Oh you probably know people on Slashdot who do, even if you don't know any personally. If you've been reading the gnupg related stories lately you've probably seen a few comments with PGP/INLINE signatures.
That shouldn't happen. Isn't signing the last step? You don't want to sign before you've finished composing and are ready to send.
Is the issue PGP/Inline related? If so, switch to PGP/MIME, which you should be using anyway. If you must use PGP/INLINE make sure the mail client defaults to base64 encoding for such messages, otherwise the formatting can be messed up. From what I'm reading, Thunderbird does NOT do so and uses text-plain/format-flowed or something.
But I use Claws-mail, which doesn't have that problem.
That's not what that "bug" means, since Thunderbird can decrypt S/MIME messages just fine.
Read closely, it's the supposed "bug" is referring to adding "decrypt" as a filter action when moving messages to folders. Which, for a security standpoint, is the wrong idea, you want to leave it encrypted.
The people who did that crowdfunder believe that leaving the messages encrypted in the folders discourages people from using encryption since they have to decrypt them on an individual basis each time they read them.
Just today I was typing a message in Thunderbird and it stopped accepting my keyboard input for about 8 seconds while it was busy running an index or whatever it felt like hijacking the UI thread for.
It still does that? Geebus, I was hoping they'd have fixed that by now. I dumped Thunderbird for sylpheed back in 2006 and then found out about sylpheed-claws which is now Claws-mail very soon after.
Pidgin desperately needs help, as it hasn't successfully had an easy-to-use voice (let alone video) capability.
And it's never going to....now.
The plan was to add voice/video support to pidgin, but then some console dwelling neckbeards took over development. They freely admitted that they didn't use the graphical client or non-XMPP protocols so those wouldn't get much work done on them. They were the ones whose basic philosophy was: "who needs voice and video? Running finch (text mode pidgin) in screen/emacs is good enough for anyone"
They're the jerks who changed perfectly good UI like the terms login/logout to enable/disable.
but even if you don't use their webmail interface, the free email service providers can still scan your email. There's nothing to stop them from doing that.
While they can scan and read unencrypted messages, OpenPGP and S/MIME encryption would like to have a word with you.
When one has hundreds of thousands emails, the Thunderbird just was not able to do its job. If it takes 30-45 minutes (!!) of CPU time to open a mailbox, the email client is useless.
Every e-mail client(desktop and mobile) should have S/MIME and GnuPG integrated in - including Gmail, Yahoo and the various ISP web clients. What's taking Google so long for Gmail
Well it might not be a priority for them because they know you can just use a desktop client that already has gpg and S/MIME support with gmail
Being a customer of a bank should mean I get an authenticated PGP/GPG key or an X.509 key when I open an account.
I agree.
Right now in GPG4Win, there's no way to generate a revocation key from the Kleopatra GUI - I gotta do it from the command line.
It doesn't? (checks the Linux version) It doesn't on Linux either, that's a big missing feature. The Kleopatra docs say to use kgpg to do that, but that's no help for gpg4win users.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
You're right in that gnupg needs people and groups to get behind it. I started using Linux in 2002 and didn't start using gnupg till 2007. While part of the reason was that I had been using an e-mail client without built in gpg support, another part was I didn't know much about it. I might not have even realized I already had it installed.
I do sign e-mail, and I do have my pubkey here on Slashdot and the keyservers. And sometimes, in threads related to e-mail security or pgp/gnupg, I'll even post a signed comment
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJU1FBQAAoJEGgrLreJLenh5HkIANWxqtMDYvF87o9K7qy18oSt
7NylbnZWEOL4NrJ0Uypttm6mRskLOIZCx5/MyGSU2hFwvRvMwsAOcBCoxHLMIoUY
v4riY90LnvnKvB4uEVBPKiiUD1HpVsmysLyihCQnXzrwUOIzPk0QiVEdvOGf6unc
jm14zTkINsfFUjKxt1YInOQbuDL6Gb8OAiFyEIfjUQ+4cZqlZym0/a70L1HOXJSI
rWgYH6LiFMjJ2c5DLmDJHkCOBrAyXk7qSBhFRPO7PopM6oM1RL1UElIYP1qB/4zw
G+O2dIhZrTcbwhLXQW1Yf2Oal6tpRNnzGCBqWf3BTlCyw1EjJMbDuLKk1ZFsEQA=
=32VS
-----END PGP SIGNATURE-----
Speaking of flash... how many people come home after the Super Bowl -- or some other giant arena event -- and are disappointed with the photos they took while they were there saying "But I used the flash..." We're talking about flash guide number folks and there's no way anyone sitting in the upper deck has a flash capable of illuminating the playing field and getting that one of a kind snapshot of Beyonce.
Yeah, seeing flashes going off at arena's just makes me shake my head. Wouldn't one need a tripod and a long lens to get a good field shot? Even the "dummies" photography books mention not exceeding the range of the flash.
It's not that hard to use, there are GUI tools for gpg use on all platforms. Heck, I created my old key using GPA (gnu privacy assistant) a GUI interface to gnupg, since I couldn't get enough entropy on the command line. (As an aside, I created that key on a Playstation 2 Linux kit) I was/am no genius either. GPG4Win uses Kleopatra to interface with gpg, which is nice. Take a look at the PDF documentation on the gpg4win website
Remember that Werner's native language isn't English. I think the PDF version of the Documentation is fairly good. The HTML version...could use a bit more work on the navigation interface.
Thanks for the reminder, I had been wondering about that, since the key was almost 8 years old, but hadn't got around to doing it. Better now? 2048 bit RSA key but SHA1 was still the default, had to set a preference in gpg.conf make it SHA256. And yes, I revoked the old key, uploaded the new pubkey to Slashdot and the keyserver. The longer text strings in the SHA256 sig are triggering the Lameness filter, but apparently if the main comment is long enough, the Lameness filter will be satisfied and I won't have to use HTML formatting which would probably mess it up enough to make sig verification difficult. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
Most people don't understand photography. The amount of people who know what F numbers, exposure time, and ISO mean are insufficient to support a camera market.
I know the basics of what those are and I'm no camera hobbyist
f numbers refer to the aperture, how much light hits the sensor/film, higher numbers smaller apertures, less light.
exposure time is how long the shutter stays open, longer time, more light. It's also what "freezes" action.
ISO numbers are film sensitivity. Higher numbers, more sensitive, and can capture an image faster, but more "grainy".
Most people just want to mash a button and get a picture. Phones give them that.
Yes, but most phones aren't actually that good at that. Sure they might be as good as a classic 126 film Kodak X15 Instamatic or something, but even some of the late 35mm point and shoots do a better job. My phone is an AT&T z998, with a 5MP sensor and flash LED. I also have an old Konica Minolta Dimage Z10, 3.2MP 8x optical zoom advanced point-and-shoot. That old Z10 takes better pictures than my phone does.
You ever been to the zoo or an aquarium? How many people turn off the flash when taking a picture of something through glass?
I do.
Maybe the traditional phone makers need to do a better job telling people how mediocre phone cameras are and how even a cheap dedicated camera can do a better job.
Slashdot Mirror
Maybe, you'd have to define "well".
I've been using gnupg to sign my e-mail for years now. I set it up and it just works.
Oh you probably know people on Slashdot who do, even if you don't know any personally. If you've been reading the gnupg related stories lately you've probably seen a few comments with PGP/INLINE signatures.
That shouldn't happen. Isn't signing the last step? You don't want to sign before you've finished composing and are ready to send.
Is the issue PGP/Inline related? If so, switch to PGP/MIME, which you should be using anyway. If you must use PGP/INLINE make sure the mail client defaults to base64 encoding for such messages, otherwise the formatting can be messed up. From what I'm reading, Thunderbird does NOT do so and uses text-plain/format-flowed or something.
But I use Claws-mail, which doesn't have that problem.
That's not what that "bug" means, since Thunderbird can decrypt S/MIME messages just fine.
Read closely, it's the supposed "bug" is referring to adding "decrypt" as a filter action when moving messages to folders. Which, for a security standpoint, is the wrong idea, you want to leave it encrypted.
The people who did that crowdfunder believe that leaving the messages encrypted in the folders discourages people from using encryption since they have to decrypt them on an individual basis each time they read them.
Gone Defunct, I guess:
http://en.wikipedia.org/wiki/E...
Just today I was typing a message in Thunderbird and it stopped accepting my keyboard input for about 8 seconds while it was busy running an index or whatever it felt like hijacking the UI thread for.
It still does that? Geebus, I was hoping they'd have fixed that by now. I dumped Thunderbird for sylpheed back in 2006 and then found out about sylpheed-claws which is now Claws-mail very soon after.
Pidgin desperately needs help, as it hasn't successfully had an easy-to-use voice (let alone video) capability.
And it's never going to....now.
The plan was to add voice/video support to pidgin, but then some console dwelling neckbeards took over development. They freely admitted that they didn't use the graphical client or non-XMPP protocols so those wouldn't get much work done on them. They were the ones whose basic philosophy was: "who needs voice and video? Running finch (text mode pidgin) in screen/emacs is good enough for anyone"
They're the jerks who changed perfectly good UI like the terms login/logout to enable/disable.
As I've said before, Thunderbird supports S/MIME out of the box. Get a key from Comodo you're set for S/MIME.
You need the Enigmail plugin for gpg, but then you're set with gpg
Nevermind that there are hardly any universally good email clients..... None do encryption well
There are two very good e-mail clients, IMHO:
Thunderbird, which can handle gpg with Enigmail
https://www.enigmail.net/home/...
And Claws-mail, which has gpg and S/MIME support by default:
http://www.claws-mail.org/
OSX users can just install gpgtools and keep on using Mail.
https://gpgtools.org/
but even if you don't use their webmail interface, the free email service providers can still scan your email. There's nothing to stop them from doing that.
While they can scan and read unencrypted messages, OpenPGP and S/MIME encryption would like to have a word with you.
When one has hundreds of thousands emails, the Thunderbird just was not able to do its job. If it takes 30-45 minutes (!!) of CPU time to open a mailbox, the email client is useless.
Try Claws-mail: http://www.claws-mail.org/
I switched from thunderbird to Claws because of the degraded Thunderbird performance over time.
Crypto GUI with the signing and encrypting.
Thunderbird has built in support for S/MIME, and you can install Enigmail for gpg
https://addons.mozilla.org/en-...
Every e-mail client(desktop and mobile) should have S/MIME and GnuPG integrated in - including Gmail, Yahoo and the various ISP web clients. What's taking Google so long for Gmail
Well it might not be a priority for them because they know you can just use a desktop client that already has gpg and S/MIME support with gmail
Being a customer of a bank should mean I get an authenticated PGP/GPG key or an X.509 key when I open an account.
I agree.
Right now in GPG4Win, there's no way to generate a revocation key from the Kleopatra GUI - I gotta do it from the command line.
It doesn't? (checks the Linux version) It doesn't on Linux either, that's a big missing feature. The Kleopatra docs say to use kgpg to do that, but that's no help for gpg4win users.
Claws-mail defaults to plain text too...because it can't send HTML e-mail by design. It can display it just fine, but never sends it.
Also, I'm really tired of seeing the 'attachment' icon on pretty much every e-mail I get.
You would see the attachment icon if I sent an e-mail to you, I use PGP/MIME and sign all e-mail, the signature appears as an attachment.
Maybe not an average user, but I had zero experience with Linux or GnuPG before that, and I figured out how to do it.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 You're right in that gnupg needs people and groups to get behind it. I started using Linux in 2002 and didn't start using gnupg till 2007. While part of the reason was that I had been using an e-mail client without built in gpg support, another part was I didn't know much about it. I might not have even realized I already had it installed. I do sign e-mail, and I do have my pubkey here on Slashdot and the keyservers. And sometimes, in threads related to e-mail security or pgp/gnupg, I'll even post a signed comment -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJU1FBQAAoJEGgrLreJLenh5HkIANWxqtMDYvF87o9K7qy18oSt 7NylbnZWEOL4NrJ0Uypttm6mRskLOIZCx5/MyGSU2hFwvRvMwsAOcBCoxHLMIoUY v4riY90LnvnKvB4uEVBPKiiUD1HpVsmysLyihCQnXzrwUOIzPk0QiVEdvOGf6unc jm14zTkINsfFUjKxt1YInOQbuDL6Gb8OAiFyEIfjUQ+4cZqlZym0/a70L1HOXJSI rWgYH6LiFMjJ2c5DLmDJHkCOBrAyXk7qSBhFRPO7PopM6oM1RL1UElIYP1qB/4zw G+O2dIhZrTcbwhLXQW1Yf2Oal6tpRNnzGCBqWf3BTlCyw1EjJMbDuLKk1ZFsEQA= =32VS -----END PGP SIGNATURE-----
Speaking of flash... how many people come home after the Super Bowl -- or some other giant arena event -- and are disappointed with the photos they took while they were there saying "But I used the flash..." We're talking about flash guide number folks and there's no way anyone sitting in the upper deck has a flash capable of illuminating the playing field and getting that one of a kind snapshot of Beyonce.
Yeah, seeing flashes going off at arena's just makes me shake my head. Wouldn't one need a tripod and a long lens to get a good field shot? Even the "dummies" photography books mention not exceeding the range of the flash.
You forgot the friendly closing:
Sincerely, The NSA
That would have made it slightly funnier.
It's not that hard to use, there are GUI tools for gpg use on all platforms. Heck, I created my old key using GPA (gnu privacy assistant) a GUI interface to gnupg, since I couldn't get enough entropy on the command line. (As an aside, I created that key on a Playstation 2 Linux kit) I was/am no genius either. GPG4Win uses Kleopatra to interface with gpg, which is nice. Take a look at the PDF documentation on the gpg4win website
http://www.gpg4win.org/documen...
Remember that Werner's native language isn't English. I think the PDF version of the Documentation is fairly good. The HTML version...could use a bit more work on the navigation interface.
http://www.gpg4win.org/documen...
Done, thanks for the reminder.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Thanks for the reminder, I had been wondering about that, since the key was almost 8 years old, but hadn't got around to doing it. Better now? 2048 bit RSA key but SHA1 was still the default, had to set a preference in gpg.conf make it SHA256. And yes, I revoked the old key, uploaded the new pubkey to Slashdot and the keyserver. The longer text strings in the SHA256 sig are triggering the Lameness filter, but apparently if the main comment is long enough, the Lameness filter will be satisfied and I won't have to use HTML formatting which would probably mess it up enough to make sig verification difficult.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJU1CrAAAoJEGgrLreJLenhFk8IAKCjdK/BbXY3UTZXmlUurRC0
NDEKiZxmFF5cfzaaZ789cfe50tDTpZr0Ej5aNIkA9M/TOmSycCdekxGRdKv6AdKs
2x1XG3T4L0QgBnFfq2/koxS6kVP5McNuGm/IzQKVR0STnvwAdzB7trhR+7czqBy3
uRK30bIXYUkDEcYH05zzETLzMcSNsEhxIECzBrMwMYJpiVX3G+pR5QXL9ryNc1yU
GH5bEsmkx8xmxrStEAdMW3KvOC28iiRNzySKoyvIaxzD5mBcSkb+M+umfUHRtHNy
BXX0U/az37j0pYtOJS/Dq/UhyMZlE1on86P7eSfnGqMCeSc0hte7AUx8i8I2JFo=
=h5FG
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thunderbird won't send HTML messages unless you configure it to do so. It's plain text by default.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlTUEuwACgkQnludVzJNqF3w5wCfRu8HX2sBa1lR/W6CS4gUao45
K7gAn22FGqPkAX2BH3s0PYa5JqTgM5vy
=H6cw
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Well that's good to hear.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlTUChMACgkQnludVzJNqF2p2ACdFew+WZRFx3tgIWLSizrfZuc/
k1EAoK35K6UURyN3CXW5eUEP4bVas9BP
=UQA4
-----END PGP SIGNATURE-----
Most people don't understand photography. The amount of people who know what F numbers, exposure time, and ISO mean are insufficient to support a camera market.
I know the basics of what those are and I'm no camera hobbyist
f numbers refer to the aperture, how much light hits the sensor/film, higher numbers smaller apertures, less light.
exposure time is how long the shutter stays open, longer time, more light. It's also what "freezes" action.
ISO numbers are film sensitivity. Higher numbers, more sensitive, and can capture an image faster, but more "grainy".
Most people just want to mash a button and get a picture. Phones give them that.
Yes, but most phones aren't actually that good at that. Sure they might be as good as a classic 126 film Kodak X15 Instamatic or something, but even some of the late 35mm point and shoots do a better job. My phone is an AT&T z998, with a 5MP sensor and flash LED. I also have an old Konica Minolta Dimage Z10, 3.2MP 8x optical zoom advanced point-and-shoot. That old Z10 takes better pictures than my phone does.
You ever been to the zoo or an aquarium? How many people turn off the flash when taking a picture of something through glass?
I do.
Maybe the traditional phone makers need to do a better job telling people how mediocre phone cameras are and how even a cheap dedicated camera can do a better job.