Comment chiffrer les e-mails dans Thunderbird (et pourquoi vous devriez le faire)
#Courriel #Courrier #Email #Mail #Thunderbird #Chiffrement #PGP #GPG #GnuPG #ViePrivée
#gnupg
"The market of the software to replace #GnuPG and the #OpenPGP infrastructure appears to be quite a topic on itself, the precondition to replace GnuPG being its complexity (which has gone to levels so high the official library to interface with GnuPG, gpgme, is literally a command-line wrapper[^1] to GnuPG)" gemini://tdem.in/post/pgp-alternatives.gmi
I'm done with systemd because it sucks
I have to much issues with #systemd that I'm willing to continue, here are the 2 major ones:
1) On system startup, I don't see all the starting daemons anymore, just until #initrd is finished and then nothing more until #LightDM starts and the graphical UI comes up
2) Console output is no more scrolling down. Maybe this is the reason for 1) here. So this is what happens: I have to execute a small shell script to decrypt and mount my /home directory. It will mount an USB stick and uses #GnuPG to ask me for a passphrase which decrypts a symmetric key stored on that USB stick (backed up on 2 other sticks). Then it will decrypt the #LUKS device which contains my /home directory. It will also start a filesystem check prior mounting it to /home with fsck.ext4 -yv /dev/mapper/home. For this it outputs messages I actually need to see if all went smooth. SystemD seem to have a bug here that prevents it from showing (no scrolling text). I have to switch consoles e.g. with ALT+F1/F2 and the output is shown again.
This really sucks as this way, I cannot properly maintain my #Linux system. I'm now migrating to #Devuan which is free of systemd and which provides the previous old-but-working #sysvinit . So, goodbye #Debian /systemd and hello Devuan/sysvinit!
Side-channel attacks ⚓ https://lists.gnupg.org/pipermail/gnupg-users/2022-January/065793.html ䷉ #pgp #gpg #gnupg #encryption
● NEWS ● #PeterBabic ☞ #GnuPG PIN cache, Smartcards, #YubiKeys and notifications https://peterbabic.dev/blog/gnupg-pin-cache-smartcards-yubikeys-and-notifications/
" #GnuPG has some great news, #Libadwaita 1.0 has arrived and we share our thoughts, plus a big batch of updates from the Matrix project." https://www.jupiterbroadcasting.com/147227/linux-action-news-222/
● NEWS ● #Gnu #GnuPG ☞ A New Future for GnuPG https://gnupg.org/blog/20220102-a-new-future-for-gnupg.html
● NEWS ● #GnuPG #Mozilla #Thunderbird ☞ EMailClientsThunderbird https://wiki.gnupg.org/EMailClients/Thunderbird
August #GNU Spotlight with Mike Gerwitz: 13 new GNU releases! #diffutils #gcc #glibc #gnunet #gnupg #gnuhealth and more! https://u.fsf.org/3fv
August #GNU Spotlight with Mike Gerwitz: 13 new GNU releases! #diffutils #gcc #glibc #gnunet #gnupg #gnuhealth and more! https://u.fsf.org/3fv
25.06.2021 Golem: Das Ende der alten PGP-Keyserver
#SKS #Keyserver #GnuPG #Verschlüsselung #Datenschutz
Hm. Was heißt das jetzt für Anwender? 🤔
Tom Ptacek on PGP/GPG alternatives
The high bit of the right answer to this question is that you don’t want to replace PGP; one of the things we’ve learned in 29 years is that you don’t want a single tool to do lots of different cryptographic things, because different applications have different cryptographic needs.
For package signing: use something in the signify/minisign family.
To encrypt a network transport, use WireGuard.
To protect a web transaction on the wire, TLS 1.3.
For transferring files: use Magic Wormhole.
For backups: use something like Tarsnap or restic.
For messaging: use something that does Signal Protocol.
To protect files at rest, use encrypted DMGs (or your OS’s equivalent, like encrypted loop mounts).
To encrypt individual files — a niche ask — use Filippo’s ungooglable “age”.
From an HN thread: https://news.ycombinator.com/item?id=27430624
#pgp #gpg #gnupg #encryption #cryptography #pki #signing #privacy #dataSecurity #TomPtacek #tptacek
It is fun to read on SUSE slides how we secure our software with GPG keys.
Those used to be called PGP keys. And then #gnupg took over :-)
I am reading more and more articles about how it's very important to encrypt / sign all communications, hence the use of gpg etc ... so I'm polling around. among my relatives and "regular" friends, I get laughs or simply "this is a bit too complicated don't you think ... is it really necessary, I don't have anything to hide ...blahblahblah ..." ... now among my online friends, what's the rating of people here actually encrypting all mails using private/public keys
#encryption #gpg #gnupg #pgp #pki #protectyourcoms #dataencryption
#gnupg #security fix: GnuPG 2.2.8 released (CVE-2018-12020)
The OpenPGP protocol allows to include the file name of the original input file into a signed or encrypted message. During decryption and verification the GPG tool can display a notice with that file name. The displayed file name is not sanitized and as such may include line feeds or other control characters. This can be used inject terminal control sequences into the out and, worse, to fake the so-called status messages.
COEP's first ever FOSS Meet to be held in April 2018. https://foss.coep.org.in/fossmeet/index.html #foss #Pune #India #debian #git #firefox #securedrop #bootloader #python #openstack #GnuPG #jquery #wordpress #blender #golang #docker
eine zeimlich gute einführung in #pgp http://www.hauke-laging.de/sicherheit/openpgp.html #secureweb #crypto #weboftrust #trustedcomputing #thunderbird #openpgp #gnu #gnupg