Domain: gpgtools.org
Stories and comments across the archive that link to gpgtools.org.
Comments · 9
-
Re:PGP / GPG in mail
Nice user name.
https://gpgtools.org/ doesn't do it for you?
-
Re:Too hard to use (unfortunately)
It depends.
If you are using GnuPG's command line it is really hard..
But why?.
There are lots of easy to use mail client integrations:.
Enigmail for Thunderbird (https://www.enigmail.net/)
GPGTools for MAC(https://gpgtools.org/)
gpg4o for Outlook (https://www.giepa.de/produkte/gpg4o)
Just try it - it is not as hard as it is repeated on the web all the time. -
Re:Thunderbird?
Nevermind that there are hardly any universally good email clients..... None do encryption well
There are two very good e-mail clients, IMHO:
Thunderbird, which can handle gpg with Enigmail
https://www.enigmail.net/home/...
And Claws-mail, which has gpg and S/MIME support by default:
OSX users can just install gpgtools and keep on using Mail.
-
Re:Latest update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1I use GnuPG to secure some archival things in the cloud.
I'd consider giving some money to it if it was actually usable for its first and
most important function, namely, securing emails. It works perfectly, but it's
deployment is utterly lacking, no major vendors have gotten far enough behind it to
enable it by default, and even knowledgable users don't do something as simple as
sign their emails, to at least advertise to others that they have a key.Also I live in LA, I can see ICANN from my office window, and there are basically no
opportunities to get your key signed. GPG has no community.These aren't technical problems with GPG, they're problems with how it's marketed
and how it's positioned in platforms. In my opinion, GnuPG needs users a lot more
than it might need $60k in emergency funds. Get the users and the funding will likely
be obviated.-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: GPGTools - http://gpgtools.org/iEYEARECAAYFAlTUP/sACgkQdILWxHwGqZcRfwCcDco8z5LG0gS2JR7LvifOEE1U
eJUAn1ZbFlj9V7t/Es380X6tEen5RBWs
=TrGp
-----END PGP SIGNATURE----- -
part of my toolkit...
Yet Another Information Security Professional, working in a sensitive information startup.
Of course, a lot of these have been in use long before the NSA revelations...
A few of my personal tools and our corporate-used tools:
All OSX shop configured with strict firewall, fileVault, and openVPN,
Browser plugins to block ads (adBlock Plus), scripts/flash (NoScript), popups (Adblock Plus Pop-up Addon), trackers (Ghostery), and enforce HTTPS (HTTPS-Everywhere).
GPG Tools for encrypting individual files / emails - https://gpgtools.org/
OTR for secure messaging (use Adium which has OTR support off the shelf) https://otr.cypherpunks.ca/
Silent Circle for encrypted voice and text - https://silentcircle.com/
Personal VPN for traffic encryption for browsing outside of corporate purposes, e.g. one of these:
https://www.bestvpn.com/blog/4809/best-vpn-service-top-10/
note that several offer payment methods that are anonymous, e.g. gift cards purchased with cash, i.e. http://www.paygarden.com/Obligitory Schneier:
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance -
Re:So what ever became of public key escrows?
-
Re:To all Syrian Activists
In order for this not to happen again do the following:
Stop using Windows and MacOSX.
So you are saying that full disk encryption on Windows and Mac OS X has backdoors? Any link to back that up?
Download and install Fedora F16.
When installing, encrypt the harddrive with a really hard to break password.Now you are saying that Fedora has no backdoors. But the only way the Syrian activists will be sure is if they download the code, check it themselves, and compile everything, as it is pretty much impossible to know that the precompiled binaries haven't been tampered with. But the code for the relevant parts of Mac OS X is also available. In any case, the Syrian activists, being social activists and not hackers most likely lack the skills and the time to understand the code and to compile it themselves, nullifying the advantage.
Install pidgin and off the record like this: 'yum install pidgin pidgin-otr'
Pidgin? You mean the open source messaging client that also runs on Windows and Mac OS X?
Generate keys and verify them before communicating.
Yeah, cause we all know there is no SSH nor GPG for Mac OS X or for Windows. Oh, wait...
And not using major OSes will keep you away from the most common exploits and trojans.
Except that there is far more malware for Linux than for Mac OS X. (Why? Because Linux is widely used in servers that the "evil doers" specifically want to crack.)
Also, try to use TOR, HTTPS-everywhere and other good tools.
Again, tools available for Mac OS X and Windows.
-
Re:No
That is S/MIME. PGP uses self-generated certificates. You can add PGP support with GPGtools.
-
In fact I do...
Encrypted comment begins now...
-----BEGIN PGP MESSAGE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org/jA0EAwMCe0la60+pZSWuyV8bBnhItg/xbBvgbDi1bzHD2lNv77zrOESsRrQbjAaQ
jf/UbbNeDDcxk4xdSo+vzXSFVwHa6KylaSHnkj2xi39PCA1FbMWcyQs6S+7uyDIm
gKO6V2U4ku8S1iFGlpF28w=3D=3D
=3D18He
-----END PGP MESSAGE-----