Re: Why don�¼t gnu.org and RMS sign mail? (was: Testing new mail server)

2019-11-02 Thread Jay Sulzberger 



On Fri, 1 Nov 2019, Richard Stallman  wrote:


[[[ To any NSA and FBI agents reading my email: please consider]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

 > Somebody can make your settings such that you do not need to enter
 > passphrase, it would be kept in the file or provided as a string on
 > command line.

 > --passphrase-file file

Thanks, but I really do not want to have my passphrase stored in a file
on my computer.
--
Dr Richard Stallman


Yes.  Two weeks ago I discovered that, as installed on my Debian
up to date Debian systems, gpg does not actually encrypt a file.
Not without disabling the absurd behavior of keeping the password
around, and using it without asking me when I go to view the file.

Richard and list folk!  Please forgive me, but I will not be able
to take much part, if any, in further conversation about this
until some day likely a month from now.

oo--JS.



Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

Re: Why don't gnu.org and RMS sign mail? (was: Testing new mail server)

2019-11-01 Thread Jean Louis 
* Richard Stallman  [2019-11-02 03:24]:
> [[[ To any NSA and FBI agents reading my email: please consider]]]
> [[[ whether defending the US Constitution against all enemies, ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> 
>   > Somebody can make your settings such that you do not need to enter
>   > passphrase, it would be kept in the file or provided as a string on
>   > command line.
> 
>   > --passphrase-file file
> 
> Thanks, but I really do not want to have my passphrase stored in a file
> on my computer.

My /home and /tmp and swap are always encrypted upon boot, and I
decrypt it manually, not automatically.

If computer is stolen, all information is encrypted, while encrypted
backups are stored at other places.

For security, if computer is turned on, and I am not in the room, the
room is always closed.

But if I die suddenly, nobody would get access into important
information, unless I leave a write-up how to access such.

Jean

Re: Why don�¼t gnu.org and RMS sign mail? (was: Testing new mail server)

2019-11-01 Thread Richard Stallman 
[[[ To any NSA and FBI agents reading my email: please consider]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > Somebody can make your settings such that you do not need to enter
  > passphrase, it would be kept in the file or provided as a string on
  > command line.

  > --passphrase-file file

Thanks, but I really do not want to have my passphrase stored in a file
on my computer.
-- 
Dr Richard Stallman
Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

Re: Why don�¼t gnu.org and RMS sign mail? (was: Testing new mail server)

2019-11-01 Thread Jean Louis 
* Richard Stallman  [2019-11-01 03:22]:
> [[[ To any NSA and FBI agents reading my email: please consider]]]
> [[[ whether defending the US Constitution against all enemies, ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> 
> I can't use GPG agent.  The reasons are long and complex.

Somebody can make your settings such that you do not need to enter
passphrase, it would be kept in the file or provided as a string on
command line.

--passphrase-file file

Read the passphrase from file file. Only the first line will be read
from file file. This can only be used if only one passphrase is
supplied.  Obviously, a passphrase stored in a file is of questionable
security if other users can read this file. Don't use this option if
you can avoid it.

Note that since Version 2.0 this passphrase is only used if the option
--batch has also been given.  Since Version 2.1 the --pinentry-mode
also needs to be set to loopback.

--passphrase string

Use string as the passphrase. This can only be used if only one
passphrase is supplied. Obviously, this is of very question‐ able
security on a multi-user system. Don't use this option if you can
avoid it.

Note that since Version 2.0 this passphrase is only used if the option
--batch has also been given.  Since Version 2.1 the --pinentry-mode
also needs to be set to loopback.

Re: Why donʼt gnu.org and RMS sign mail? (was: Testing new mail server)

2019-10-31 Thread Jean Louis 
* Richard Stallman  [2019-10-31 03:11]:
> [[[ To any NSA and FBI agents reading my email: please consider]]]
> [[[ whether defending the US Constitution against all enemies, ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> 
> I never sign my email.  It would require typing my passphrase,
> which is rather long, each time.

The GPG Agent can cache the passphrase for long time.

Re: Why donʼt gnu.org and RMS sign mail? (was: Testing new mail server)

2019-10-30 Thread Richard Stallman 
[[[ To any NSA and FBI agents reading my email: please consider]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

I never sign my email.  It would require typing my passphrase,
which is rather long, each time.

-- 
Dr Richard Stallman
Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

Why donʼt gnu.org and RMS sign mail? (was: Testing new mail server)

2019-10-30 Thread Dmitry Alexandrov 
Mike Gerwitz  wrote:
> On Mon, Oct 28, 2019 at 19:51:04 +0200, Richard Stallman wrote:
>> Testing new mail server.
>
> This email is not legitimate---it did not originate from rms.  The headers 
> indicate it comes from the same host that attempted to imitate bill-auger on 
> gnu-linux-libre list.
>
> I'll forward to the appropriate people.  This is a significant problem.

This made me extremely curious: why does neither gnu.org sign mail server-side 
with DKIM, nor RMS sign his own with GPG?  Is there any idea behind it?


signature.asc
Description: PGP signature

Re: Testing new mail server

2019-10-29 Thread Mike Gerwitz 
On Mon, Oct 28, 2019 at 19:51:04 +0200, Richard Stallman wrote:
> [[[ To any NSA and FBI agents reading my email: please consider]]]
> [[[ whether defending the US Constitution against all enemies, ]]]
> [[[ foreign or domestic, requires you to follow Snowden\'s example. ]]]
>
> Testing new mail server.

This email is not legitimate---it did not originate from rms.  The
headers indicate it comes from the same host that attempted to imitate
bill-auger on gnu-linux-libre list.

I'll forward to the appropriate people.  This is a significant problem.

-- 
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
https://mikegerwitz.com


signature.asc
Description: PGP signature

Re: Testing new mail server

2019-10-28 Thread Amirouche Boubekki 
blague

Le lun. 28 oct. 2019 à 20:33, Jose E. Marchesi  a écrit :
>
>
>     Testing new mail server.
>
> pong.
>


-- 
Amirouche ~ https://hyper.dev

Re: Testing new mail server

2019-10-28 Thread Jose E. Marchesi 

Testing new mail server.

pong.

Testing new mail server

2019-10-28 Thread Richard Stallman 
[[[ To any NSA and FBI agents reading my email: please consider]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden\'s example. ]]]

Testing new mail server.

-- 
Dr Richard Stallman
Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)