Re: Encryption on Mailing lists sensless?
Le 19/11/2014 à 12h17, Peter Lebbing a écrit : On 19/11/14 01:31, Robert J. Hansen wrote: No. Client-side, you get to inspect (fully) only your data, and you have to develop a statistical model of spam based on only your data. When Gmail filters, it inspects (fully) traffic to *millions* of users, and uses that to create a model no individual user can hope to match. I agree with several other important points you raise, but this one is not a big deal. I have a highly customized mail setup. My SpamAssassin downloads rules from the internet, but trains its Bayesian filter on only the e-mail I personally receive. And you can even share within a F2F meshed system the bayesian-trained rules. For example everybody could send her “friends” her set of rules, including the one of her friends, dividing the “credibility” of rules according number of hops they made (with a logarithmic progression). You could even define more categories than just “looks-like spam (ads)”, but also the same about insults/troll (comparing the number of exclamation marks with the size of message or this kind of details can be useful to gain a *lot* of time), shaming messages, menace messages (so useful if each MUA in the world could automatically filter rape menaces feminist activists receive, for instance, or for any other particulary dangerous/rude activism), racism (“'nigger' = -10 000”, for instance) , LGBTIA-phobia, fascism (“'(natural|objective) differences' = -100”, “'not like us' = -100”, etc.), etc. And all that could be shared in a point-to-point and F2F manner, so that you’re sure activists of a certain struggle will have their common rules really perfectionned against certain things, and you’ll be sure all that will automatically adapt according people and their milieus, and language/expression evolution (antisemitism, for instance, is not expressed today the same way than yesterday). Oh, and imagine that everything of that could be used not only in email, but in common on every type of asynchronous communication. *Everywhere*. Including blogs/comments, microblogging, mailing-lists (you could even imagine the F2F rules sharing extend to mailing-lists themself so some could contain “advisory rules” for clients), etc. That would avoid horrible situations like “transexual people don’t using anymore the Internet to discuss”, “feminists don’t allowing comments anymore —loosing a great amount of potential really interesting analysis— and even developping plugins to automatically mask comment systems on blogs“, or “having someone who’s psychologically hurting a lot of people, wanting a safe space for them but also wanting to have a collaborative space to debate with her to try to fix that and make her able to speak peacefully with others so we can reintegrate her”. Of course good luck if you expect from an authoritarian centralization to become nice and struggle for people rights against the system of inequalities, classes, races or patriarchy… Oh yeah, they /tried/ “nice centralization to free people” in the East. Didn’t work. Quite the opposite (ostracizing gays and foreigners, forcing women to found families, workers to work, what a success…). However: if you expect freedom from centralization, good luck. [1] Actually that is a case where the distributed solution truely excels: quickly homing in on the latest mass mailing. The sheer number of identical mails alone is a big warning sign, and a lot of people will start reporting them as spam. And that’s why I spoke about cryptography, and notably about “hashes”. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption on Mailing lists sensless?
On 2014-11-19 at 18:17, Robert J. Hansen wrote: N I agree with several other important points you raise, but this one is not a big deal. I have a highly customized mail setup. My SpamAssassin downloads rules from the internet, but trains its Bayesian filter on only the e-mail I personally receive. I don't mean to sound like I'm dismissing your experience, because -- well -- your experience shouldn't be dismissed. (Nobody's should.) But I do think you might be overlooking something: you already experience a significant benefit from the aggressive, God's-eye-view anti-spam efforts of Google, Yahoo!, Microsoft, and more. The things they do for their users have a ripple effect in making your own anti-spam fight a little easier. A couple of months ago Mike Hearn wrote a brilliant treatise on end-to-end cryptography and anti-spam technologies, with a long digression on how anti-spam technologies work at Google. It's worth every second it takes to read. https://moderncrypto.org/mail-archive/messaging/2014/000780.html He’s mainly explaining how do you fight spam in a centralized way, and then explain how all the centralized techiques are unusable when using crypto. That’s normal, crypto and decentralization comes together. You need to think according other paradigms. It’s like when you live in society. You can either think the autoritarian way “if I were the Great King Controlling Everything what could I do to fix the problem?”, or the social/free way “what should I do so that if everybody did like me the problem would get fixed?”. So that involves way much complex maths (well, actually, *different*: in the centralized world it’s already really complex, but the complexity you need to decentralize is compensated by the local private data you can access and the crypto techniques you become used to), DHTs, meshes, crypto, symmetric communication, political thought, users education, etc. I don’t consider that an issue. Quite the opposite: the result —and we always end finding it— is *beautifull*. It’s like admiring the almost perfectness of the way human body chemical biology works. It’s like admiring a fractal. You just end with something approaching what you observe within organic structures, something more resilient, perennial, big, free, flexible… Also he speaks about using bitcoin, which is not a good point bitcoin not being really secure: you just need more computational power than the half of the network and you can takeover it. Big government can do it. Also bitcoin needs anyway a lot of computational power, worse, it *encourage* it by competition. That’s really catastrophic ecologically. And finally it suffers from the problem of globalizing everything, contrarily to the Internet (and GNUnet) historical architecture where everything is the most local possible (within the Internet only IP attribution and DNS are global, within GNUnet *nothing* is, so you could transparently divide, join and grow GNUnets without any problem). Yet proof-of-work can be effectively used to prevent abuse. GNUnet use it to prevent spamming its global DHT with lot of revok’ certs it will store for a while. It could be made on messages if we didn’t need a certain fastness (merging all asynchronous communication means even microblogging will have the same requirements) and we didn’t already had concepts of mesh, WoT, bayesian filtering, F2F and cryptographic signature. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption on Mailing lists sensless?
On 2014-11-18 at 10:43, Nan wrote: If you're running the mailserver and you can decrypt my secured messages, then there's nothing preventing the federal government from serving you with a subpoena saying, please hand over the encryption keys. I agree. A third party should never handle the filtering of mail. If my email is n...@mygroup.org, then mygroup.org handles the encryption, decryption, spam filtering, etc. mygroup.org is a third party. mygroup.org is static. mygroup.org is a different person than nan. mygroup.org can be corrupted, menaced or cracked. nan will not know. The only person who can be trusted to do the decryption is the end user, running on hardware the end user directly controls. In an ideal world, yes. But after 20 years of recommending user-to-user encryption, it's clear most users can't or won't. Context changes. 20 years ago fascism weren’t raising again at this rate, petrol wasn’t at a decade of ending, and Snowden didn’t made his revelations. It doesn’t mean it’s impossible but it means we were doing it wrong. The GNUnet philosophy of “just prepare the change of roughly everything, make all the simplest possible and do a lot of philosophical/political education” seems the most utopic, but also the more realist to me. As Bruce Schneier says, If there's anything PGP has taught us, it's that one click is one click too many. Experts can still encrypt any messages they want individually. We can't leave the rest of us unprotected. Within MUA such as ClawsMail, Thunderbird, etc. you don’t need a click, just a configuration. Within networks such as GNUnet you don’t need a configuration, just a “registration”, “connection”, “installation”, or wathever you call it. Your adress is your public key, on computer it can be the nick associated in a signed entry within DHT possibly with a vizhash, and physically it’s a QRCode. Nothing more simple. It’s actually simpler that the current unencrypted internet. And as it were said, to gain freedom sometimes you need an effort. If you consider it pointless, you deserve to remain a slave. I care very little about what happens to corporations. I agree again. I'm much more concerned about human rights groups and stopping mass surveillance. Making authority nice? Teaching people freedom is not utopic, making authority nice and respectful is. You're still talking about destroying the antispam experience of end-users. The group's mail server handles spam, viruses, etc., just like it does today. No change for the user. Yes, no. any. change. Unfortunately. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption on Mailing lists sensless?
ClawsMail, Thunderbird, etc. People usually don't want to change mail clients. Most have no idea how to configure crypto or manage keys. They’re just the default and almost more used MUA. If you exclude proprietary software and SaaSS (webmail). But asking for privacy using proprietary services is a fallacy. I mean, you can’t say “PGP/GNUnet/other-crypto-implementation is useless to protect users, they use webmails” and say we fix the problem wrong. Because there is *no way* they can get true privacy with only a webmail. It would be ridiculous. When I said “deserve”, I said that you can’t expect freedom when you’re putting on you your strings yourself. PS: sorry for the two mails, I got confused. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption on Mailing lists sensless?
On 2014-11-18 16:34, Nan wrote: Alexandre, do you really believe that anyone could deserve to remain a slave? In the meaning “it’s normal/understandable/explainable to be a slave if you want freedom without doing nothing to get it while other want you not to be”, yes. But all the importance of the meaning is in the “if” part. I think if someone do nothing, or do anything anyway, it’s for a reason, or, to be more precise, a cause, and I call this reason deserving freedom itself an initial lack of freedom (of thought, if you want). So for me, actually, “deserving” doesn’t exist, doesn’t have any true real meaning, just as “merit”, “duty”, “pride”, “shame” (in their meaning, not their objective existence as a sentiment) or “free will” (in its meaning opposed to determinism). Assuming you don't, I'll address your calmer points. mygroup.org can be corrupted, menaced or cracked. Sure, a server is a single point of failure for the group, and must be carefully configured and protected. From the point this server isn’t you, it’s never “protected” enough. You could maybe protect *enough* (and only *enough*, never “perfectly”). And that’s just about “cracking”, which is just a technical concern, not the more important. Because menace and corruption still exist. You could say you trust your provider… which is already really really really hard… is your provider independent from thing such as money? corruption? power? And even if it were, arguing that nodaways anybody could resist to currently existing powers and authorities is a fallacy. It's still much safer than hoping users will protect themselves. Not “hoping they will”, making so they will, because it’s the only way to deal with. As I said everybody learned to read and it’s more complicated than basic crypto usage. As I said systems rebuilt from scratch upon these ideas can be much simpler than everything existing before. And with context changing, need will come, and people, when they need it, can adopt something really quickly, at least as fast as they can. the change of roughly everything I prefer solutions that protect as many people as possible now. I didn’t say all of that were incompatible ;) They’re short-term as long-term solutions to things that need to change. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption on Mailing lists sensless?
On 2014-11-18 at 17:09, Robert J. Hansen wrote: Would this not at the same time make it simple for MUAs to discover that this message is not from anyone you say you know. Delete without reading? Sure, but that also destroys the email ecosystem. One of email's strongest points has been that no introduction is necessary to begin a conversation. This year I found myself re-engaging with a friend I lost touch with a decade ago, who found me on a mailing list and figured to drop an email and see if maybe I was the same Rob Hansen she knew from back when. If my MUA/MTA had hidden it from me just because there was no introduction, or urged me to delete it without reading... Could email as a platform survive the shift to introduction-based systems? Sure. But it would totally transform the email experience, and maybe in ways we wouldn't like. That's why I'm so skeptical of proposals to fix email in this way: we might fix email, but we might also kill it at the same time. It’s completely true. However Mark’s right when saying it could help to do it client-side: client-side, you can access *all* private (meta)data on user without any privacy problem, and use it to better detect what’s a spam, and actually that would be really useful (isn’t it really easy for you personally, who know yourself, to detect if something is a spam or a message really adressed to you?). As he said, contacts are useful. So yes, roughly filtering spam from not-yet-introduced friends lacks flexibility and destroy several email nice features. But we can do thiner: lower the score given with bayesian autostabilizating equations. Again, if it's provably from no one you say that you trust, the MUA could refuse to execute runnable content without explicit permission. (Which I say should be the normal and only setting for all content, but I know I'm a crank.) It already is. Double-click on an executable attachment and a window will pop up with a warning about how you should only run code from people you know and trust, click OK to cancel running this, click I know the risks to run it, etc. An awful lot of people click I know the risks. A longer text explaining “you giving this program the authorization to do what it wants with your data and configuration, including destroying, corrupting, stealing, spying, reveling anything”. But the true solution is this one: use only free software, software you’re sure you can check the sources. Even more: having build information, sources and binary signed cryptographically. Even more: being sure this binary is made with reproducible builds. Even more: everything of that available trough a censorship-resistant P2P filesharing system. He said that of all the outcomes he imagined for his Ph.D., he never dreamed that it would be that his research could be accurately summed up as, the technology works fine, it's *people* who are completely broken. Yeah, we need interdisciplinarism: a great part of work to change the world, added to technical progress, is education. It’s maybe *the* biggest and most important thing. Sometimes you don’t need to adapt to the society but adapt the society to you and people: “The reasonable man adapts himself to the world: the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man.” — George Bernard Shaw signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption on Mailing lists sensless?
Le 19/11/2014 à 01h31, Robert J. Hansen a écrit : It’s completely true. However Mark’s right when saying it could help to do it client-side... No. Client-side, you get to inspect (fully) only your data, and you have to develop a statistical model of spam based on only your data. When Gmail filters, it inspects (fully) traffic to *millions* of users, and uses that to create a model no individual user can hope to match. You can do some stats on multiple persons using hashes, meshes, propagation and this kind of thing. Even better: you can do it F2F, and ponderate according distance in number of hops. See what try to do GNUnet. That’s way better than large, politically risky and impersonal large Google scans. Encrypting everything, even Aunt Edna's recipe for potato salad, means a significant step backwards in the spam fight. I love decentralized algorithms, but there's something to be said for a God's-eye perspective on the problem -- look at decentralized route discovery protocols versus Dijkstra's algorithm as an example. We have to make some sacrifices to get freedom. So yes it can and will be more complex to stop centralize. But it especially involves an other thinking model: not a big centralistic individual one, but a *collective* one, where you think “I have a thousand instance, how should each of these act so that the whole networks work respecting both Order and Anarchy?”. It’s a lot more complex, but also a lot more interesting, and potentially a lot more powerful. But the true solution is this one: use only free software, software you’re sure you can check the sources. Maybe one user in ten thousand has the skill to audit a nontrivial codebase. Free software is a good idea, but let's not pretend that normal users will realize a real benefit from being able to check their source code. One in ten thousand is enough. And anyway: that was the case too about written language some centuries ago. How could that not change? For instance a way greatest amount of Emacs users know several parts of its code source, and are able to inspect any part at any moment if needed. And the real benefit is in the *freedom to*, which has only to be express by the ability to do something, even if « everybody » doesn’t know how, a sparse minority is enough. That’s the concept of free software. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption on Mailing lists sensless?
On 2014-11-17 at 19:49, Robert J. Hansen wrote: Most of the technical reasons can be bypassed by making a single subscriber key (public and private) available as a part of the subscription process, but that eliminates most of the technical advantages of encryption, so it's really a moot point. It also means there's pretty much no point in keeping archives, because it's inevitable that the keys will become separated from the archives. And if the key is part of the archive, then what's the purpose of the crypto in the first place? Once, for my job, I had to look into the way the Roman Senate conducted its elections. I was able to find ballots that were over 1500 years old. It was pretty neat, and it changed my perspective on things like crypto. The crypto dream is that the confidentiality of our messages will be preserved for centuries after our death, Well, no. The crypto dream is that powerful people will stop being able to retrieve lot of informations on why they exerce power on, and that these people will be able to inform and communicate in a decentralized, horizontal and autonomous manner wathever this autority wants. which sounds really great up until you consider what an archaeologist circa 4000 AD is going to be thinking. I have a stack of records here that could shed light on the way people lived in a long-dead civilization, but I can't read them. Why? What were these people doing that they thought their email to their Aunt Edna needed to remain secret for all time? Why is it that, millennia after they're gone, Aunt Edna's recipe for potato salad has to be gone with them? Then the question is not “Do we want to encrypt everything?”, but more precisely: “do we want to make everything *accessible*”. Actually imagine mail servers today, quite all encrypting everything with TLS. Not a problem, mails are still accessible. It just means it’s harder for ISPs (MITM is visible, and being visible means a great risk) to spy on people. If we make only some traffic encrypted they have at least the information of what is enough important to be hidden, when, where, by who, to who, for how long, etc. meta-data. Here we make cryptoanarchy and hide everything so that they don’t even have the information of what is to hide. But that doesn’t obligate us to make what is public public. We could imagine a web where everybody uses HTTPS: pages are still accessible to everybody. We could imagine bittorrent where almost all clients encrypt everything (hint: it’s already this way), and everything is still accessible. We could imagine Tor Hidden Services, and everything is still accessible. What’s not accessible anymore is metadata. Or think about your own kids, circa 2040 AD. I'd love to read these emails between Mom and Dad when they were courting, but ... they were afraid of Somebody-with-an-S reading their emails. I wonder if they ever thought that the Somebody might be their son, who wanted to understand after their deaths how it was these two people came to meet and fall in love. Then comes the problem of private messages, made to be private. First, future archeology is pointless argument between our security and our freedom, it sounds a lot more better like kind of an excuse. Second, a reccurent problem in cryptography is we know computers power and algorithms constantly evolves, and that what’s encrypted a way today is not guaranted to always be forever. What’s encrypted with DSA today will maybe be accessible within more time. Finally, information generally needs to be private only for a limited amount of times. If we have a message describing date and place for a dissidents reunion in a totalitarian state, once the reunion is over, the message doesn’t need to be private anymore, and could be “released”, if it’s for archival/archeology/history needs. Actually it would be something quite interesting for people to know in what kind of place reunions are planned (anyway a place should never be the same twice). Historians called the early medieval period the Dark Ages not because the era was full of villainy and evil, but because record-keeping became so austere that we really don't know much of what happened for that period. Because they had no efficient way to keep information in front of the quantity of information producible. The press solved this problem. We're living in a new Dark Age right now. Historians of the future are going to see human record-keeping basically end around 1960. They’re still accessible. And what’s saying you in the future all hard-disk will die at the same moment with no backup? It could be plausible if our civilization could break down just like others before and let others develop. The problem is: today we have a world-wide civilization, if this one break down, there will be no more civilization to study us. So we have absolutely no reasons to care. Fewer records were printed out and more were put on digital media -- media that
Re: Encryption on Mailing lists sensless?
On 2014-11-17 at 18:02, Robert J. Hansen wrote: But sorry, I disagree a little bit. If we want literally to jam the secret service's attempts to decrypt mails, then it makes sense to use encryption for every single mail, private, business, nonsense and spam This would have the ultimate effect of destroying email as a platform. Email works as well as it does -- as well as fails so miserably in other ways -- largely *because* it's open to inspection. Because today it works the way it works is not a reason to let it work that way forever whatever is context. As an example, pervasive end-to-end encryption would require antispam defenses to move to the client rather than being deployed at the mailserver or relay. This would essentially be tantamount to giving up, since there are no really effective client-side antispam measures. Internet is fundamentally superior to all other technic networks invented by mankind for this reason: moving intelligence to periphery, make work client-side, make things horizontal, decentralized everything, giving control on everything to everybody locally, making everybody able to do anything wathever others do. That’s what distinguish Internet from what existed in France before Internet : the minitel. The minitel is a dumb terminal only able to connect via phone-lines to a server, send input to server and display what server send back. It were popular when computers where too much expensive and nobody could have one. In the free software and decentralized/secure internet movement in France, we generally use the term “Minitel 2.0” to humorously speak about (and mock) GAFA and all ultra-centralized services where quite everything tends to be made server-side, where the client is just a dumb terminal controlling nothing and delegating everything to the server. Where the server can do anything. rms also denounced SaaSS as worse evil than proprietary software, and that’s true. Because with just proprietary software you can still cut the Internet (or even just its access to it), and even do reverse-engineering. With SaaSS, URSS and 1984 seem a happy pink poney world. The fact is that doing everything client-side, you can adapt everything even better than Google would do, because *you* control it. You could use spamassasin-like rules based on naive bayes filtering, and choose yourself what you identify as a spam, then choose to make a message more visible or not according its probability to be it. Then you could even make more category than just “vacation/viagra/enlarge-penises-like spam”, you could try to do the same thing about insulting messages, (death/rape)menaces messages, racist, sexist, homophobic, transphobic nationalist, classists messages (all containing some interesting common patterns, and it could even be useful on some mailing-lists, more practical than just banning people, could just prevent people to read messages that they could consider psychologically hurtful to them, while letting other trying to deal with some people’s annoying ideas). If that can work, you could even share score lists in a F2F manner, and ponder that according bonds, and then secure everything with cryptographic signature, and identify people with DHTs, etc. etc. Decentralizing you can do quite everything, and very very very very interesting things. Then with just complex maths, moderns DHT, etc. you can achieve quite spectacular things, avoiding issues like “Facebook has a considerable part of mankind population subscribed, is able to statistically determine if someone is homosexual even without him/her knowing it, and activally collaborate with especially intolerant authoritarian governments or agencies, especially if payed well” (yellow star seems pointless in front of that). Give a look to what GNUnet tries to do. Similarly, it would assist in the spread of malware and viruses and for the same reasons. If a mailserver can't inspect the email, it can't recognize malware and quarantine it for the health of the internet. Malware and viruses is the problem of client, only client, always client. If we have to make a less freedom-compatible internet because of client not doing its job, there’s a problem. As far as I know that especially regards proprietary systems. Etc., etc. I am fanatically in favor of people's right to protect the privacy of their communications, but there's a flipside to it: we also need to be responsible and prudent with how we do it. Simple, naive solutions like encrypt everything! aren't a fix: at best, they'll trade our current set of problems for a new set of problems which we'll have even less knowledge of how to handle. So instead of trying to make nice authorities known for their authoritarian interests and with a creepy background, you’ll try to just invent, and most of time just implement, new algorithms… One of these solutions seems more realist to me. signature.asc Description: PGP signature
Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back
On 2014-08-23 at 12:16, d...@geer.org wrote: On 2014-08-22 at 21:13, Rejo Zenger wrote: Open data and transparency should only be about what concerns everybody, like government actions, trains schedule, etc. not private information. Is this not the core of the question? In a world of social media and sensor-driven everything, does not the very concept of private information fade, per se? I believe it does. It will be when any kind of authority (thus hierarchy) or intolerance (thus ignorance/inconsciousness) would have *perfectly disappeared*. Whenever it’s possible or not, we can still see that today it isn’t so, therefore privacy still has importance. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back
On 2014-08-22 at 01:16, Robert J. Hansen wrote: On 8/21/2014 3:35 PM, Johannes Zarl wrote: Compiling a collection of publicly available information is an almost perfect description of the term surveillance. E.g. a surveillance camera does exactly that: it collects publicly available information. So does the phone book, Wikipedia, and IMDB. We don't call them surveillance. The difference in the relation we have with information is who does it concern: when it concerns everybody (like Science, information about politics, events, Philosophy, Art, etc. what generally is what Wikipedia contains, aka “encyclopedic informations”), it should be shared among everyone, and not doing so is taking part in some kind of oppression (like stopping people from sharing a software); when it concerns only some people (like private information, one-to-one communication, etc.) it should be keep secret amoung the few people it concerns, otherwise it is also taking part in some kind of oppression (like surveilling, spying, controlling). That’s why we ask for more transparency from the powerfull and more privacy to the weak. When someone watch the tweets of some friends of some person discussing with some others, while not knowing and not being interested of it, even if it doesn’t concerns her, just to spy the person, it *is* surveillance. Though Twitter haven’t sophisticated privacy features like circles or groups, so it’s possible even if it’s not always a good thing. The same applies to IP. In this case, it does concern only the person owning the house what color is it, what is the model of door, of lock, of key and how to open it. So even if it’s “publicly available information” (like in Twitter, Facebook, or any potentially privacy-harmful social network) it shouldn’t be collected without hurting someone’s freedom, so here the usefulness of the GNU patch for it :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back
On 2014-08-22 at 21:13, Rejo Zenger wrote: ++ 22/08/14 11:38 +0200 - Garreau, Alexandre: The difference in the relation we have with information is who does it concern: when it concerns everybody (like Science, information about politics, events, Philosophy, Art, etc. what generally is what Wikipedia contains, aka “encyclopedic informations”), it should be shared among everyone, and not doing so is taking part in some kind of oppression (like stopping people from sharing a software); when it concerns only […] That's an interesting point of view - or there is some misunderstanding on my end. Let's say the NSA does not only surveil all kinds of communications as it does right now, but it also publishes this information (open data in governmental speak), then there is no oppression according to you? I didn’t say it was related to what usage was made of information or to whom it was available but to *who it concerns*. Actually if you publish private information it changes nothing: it remains private information concerning only its initial possessor, and making other people acknowledge it is giving them power an harm to the freedom of one who has her privacy harmed. Open data and transparency should only be about what concerns everybody, like government actions, trains schedule, etc. not private information. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 2014-08-16 at 19:14, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. http://blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.html Yeah, PGP’s what I’d call something coming with and for the “old” Internet, the slow, federated, cleartext, client–server, monocast and sedentary one. Another critique: http://secushare.org/PGP. But if you really want to fix all these issues, what you need is not improving PGP/GnuPG, but rebuilding the whole Internet. That’s not the goal of GnuPG, you’d better give a look at GNUnet. To fix these issues, it doesn’t only plan to replace GnuPG, but also mail, IRC, jabber, web forums, web itself, HTTP(S), newsgroups, FTP, bittorrent, TLS, DNS(SEC), TCP–UDP/IP, BGP, and quite everything that you could imagine in Internet, which is all fundamentally completely broken, obsolete and way excessively complicated, if you try to see things from this point of view. Yet PGP hides some information in a more secure way than cleartext, is usable by the people who need it the most and is part of our internet tech culture. So waiting during we try to rebuild and revolution the world again, it stays fine to keep using it, but we need to know its deficiencies, and to take care of who, how, when, where and why to teach it. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 2014-08-17 at 01:41, Nicholas Cole wrote: On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen r...@sixdemonbag.org wrote: OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in this blogpost: OpenPGP can't protect your metadata, and that turns out to often be higher-value content than your emails themselves are. Further, exposed metadata is inherent to SMTP, which means this problem is going to be absolutely devilish to fix. That is true. But perhaps it would be a start if email clients actually put the actual email (with subject and references headers etc.) as an attachment to a bare email that contained only the minimal headers for delivery. It wouldn't be a perfect solution, but it would at least fix a certain amount of metadata analysis. Well, afaik, there’s *no* MIME header which is required for delivery (maybe RFC says there is, but currently mail servers accepts mails with no headers at all). The headers that are needed for delivery are not MIME ones (the ones like “From:”, “To:”, “Date:”, “Message-Id:”, “Subject:”, etc.) but the SMTP one (the “MAIL FROM:” and “RCPT TO:”) which are separated. So I think mail clients could just send a void mail with just as much MIME informations to says its content is a MIME message (“message/rfc822” MIME type I think). Then things like the subject, the date, the message-id, the list of attached things, etc. would be protected. That makes less metadata, but it still leaks the more important: recipient and receiver. So the only way is to build an asynchronous communication system based on anonymity, like GNUnet’s doing. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: symmetric email encryption
On 2014-07-18 at 19:39, Ingo Klöcker wrote: Sure. But the fingerprint is only used once (for verifying the key). And it's not even secret information, so exchange via an insecure channel is not an issue (at least, not a severe issue). OTOH, symmetric keys really should be exchanged via a secure channel. The fact is that you can use symmetric-keys when the other doesn’t have yet a public key. So you can send her this understandable message and *then* say her “here the key that’ll allow you to read the message”. That could be used if the message *must* be transmitted by mail, because it’s a file, because it’s large, because it have to be *before* or other reason, so in some rare cases it can be useful, and since the message has already been sent, it’s easier to convince the other to begin using cryptography. Then she could decrypt the mail, and you can start trying to convince her to use asymmetric cryptography, at this point it’ll be easier. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
