-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 12.06.17 20:51, Stefan Claas wrote: > On 12.06.17 20:18, Ludwig Hügelschäfer wrote: >> Hi, >> >> On 12.06.17 14:52, Stefan Claas wrote: >> >>> Hi Ludwig, >>> >>> I just checked again. On my Mac and on my Windows Notebook i >>> get a green bar , from a blue "Untrusted" key when i go into >>> Enigmails Key Management and set the trust of that key to >>> Ultimate... >> Well, ultimate ownertrust is the wrong way. This setting is >> reserved for your own keys. No wonder you get a green header >> bar. >> >> What are you trying to achieve? >> > > Well, i assume that the majority of people who are using GnuPG are > using it with Thunderbird/Enigmail.
I'd not sign this statement. A lot of users caring for privacy and safety won't go for Windows. Thunderbird is not the most popular mail client on non-windows computers, there quite some other mail clients. > Let's also assume they are not security experts like all you guys > here on the list and let's also assume they are following popular > tutorials like the ones from EFF: > https://ssd.eff.org/en/module/how-use-pgp-windows because they know > EFF are good people (like you security experts). > > Now here is my thought. Mallory knows this very well what i have > described above and after he gained access to my computer he simply > replaces on of my locally signed pub keys with a fake one where he > sets owner trust to ultimate. A user, described as above would imho > have a hard time to detect a fake pub key, because Enigmail shows > for both keys a green bar. As Robert said: If an attacker gains control over your computer, you're busted, game over. > Maybe as an additional security feature Enigmail should give a key > with a set trust level of "Ultimate" a different color than green. This would also be the case if the attacker gained access to your computer. What you can do: Learn, learn by playing, learn by trying to understand what others write and by asking questions and become a reasonable critical user. That's the hard way, but you learn best. Second possibility would be to have a good experienced friend which guides you along the way. Third way would be to engage an expert which maintains your computer. Ludwig -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4WAgb7FA4aaVxJnYOtv6bQCh5v4FAlk+6b4ACgkQOtv6bQCh 5v7yeg/+NG1ZJOm/is1MyiDI8eGHB2343qmCYjzlrpj5+SYBECMa5FSKqh86z+LS xMbynzfMIVTR2imt259mHFhCCcBgx067GCCxCFOMgJgafYg0M/kf1bOQF1Hov1lD 969zfYBcHNl2lnOSA5W16nJPY0gaJoa6t+25bf3YDD/+1aMQdZpBmOpxEPPuMUqt 5Qb7LPHh0hhSNoX7TrTqcMEBQtJopDlB94xUShUujMR56udC1Mfo3LDN1BpV00sd R+La+a94Uu+i9FkEhjFHeTcVlaN9TSofLqGBVID51h2sGG7UK/moOAv55T2GBkuh zdTp9OirN1OIZbBIMnUfa3oe3ZbCyY24qm/XWA7gn4gTIUX9/QdT6Wz/aBDA9Rq+ fr5RDxXU5S/4kX3HODnUiGqvt8HElQAKmCkiTD6gSLM8Tsw6Bp1DK9AAMHEbgvqS zT67rKY4ISzW4RTxqHuK4W1bury0TdSlyCCgL33CdUp+xhQazjLRfUQXzSeOaNu2 7/6LRVtOHWWUkpELaNGYGS2CPDMiPvuZuMH/Ut9CYcwGHaf1Rq2F7FH0C2Hha5Uf 6hHWVww+PrNg1Tera/yLn+P8+RCU5tkf8c+injiEN0FjYScXd0YBds704ZjdD8l8 tld1uAcxxI3FYybY05TSjKqdRNpGrJRJ14nb4Djd896jzOZDWJQ= =CZYK -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
