Dear Paul,
My recommendation generally is to fetch it at least via tor/tails and
another network and compare both .pukey files as described under
http://www.elstel.org/software/GnuPG-usage.html.en. That should be ok.
Concerning the strange https configuration it is just about me not
having been willing to pay for a correct configuration (so the
certificate issued for alfahosting-server.de should be the right one.).
Well, I must confess it is an issue of time too as I have already
considered moving to dotplex ...
Likely however this mailing list is hosted more correctly so that you
may like to compare against the key from this list that follows here
(keyservers should also host that key by its fingerprint:
4D9849BF06D85D11CF34 6A90E4B931909981E39D).
Cheers,
Elmar
estellnb.pubkey.asc:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFSxg6cBEADRMOBDzF2u0MDV1QeHzFy3DU21/xX8F0mWFDLwZ16ZV0+oFJZW
N2TQD5ED0yJZ0A4uWwDKli64vgMFHMSvU1evBedeQj4WhKHD6zNjA2/BVKJPPr6C
m7Vbo0Vp/DqoLVvZKIs7FwCiWbd1Psejb/h5HbOI8s3rUBNS5lzdBfhZAOQgjItE
O2l+SfI1xG2foi8q8bRnWbLx+Qa9w8blyMqRFzpwtIqQak0ehNiQeSDvWCVAZ6DT
YpnzR0RY92uOesAI1bappfNqf0Hi28FsCQ6ujl1yK7WwaPDV8Q4Oj8S4d9eyFttQ
0K3SyIQ3o9YfIS6CJ0VXuy7S45ENZLGcwi9P9SkeACYA5ZUNFUS0juT44otHTid3
saN8LDZ0bqOAU8sjwHVh2GoTZ6eydMBp2oxinJFhdvUzBcPtNz4jHnqTh2f2NEBl
dh53BuVkhPha8SflAjAPxQnN2p/6mlQKWaBe8W4HJ8A2bX41pIZQDlxqKUTov1kr
haQXaA+6m0SK4AaotnGtZzQfQBL+ed4X2itKbMalCwpSdpiuAAsyXxA17Qf+7U02
ZR/5fVXx4OuESOeSLIKBmzEMLxnakE69lYPX37l5RwqU5w/rm8OfPERo56V/raId
atjrKpjA1eKFUDdDpZ3qZpVtU0HGWTTYu8FbP/vtzZE7Y9yBJCO3wKc2aQARAQAB
tJ9FbG1hciBTdGVsbG5iZXJnZXIgKHVzZSB0aGlzIGtleSB0byBjcmVhdGUgYW5k
IGVuY3J5cHQgbWVzc2FnZXMgb2ZmbGluZSBvbiBhIGNvbXB1dGVyIHdoaWNoIGlz
IGtub3duIHRvIGJlIGNsZWFuOyBhdCBiZXN0IGluIHBsYWluIHRleHQuKSA8ZXN0
ZWxsbmJAZWxzdGVsLm9yZz6JAjgEEwECACIFAlSxg6cCGwMGCwkIBwMCBhUIAgkK
CwQWAgMBAh4BAheAAAoJEOS5MZCZgeOdxmcQALrI6ghXuyzMv584EJ/uv9/iFl5K
GqljSL26TjchanRXZA7jVKmxpQ1YL4RjJYdP/gtU0SELi+5noy5glQbpi3sgkth1
D1/fqhnkY5xd2pvxowX7IPxAh5NxBoxe+rMizQifCM4XmxY947WPuCUAtDLJLk1h
pYgmume/SWRpraZzANZnxbQ+Gyl638gWE70LvWB4nLpaNKkNm/C3g6Kug41VPVTb
oKikaInib7yMLTUr52oK38Mr1uanErNmFIZmUtqdItIiAalKTG1aVNHMViQnnAwh
a4KGSLDjJgWgyrZS87BNcTm8YHYeEePdRVu8tpwq3oGLImsQAdSZOz9XnrdUHhML
RaZJJG5bVsHWxc04i3rH+YQnvqYZJPUFOf2sYvwa2PpSzsENiE7AJn27YltYKC43
uORQINJYMuCBLsg4iishG7RT/Kq6IXuXPyuH0SeoXSWaRXTWa9mqC1YmKyb1dt/O
c5joFhVfBfjhyO/f0BV46to/s37PPI6BEz6nneDceXTE3NBaSKcZXrEsroTRiSTS
vAhvOhvkysJKHpFUzbY7dZNhlYh1w6Cu+tRydGA/rvGLPO7lBZRpcFgG02C5grId
CBXNFqTzM75eQkuW9ZaxljVBELD2G4FKstkGnGhb1H4WG+IS5ArHAMUg9NEJ4aTW
hAi2DB9KX01leC0IuQINBFSxg6cBEAC0zARZPKBXF+BTwwkijA0+TF7NVE5LUJyn
Ss9OPHGLkf/CecmM9+tiGytkbEpMUhG3JmzcSkSjKcRaxFCLp0J80ZLdJ4U+TviQ
ixARs8fKGRphpvOmTH5EWWlrqiZHW/2vXCMsIS8CF8pUc8YCfqrOoyQiCBXfY7RP
VTIinItnlzwqHIcbDymEWOYiCwE4fIf/uxPrCo85yNpmsoOVgQyG/PmfRa2OCbXi
Mn7FjbJQg1gIepcapElIzh3DKy3N6HRc4hLPx9deVN5N8XWZ0uISNHMLd4ehIgEL
qK8S2sVxPkpHYGl192JGzDXR1V56gYR4dxl3yQzZgsbsfRlz3JZGmM/4bgcQDuMY
PjPaRPLwEw/HFUK1PaRL2/pTQYw8u0XWVd4pOhLHRWL5Tut5qC+WB5SaIOGk9L60
Jm0RwVL0c6mIPh1viVlirQfx/znq9xZBIQu3d8kLHcWuP/hygdaWZnxqOEuk437F
mkXyczVOKHAOn2qL7YVgF+9/gXaOGDPs+l0SpS/xpCyy2tPg2qcuvRHfwAGuR9nW
nzJhQNUbQh/kRiDhI2niC9T8CIVXgK+v+RMPe8nx/GiZrrchlQ1b3Rirdriwegg9
IpHdbTrUxtW0osb9AG9CZDxCjf9ZmbKlj71PtmG4Mh4fmf718ego99UMVBj2Kp5t
FjtlL4A8uQARAQABiQIfBBgBAgAJBQJUsYOnAhsMAAoJEOS5MZCZgeOd2eoP/1f5
NaHPbO7rTyAfE2t97tdUAM1i47sDVEjb1cAlnvxMzAPRo2sLKNMi8InRlfuA6+c+
moJPi9szeOf8GAqXgAZy5WYXADrv4ci5lCzGeNigggGSgrCkvyr03GHgmqyX4MKE
4Eda04UUp529hY729l3+MXjuomIgU6fyjmcU+B/+oR4kSAy6aRN/UM44J4Uu3QNt
ZGgvvR2p+/6tjlQk+4ulMOD9l/SI5D4euX3dcySNFaMIprTIdmKz8SF3CnmFKotM
hWjXsLiIT66FbFbbUzRPJ/cIQSbn1SLfxef1wOcHe2i6dbCAhtSi7tlOZSvPfE/H
HWlO01C793RDvRyakLymnQkN7buyrOdOwxmjtdrKZgzMF/LiV1z3hI909JVjbsc5
JL6FuW1yVOaWWWn/532SeWbUhbnDF6gCihDbpZAcjmaLGIyypeFV4b/OL59/a8KR
+8Xh4eNU7b7vAOJzpinVO1WOsCyMfajd5DAjZeViKJpyWvOsn6B6uYfbmBkqBaaM
aOKu70UkbwNGVxDAScI6EVVnj/hDlhrlwukJ+p2xiLMgo5yxn6WfOH3Q4W3NTAIi
MfgUprZZeFV1phtUz8szJV8UW/oO3V76LS3rqxKpgm7xLwRd0uib7Ua6tWJjLe68
ZQLowWS8lmS2vBqgaL+sXRcsrRzfcB7gjfmkFMQm
=C7Up
-----END PGP PUBLIC KEY BLOCK-----
On 27.10.2015 18:11, Paul Tagliamonte wrote:
Hey there,
Your HTTPS is configured funny - it's issued for *.alfahosting-server.de
<http://alfahosting-server.de>, not elstel.org <http://elstel.org>. You
might consider fixing that -- after all, OpenPGP won't help secure
communications if you don't have a secure way of ensuring the right key
is distributed to users.
Cheers,
Paul
On Tue, Oct 27, 2015 at 1:02 PM, Elmar Stellnberger <estel...@gmail.com
<mailto:estel...@gmail.com>> wrote:
Dear Jason Fergus,
Dear Subscribers of the Debian Security List,
I am ready to share some more data about the incident and its
circumstances as soon as you would contact me via gpg-mail as
described under https://www.elstel.org/Contact.html. Anyone who is
interested and reading this mail is welcome!
Just email-me gpg-ed including your public key for response
describing or giving me reference to who your are / what you are
doing in the community (if not exuberantly returned by Google). As
any gpg-key may either be lost or get in touch with an infected
computer any time I would highly prefer if you were ready to incur
the work of generating an own throw-away key for the communication.
Best Regards,
Elmar Stellnberger
On 27.10.2015 17:36, Jason Fergus wrote:
I'm curious about how you were infected by a rootkit, which one
it was,
and what you did to discover it? Using a Sandbox is a great
idea for
those two, except of course those are generally the applications
with
the most sensitive data as well. I always try to disable html
email,
but people insist on using it...
On Tue, 2015-10-27 at 16:25 +0100, Elmar Stellnberger wrote:
I would believe that it will heavily depend on how you
configure your
desktop environment:
* One feature I do always turn off is desktop auto indexing
because
otherwise even storing an email attachement just for
invoking it with
an
online view-as-jpeg service could cause an infection. Note
that you
may
have to do this twice (once for Gnome and once for KDE) if
you have
installed according programs of both environments.
* select starting a new session on every bootup (the session
restoration
can be used as a hook for ephemeral and home directory rootkits)
* under KDE there is a list of background services that
always run;
you
may reduce it to what you really need (invokable via
systemsettings)
* likely there are other important configuration options
(ask for
your env.)
* get some understanding of what your X-server does (f.i.
http://www.elstel.org/xchroot : problems with a pure chroot,
trying
to
resolve these problems by hand)
* double check the security of the underlying system
(netstat -atupn)
* note that your email program and your browser are the two most
vulnerable parts of your desktop environment; consider
running them
under qemu in a virtual machine
Once you would comply with all these hints you may likely
discover a
rootkit inside the virtual machine for emailing or browsing
as I did
lately. The KDE environment of the host system did not
appear to have
compromised the security of the whole system so far at me.
Elmar
On 27.10.2015 12:29, Mateusz Kozłowski wrote:
Hi,
Could You tell me which debian desktop environment is
the most
security and the best privacy and which You recommned
for debian
users? (KDE, XFCE, GNOME etc.)?
--
:wq
