-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 02/19/2016 11:44 PM, Paul A. Crable wrote:
> A NYT article yesterday discussed tracking blockers and recommended
> Disconnect from among four candidates for Intel-architecture
> computers. Disconnect would be installed as an add-on to Firefox.
>
Paul A. Crable writes:
> A NYT article yesterday discussed tracking blockers and
> recommended Disconnect from among four candidates for
> Intel-architecture computers. Disconnect would be installed
> as an add-on to Firefox. You have a standing recommendation
> tha
A NYT article yesterday discussed tracking blockers and
recommended Disconnect from among four candidates for
Intel-architecture computers. Disconnect would be installed
as an add-on to Firefox. You have a standing recommendation
that we not install add-ons
> some fucking arrogant shit but some info as well
Totally. He's so patronizing. Reminds me of the oracle from the Matrix, if
instead of baking cookies she had defended Phil Zimmerman in a
criminal investigation of PGP and helped win the crypto wars.
-Jonathan
On Friday, February 19, 201
o interesting WW - thanks much
F2C2012: Eben Moglen keynote - "Innovation under Austerity"
https://www.youtube.com/watch?v=G2VHf5vpBy8
some fucking arrogant shit but some info as well
On Fri, Feb 12, 2016 at 7:36 AM, wrote:
> Original Message
> From: Ted Smith
> Apparen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
BBC picked up a story on this:
http://www.bbc.co.uk/news/technology-35614335
Glad the good professor was able to spot this one :P
On 19/02/16 07:50, Jeremy Rand wrote:
> On 02/19/2016 01:44 AM, CANNON NATHANIEL CIOTA wrote: > > On 2016-02-19
> 0
> The traditional answer, which amazingly nobody has mentioned in this
> thread, is called the PGP web of trust.
This is not just the "traditional" answer, it's the only proper answer.
For the uneducated reducing OpenPGP's WoT to WebPKI: you are lame.
Also worth mentioning: Ian Goldberg's shadow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
El 19/02/16 a las 19:55, Anthony Papillion escribió:
> All of that makes sense. Good to see that they have verification.
> But what about faked accounts? I mean, technically, I suppose if I
> were motivated enough, I could create all of those (maybe
Seth David Schoen writes:
> People also don't necessarily check it in practice. Someone made fake
> keys for all of the attendees of a particular keysigning party in
> 2010 (including me); I've gotten unreadable encrypted messages from
> over a dozen PGP users as a result, because they believed t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/19/2016 12:46 PM, Juan Miguel Navarro Martínez wrote:
> El 18/02/16 a las 18:32, Anthony Papillion escribió:
>> What is stopping me from creating a fictitious key for you and
>> then going and registering a Keybase account for that key,
>> pret
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
El 18/02/16 a las 18:32, Anthony Papillion escribió:
> What is stopping me from creating a fictitious key for you and then
> going and registering a Keybase account for that key, pretending to
> be you and listing all of your social media accounts as
Cain Ungothep writes:
> This is not just the "traditional" answer, it's the only proper answer.
There are other ideas out there too, like CONIKS.
https://eprint.iacr.org/2014/1004.pdf
--
Seth Schoen
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foun
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Just wanted to update the list in case anyone else runs into this: I
just figured it out. My problem was caused by an incorrectly set
clock. Once I set the clock correctly, everything worked perfectly.
Anthony
-BEGIN PGP SIGNATURE-
iQIcBAE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I just downloaded the new version of Tor Browser Bundle and I can't
get it to run. It just sits on the "loading authority certificates"
screen and won't go any further. Can anyone tell me what might be
wrong? I've let it sit for quite a while thinkin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/19/2016 06:58 AM, Suphanat Chunhapanya wrote:
> Hi,
>
> Another way is to use Keybase (https://keybase.io). It will bind
> many different social media (twitter, reddit, github) to the key.
> This means that the attacker needs to compromise a
Nathaniel Suchy writes:
> I've noticed a lot of users of Tor use PGP. With it you can encrypt or sign
> a message. However how do we know a key is real? What would stop me from
> creating a new key pair and uploading it to the key servers? And from there
> spoofing identity?
The traditional answe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/19/2016 05:34 AM, Nathaniel Suchy wrote:
> I've noticed a lot of users of Tor use PGP. With it you can encrypt
> or sign a message. However how do we know a key is real? What would
> stop me from creating a new key pair and uploading it to the ke
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
Another way is to use Keybase (https://keybase.io). It will bind many
different social media (twitter, reddit, github) to the key. This
means that the attacker needs to compromise all of your accounts of
those media to forge the key.
On 02/19/2
Hi,
this is a basic problem of PKI - is the key the correct one to use.
There is nothing to stop you from copying for example my key
information. That's why you need to check the received key over another
channel. For example I put my fingerprint on my website and it's also on
my business card.
A
I've noticed a lot of users of Tor use PGP. With it you can encrypt or sign
a message. However how do we know a key is real? What would stop me from
creating a new key pair and uploading it to the key servers? And from there
spoofing identity?
--
tor-talk mailing list - tor-talk@lists.torproject.o
20 matches
Mail list logo