Mick <michaelkintzios <at> gmail.com> writes: > > Ahh, OK. So secure communications between all these clients. > > The two big players for client-side encryption for email or messaging > > data would be GPG and OTR;
Good 2 know. I'll keep searching for docs. > Also S/MIME encryption of the email message body using SSL certificates > achieves the same end result (i.e. encrypted payload) as GnuPG offers. > For GPG you may need a plugin (e.g. enigmail on T'bird) or something > similar for phone clients, but S/MIME is usually available by default for > most email clients and platforms. OK, so maybe I'll test out a few devices, provide some feedback and then seen about a (gentoo wiki) page. If the community is not interested in that I bet these guys would put up some sort of community cook-book on this topic:: [1] Dont know who they are, but they seem to be on the right track, and they big on Gentoo! > A word of caution: Snowden warned us that the end devices do not ossess > strong enough randomness generators to ensure that the encryption they > perform cannot be reverse engineered. Intel has long been hiding extra hardware inside of their processors, for a variety of nefarious activities. Here is a link where they now let the retail world in on what has been going on for decades [2]. This is why the US gov keeps hyping how bad security is, so the gov can take steps and the sub-contract out the details for billions (it's the new cold war and we have to be scared enough to get the govs to protect us, right? And all of that horse_feathers.... Anyone doing gate/register design/validations with Intel parts, decades ago, stumbled into areas of the the intel chips with hidden hardware. Just slice them and put them under any high res scanner nowadays.... Sadly, everybody in the chip bidness does this routinely now. SoCs are all full of this crap. The old AT&T phone switches (think 3B2) had this sort of 'undefined hardware'. Nothing new 'signal intercept' is good to search on, but most of the Intel (get the pun?) has been scrubbed form the internet on 'signal intercept'; particularly the Rf stuff. > A recent article shared on this M/L also showed that anything with Intel > insideĀ® can be deemed as intentionally weakened to enable potential > interference with our privacy. Got that link handy? Part of the SSL v2 v3 stuff? I was hoping somebody would write up a summary, and detail action plans from a gentoo workstation, gentoo server and gentoo-cluster perspective on the state of SSL.* issues. > Therefore treat your encrypted communications and their content with > caution, because you don't know how private these may remain in the > future. Kinda like a very gorgeous woman, with a low credit score (yak yak yhak)? Or like an 'old bug' flying towards the light (ZAP)? Certainly, but, the low rent hacks might be held at bay a little longer. Still, we should make the effort to streamline and document pathways, with ample warnings of cautions. [1] https://wiki.installgentoo.com/index.php/Encryption [2] http://www.extremetech.com/extreme/184828-intel-unveils-new-xeon-chip-with-integrated-fpga-touts-20x-performance-boost
