a lot more secure
than you'd be without it.
A heavy emphasis needs to be placed on
On Wed, 10 Sep 2008, Sven Radde wrote:
. . .
Am Montag, den 08.09.2008, 19:40 -0500 schrieb Robert J. Hansen:
The conversation we're not having, which I think we should be having, is
how can we have trusted communications on a hostile network when we
don't know if we really control our own
On Fri, 22 Aug 2008, Robert J. Hansen wrote:
. . .
reynt0 wrote:
Wouldn't the claim be: cannot listen in on such a
transaction between Alice and Bob without affecting the
transaction in a detectable way?
Depends on how pedantic you want to be, and how you define
'transaction'. Frankly
On Thu, 21 Aug 2008, David Shaw wrote:
. . .
whether the filesystem you are using overwrites in place or not. Many modern
filesystems (Reiser, XFS) do not necessarily overwrite in place. More
primitive filesystems (like the FAT FS that is used on many external disks)
do overwrite in place.
On Fri, 22 Aug 2008, Charly Avital wrote:
. . .
This is a magazine feature, I don't know how accurate it might be; if
someone cares to comment, I'll be grateful.
http://www.sciencenews.org/view/feature/id/34762/title/Welcome_to_the_Quantum_Internet
Here's a url for what seems to be the
On Sun, 10 Aug 2008, Andrew Berg wrote:
. . .
I've gotten into the habit of typing my passwords very quickly with very
little finger movement in order to make it difficult for anyone looking
over my shoulder to figure them out.
Or anyone sitting to the side of you two seats away,
who is doing
On Fri, 8 Aug 2008, Alexander W. Janssen wrote:
. . .
Werner Koch wrote:
Further,
entering the passphrase is subject to side channel atatcks like should
surfing or recording the sound of the keyboard.
Don't tell me there are actually real attacks by recording the sound of
the keyboard...?!
On Sat, 5 Jul 2008, Robert J. Hansen wrote:
. . .
If you decide well, if I _have_ to use an untrusted machine, then at
least I'll be using an on-screen keyboard, that's all well and good.
. . .
FWIW as a generaI comment because I haven't looked at the
prog in question: Aren't on-screen
On Wed, 4 Jun 2008, Phil Reynolds wrote:
On Wed, Jun 04, 2008 at 03:18:00PM -0400, David Shaw wrote:
I think I did understand the query. You have email addresses like
[EMAIL PROTECTED], [EMAIL PROTECTED], and so on.
The question was is a catch all suffixes UID possible. The answer
to that
On Fri, 23 May 2008, Faramir wrote:
reynt0 escribió [format slightly neatened by reynt0]:
is Philosophy 101 stuff (as RJH said), but the subject
is serious and important, IMHO, and the more people can
be aware of this on like a Philosophy 401 basis the less
at-risk they will be.
Wow
On Sat, 10 May 2008, Faramir wrote:
. . .
image file (and what would look more innocent that a folder with some
pretty girls in swimsuits? well, maybe pretty girls without swimsuits).
. . .
Photos of happy puppies and sad puppies?
___
Gnupg-users
On 02 May 2008 [EMAIL PROTECTED] wrote:
. . .
This also doesn't mean that You really are Ramon Loureiro, since the
Certificate doesn't carry Your _Name_ indicating that Other People have
eyeballed You + Government Issued Documentation affirming that You
actually are who You say You are. To
On Mon, 21 Apr 2008, Christoph Anton Mitterer wrote:
. . .
- Set up some place (perhaps in the FAQ and even in the download area)
where you just say all that, namely: New features will probably go to
2.x, both will have the same security support, for the places where both
provide the same stuff
On Wed, 9 Apr 2008, Paul wrote: [back to the original,
so quotation accuracy is not the issue]
On Tue, 08 Apr 2008 22:17:03 +0200
Ingo Kl?cker [EMAIL PROTECTED] wrote:
The S/MIME implementation in KMail (via
gpgme/gpgsm) is the only Free Software implementation of S/MIME that
has passed the
On Thu, 24 Jan 2008, Steven Woody wrote:
. . .
But where should I keep the copy?
. . .
One distinction is a place you control versus a place you
don't control. For the latter, there is likely to be a
distinction about how much they are like being under your
own control. A bank box to
Thanks. That's exactly what I wanted to be clear about,
but didn't want to try to specify all possible details
by my (inexpert) self.
On Fri, 23 Nov 2007, John W. Moore III wrote:
. . .
reynt0 wrote:
Just a maybe picky question:
Does stops new use mean absolutely, like mechanical
On Tue, 16 Oct 2007, Robert J. Hansen wrote:
. . .
Vote-from-home over the internet is probably going to happen sooner or
later in some jurisdiction, if only because it is possible for a vendor
. . .
IIRC there was a Technische Universitaet or similar in
Austria a while ago that was going
I apologize if I am wasting the time of some busy
and appreciated people, but I'd like to ask for
clarification:
The latest macgpg.sourceforge.net HowTo, v4.16,
says gcc 4.0.1 is needed. That gcc seems to be
Apple-natively available only with OS 10.4, and not
installable in 10.3.9 (with reliable
With full appreciation for your and everyone's work,
could I ask that, when posting, people be specific
which OSX they are talking about? I'm still looking
for an easy way to get the latest gnupg but for
OS 10.3.9, not OS 10.4.x. That is, a way which
doesn't involve having to install extraneous
On Fri Dec 01, 2006, Alphax wrote:
I saw something weird where moving entries around didn't preserve the
order that you had put things in... I ended up writing out all the
option numbers on scraps of paper and shuffling them around until they
were in the order I wanted :)
Similar for me
On Wed, 29 Nov 2006, Benjamin Donnachie wrote:
. . .
When I get time, I will prepare a packaged up version for MacOS which
will be available through the mac-gpg project.
May one ask, is there any chance there will be such a
packaged version for OS10.3.x as well as for 10.4.x?
Presently, the
63 matches
Mail list logo