#gpg
Using #GPG to Encrypt and Decrypt Files on Linux [Hands-on for Beginners] • Tux Machines ⇨ http://www.tuxmachines.org/node/158957 #GNU #Linux #TuxMachines
How to send a #password securely over an unsecured #connection
A relatively common task for me as a hacktivist is to set up secure #communication channels for technologically innocent newbies. I could of course explain to them how #GPG works, but this often fails due to the lack of will to understand and download and install the programs. Very often I use #XMPP server inside the #onion network (TOR) for #communication. The target must install the Tor #browser for this and can then use an XMPP web client. I can set all that up. The only problem is how do I send the authentication data for the XMPP access securely over an unencrypted connection?
I use #PrivateBin for this #problem: https://privatebin.info
PrivateBin is a #PastBin with encryption and burn after reading features. I post a message on PrivateBin with all the information and burn after reading. The message is encrypted and can only be decrypted with a parameter send together with the URI. The URI can look like this:
https://privatebin.net/?55ac2c8792cb12b9#3fQw1R8SAAQUUGsoa7nDdkYwq34Pzw6GQeSA56v5nusq
If the user can log in, then the authentication data has reached him without being compromised. After that, everything else can be discussed over an encrypted connection. If the user cannot log in, the data may have been intercepted. If you operate the PrivateBin server yourself, you can see which IP has accessed it. You should change the XMPP server and create new authentication in this case.
It can happen that with a weak internet connection the page cannot be loaded completely and when you press reload, of course it doesn't work because the page only works once due to the "burn after reading". Then you have to send the whole thing again with a newly generated URI. But if this does not work several times you should be very careful. Secret service agents like to play the fool in order to tempt you to use unsecured communication channels that are easier for them to wiretap.
#wisdom #knowledge #internet #instruction #security #privacy #surveillance #encryption
Version 4.49.4 of EasyGPG is Published
EasyGPG is an easy-to-use GUI for GPG that uses Zenity and XClip.
This is a bug-fix version.
- A bug was fixed that could cause someone updating from a very old version to lose keys from the keyrings.
The sha256sum of this new version of easygpg.sh is 14a1ddcabd47e760a829ba41d0023ce5375022d62d49c2ba41a77d937f586315.
To update to this new version, just double-click Check for a new version of EasyGPG in the EasyGPG-Actions folder (or, if your version is earlier than 4.0, select Check for a new version of EasyGPG in the main menu).
If you update from a very old version, check to make sure you have the latest version. If not, update again.
To update a copy of EasyGPG older than 3.0, use the installer (below), but select your already-existing EasyGPG folder. If you do this correctly, you will be asked whether or not you want to replace the existing EasyGPG. Click “Replace” to replace your old version of EasyGPG with the latest version.
To install EasyGPG for the first time, click on one of the following links. This is a tar.gz file. Extract the contents of the file, which will be a folder called EasyGPG-Installer. Open the folder, and double-click Install EasyGPG. This will create your new EasyGPG folder, and build all the files and folders inside it.
If the Desktop files (all the Actions and the main Desktop file) do not work, you will need to install a graphical file manager that complies with the XDG standards: nemo, caja, pcmanfm, thunar, or dolphin.
https://archive.org/download/easygpg/EasyGPG-Installer.tar.gz
https://codeberg.org/giXzkGsc/EasyGPG/raw/branch/main/EasyGPG-Installer.tar.gz
[The installer is also available at
http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/EasyGPG-Installer.tar.gz (Onionland),
http://easygpg2.i2p/EasyGPG-Installer.tar.gz (I2P), and
http://127.0.0.1:43110/1EiCNMUtTVvY34bp4XynVSaR8UdrzvngRi/EasyGPG-Installer.tar.gz (ZeroNet).]
EasyGPG Web Sites
https://archive.org/details/easygpg Internet Archive (clearnet)
https://codeberg.org/giXzkGsc/EasyGPG Codeberg (clearnet)
http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/ Tor Onion Service site
http://easygpg2.i2p/ I2P eepsite
http://127.0.0.1:43110/1EiCNMUtTVvY34bp4XynVSaR8UdrzvngRi/ ZeroNet zite
For news about EasyGPG, click on the #easygpg tag.
This project has never been on GitHub, though another project with the same name has. This project is not related in any way to the German government, though another project with the same name is.
When using software, the greatest threat to privacy and security is the Internet. EasyGPG will not attempt to communicate with the Internet unless you tell it to read text from the Internet or check for a new version. I will make no attempt to discover who is using my software, where, when, how, or for what purpose.
#easygpg #gpg #encryption #privacy #surveillance #security #cryptography
In no particular order, web sites like OpenStreetMap, Wikipedia, Archive.Org, Sci-Hub, tools like I2P, Tor, IRC, GPG, OMEMO, OTR, and open and federated protocols like Jabber, Email, Diaspora and ActivityPub are the most important projects on the internet and should be protected and exalted.
#openstreetmap #osm #android #wikipedia #wiki #archive #archive.org #scihub #sci-hub #diaspora #email #jabber #xmpp #activitypub #mastodon #email #freesoftware #internet #thefederation #irc #gpg #pgp #omemo #otr
Tuto - Le mail sécurisé c'est pas si facile, sauf si...
https://www.cheziceman.fr/2021/mailsecu/
où reparler de #GPG #protonmail #tutanota et comment les faire fonctionner les uns avec les autres, surtout sur #android
#Debian : #apt-key obsolète depuis 2020. Comment faire pour gérer correctement l'ajout des clés #GPG, maintenant, pour l'utilisation avec #apt ?!
Ce sujet "collaboratif" tente d'apporter une réponse viable, facile à comprendre, bien que légèrement compliquée pour un débutant :
PS : Pour rappel, apt-key n'existera plus après Debian 11 !
Lire le man page ;-)
We Should All Have Something To Hide
Jun 12, 2013
Suddenly, it feels like 2000 again. Back then, surveillance programs like Carnivore, Echelon, and Total Information Awareness helped spark a surge in electronic privacy awareness. Now a decade later, the recent discovery of programs like PRISM, Boundless Informant, and FISA orders are catalyzing renewed concern.
The programs of the past can be characterized as “proximate” surveillance, in which the government attempted to use technology to directly monitor communication themselves. The programs of this decade mark the transition to “oblique” surveillance, in which the government more often just goes to the places where information has been accumulating on its own, such as email providers, search engines, social networks, and telecoms.
Both then and now, privacy advocates have typically come into conflict with a persistent tension, in which many individuals don’t understand why they should be concerned about surveillance if they have nothing to hide. It’s even less clear in the world of “oblique” surveillance, given that apologists will always frame our use of information-gathering services like a mobile phone plan or GMail as a choice.
-----> We’re All One Big Criminal Conspiracy
https://moxie.org/2013/06/12/we-should-all-have-something-to-hide.html
#internet #privacy #signal #moxie #pgp #security #law #gpg #encryption
Tom Ptacek on PGP/GPG alternatives
The high bit of the right answer to this question is that you don’t want to replace PGP; one of the things we’ve learned in 29 years is that you don’t want a single tool to do lots of different cryptographic things, because different applications have different cryptographic needs.
For package signing: use something in the signify/minisign family.
To encrypt a network transport, use WireGuard.
To protect a web transaction on the wire, TLS 1.3.
For transferring files: use Magic Wormhole.
For backups: use something like Tarsnap or restic.
For messaging: use something that does Signal Protocol.
To protect files at rest, use encrypted DMGs (or your OS’s equivalent, like encrypted loop mounts).
To encrypt individual files — a niche ask — use Filippo’s ungooglable “age”.
From an HN thread: https://news.ycombinator.com/item?id=27430624
#pgp #gpg #gnupg #encryption #cryptography #pki #signing #privacy #dataSecurity #TomPtacek #tptacek
Hey everyone, I’m #newhere. I’m interested in #acooustic_guitar, #adam_duritz, #anxiety, #apple, #beatles, #books, #books-and-literature, #buckowski, #buddhism, #christhile, #chuck_palalnuiuk, #counting-crows, #david_lynch, #depression, #ebooks, #elvis_costello, #encrypt, #encrypt-everything, #encryption, #gpg, #haruki-murakami, #haruki_murakami, #herman-hesse, #john-prine, #kafka, #laurie-anderson, #longisland, #lynch, #magdascabó, #mandolin, #mark-frost, #martin_guitars, #meditation, #mrrogers, #npr, #npr-tiny-desk, #nvc, #patti-smith, #pgp, #post_secret, #spalding-grey, #thic_nhat_hanh, #thile, #tom-waits, #twin-peaks, and #writing.
I'm not really 'new', just migrating.
I am reading more and more articles about how it's very important to encrypt / sign all communications, hence the use of gpg etc ... so I'm polling around. among my relatives and "regular" friends, I get laughs or simply "this is a bit too complicated don't you think ... is it really necessary, I don't have anything to hide ...blahblahblah ..." ... now among my online friends, what's the rating of people here actually encrypting all mails using private/public keys
#encryption #gpg #gnupg #pgp #pki #protectyourcoms #dataencryption
Mal eine Frage an die Community. Ich benutze seit kurzer Zeit mit zunehmender Begeisterung DeltaChat in der aktuellen Version auf F-Droid.
Auf meinem Rechner und Laptop läuft Gentoo mit jeweils stable Thunderbird-60.7.2, Enigmail-2.0.8 und GPG-2.2.17.
Bisher hat jeder Versuch meinen privaten Schlüssel per Autocrypt-Nachricht in Thunderbird zu importieren zur Meldung geführt ich habe den falschen Code eingegeben (trotz mehrfacher Versuche und penibler Kontrolle), ein paar Mal kam auch die Meldung der zu importierende Key sei kaputt.
Auch der einmalige Versuch den Key zu exportieren und über GPG dann händisch zu importieren scheiterte an einem kaputten Key. Oder daran, dass ich seit Jahren nichts mehr mit GPG auf der Kommandozeile gemacht und mich dumm angestellt habe.
Ist irgendwer über ein vergleichbares Problem gestolpert und kann mir 'nen Tipp geben was ich übersehe? Danke!
#deltachat #enigmail #thunderbird #pgp #gpg #linux #gentoo
#OpenPGP and GPG and S/MIME mail client vulnerbilities
To make it clear: There is no problem with #GPG, #PGP.
Nobody can read your encrypted emails in transit.
There is a problem with the your #mailclient the way it handles this emails!
The email clients are responsible to mitigate this (known) vulnerabilities.
You can see the problems with the mail clients in the graphic.
Here is the paper from the efail researchers.
Also see the answer of the GPG lead developer:
Here is how to mitigate the problem with #GPG emails in #Thunderbird:
Deactivate loading external content in the #Thunderbird settings „Privacy“ tab to disallow remote content in messages. Also choose 'View' > 'Message Body as' > 'Plain Text'.
There is currently no good solution for S/MIME. Don't use it if possible.
You can also consider using good and secure alternative messengers for communication, like Matrix, Wire, Threema or Signal.
Mailvelope Browser Plugin reaches 1.0.0!
This plugin lets you send/receive PGP-protected emails from just about any Webmail (like Gmail and so on).
Congratulations to Thomas Oberndörfer and Team! :-)
https://github.com/mailvelope/mailvelope/blob/master/Changelog.md