> Steve Gibson [0] has a slightly different opinion of the code:-
>
> "It is truly lovely. It is beautifully constructed. It is amazing
> work to be deeply proud of."
I do not personally find Gibson to be a credible commentator. He's made
a lot of really embarrassing brainos over the years -- li
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 27 December 2014 at 4:28:42 AM, in
, Robert J. Hansen wrote:
> The
> code is a mess, yes
Steve Gibson [0] has a slightly different opinion of the code:-
"It is truly lovely. It is beautifully constructed. It is
amazin
> Robert: In spite of the fud about TC, do you still like it?
First, please don't respect my opinion on it -- I don't think I know
enough to have an opinion on it!
TrueCrypt has published source and a lot of people looking at it. Prior
versions of TrueCrypt sometimes had appalling failures (what
On Sat, Dec 20, 2014 at 7:32 PM, Robert J. Hansen wrote:
>> I'm a home user of Linux. I'm looking for an encryption utility for
>> my personal password file, preferably one with a graphical user
>> interface.
>
> Have you considered either encrypting your /home directory (with
> dm-crypt, LUKS, pi
On Sat, Dec 20, 2014 at 7:32 PM, Robert J. Hansen wrote:
>> I'm a home user of Linux. I'm looking for an encryption utility for
>> my personal password file, preferably one with a graphical user
>> interface.
>
> Have you considered either encrypting your /home directory (with
> dm-crypt, LUKS, pi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 23 December 2014 at 7:28:32 PM, in
,
Ryan Sawhill wrote:
> I have no idea how much work it would require. No one's
> ever expressed an interest, myself included.
It was more idle curiosity really.
- --
Best regards
MFPA
On Tue, Dec 23, 2014 at 2:18 PM, MFPA <
2014-667rhzu3dc-lists-gro...@riseup.net> wrote:
> Since Python and GTK can both be used on Windows, does Pyrites work on
> Windows as well? And/or could it be converted to a standalone Windows
> executable using something like Py2exe or cx_Freeze?
>
I have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tuesday 23 December 2014 at 5:45:04 AM, in
,
Ryan Sawhill wrote:
> GUI, pyrite (
> http://softwarerecs.stackexchange.com/questions/11254/gnupg-aware-gui-to-encrypt-decrypt-pgp-ascii-on-linux
Since Python and GTK can both be used on Windows,
@Gus:
I recommend you follow up on the suggestions about password managers;
however, if you are dead-set on managing your own encrypted flat file and
you want a GUI, pyrite (
http://softwarerecs.stackexchange.com/questions/11254/gnupg-aware-gui-to-encrypt-decrypt-pgp-ascii-on-linux
) is by far your
On Friday, 2014-12-19 22:20:14 Gus Zernial wrote:
> With what program and/or how can I do this?
This is off topic, but here are some good introductory materials on password
management, strong passwords, and using either Keepass or KeepassX
Security in-a-Box:
https://securityinabox.org/chapter-3
On Fr, 19 Dez 2014, Gus Zernial wrote:
> I'm a home user of Linux. I'm looking for an encryption utility for my
> personal password file, preferably one with a graphical user interface.
[...snip...]
> With what program and/or how can I do this?
General Description:
https://en.wikipedia.org/wiki/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Friday 19 December 2014 at 10:20:14 PM, in
,
Gus Zernial wrote:
> I'm a home user of Linux. I'm looking for an encryption
> utility for my personal password file, preferably one
> with a graphical user interface.
> After initial encryption of
> I'm a home user of Linux. I'm looking for an encryption utility for
> my personal password file, preferably one with a graphical user
> interface.
Have you considered either encrypting your /home directory (with
dm-crypt, LUKS, pick your poison) and/or using an encrypted folder
(TrueCrypt, etc.)
Hi Gus. Using symmetrical encryption I do just that
on Linux, without the GUI?
With a small bash script, you could filter out just the entry you want too.
I currently do it with Python and their encryption, but want it for
my windows box and Linux, hence gpg.
e.g. unlock is
source lockp.sh # p
I'm a home user of Linux. I'm looking for an encryption utility for my personal
password file, preferably one with a graphical user interface.
After initial encryption of the file with a master password, I'd like to be
able to decrypt and display the cleartext file, using my master password,
wi
Am Di 04.11.2014, 15:14:55 schrieb Kanchan Gobari:
> Urgent help required.
Then you should have subscribed to the list before writing. Would have
saved you 12 hours...
> I have create a UNIX script for encryption but while executing the
> script got the below error:
>
> gpg: cannot open tty `
Hi,
Urgent help required.
I have create a UNIX script for encryption but while executing the
script got the below error:
gpg: cannot open tty `/dev/tty': No such device or address
As got input from multiple sites - google; I found to add the '--no-tty'
in the command line.
But after adding
Hi Ryan,
Yes that is exactly the kind of front end I was looking for, and it
looks very nice. Thanks for writing it. :-) Though now I have finished
the stab I took at solving the problem myself, which is a much simpler
command line script. You can find the two versions of it here:
https://ww
As already mentioned, you could decrypt the file to a ram disk -- the
/dev/shm directory should already be there, but if you're trying to
bypass creating an unnecessary file altogether, you need something
else.
I actually wrote a GUI frontend for this purpose (among others) a
while back. It's call
Hi Doug,
Thanks for the comments. Yes the threat model is mostly the worry of
having old temp files or even the original cleartext files left behind
on the HD, or even worse having them backed up. ;-) At the very least I
want something that tries to protect me from stupid mistakes. Yep the
RA
On 01/19/2014 08:56 AM, Mr. Clif wrote:
So I'm trying to get a sense from the users here if they feel that the
process of using gpg for symmetric encryption is safe enough, and they
are not worried about leaving clear text behind.
I think you're misunderstanding a few things. First, the problem
On 01/19/2014 03:53 AM, Johan Wevers wrote:
On 19-1-2014 7:50, Mr. Clif wrote:
Does anyone use symmetric file encryption?
Yes, but only for encrypting files for personal use. Not in
communication with others.
Same here. This is why I wrote that perl script, so I wouldn't have to
rem
On 19-1-2014 12:12, Andy Ruddock wrote:
> I wouldn't like to make any claims about "best practice", for the most
> part I rely on defaults provided by more knowledgeable folks than myself.
Although trust in that approach has gotten some drawback since the
actions of RSA Inc. became public knowled
one got back to me.
>
> Does anyone use symmetric file encryption? What is the best practice
> here? I heard of another solution which was to mount an encrypted
> directory with fuser to drop files into. I think I would wounder how
> safe the passphrase was for mounted filesystems, thoug
On 19-1-2014 7:50, Mr. Clif wrote:
> Does anyone use symmetric file encryption?
Yes, but only for encrypting files for personal use. Not in
communication with others.
> What is the best practice here?
As always, that depends on your use case and threat model.
> I heard of another
So no one got back to me.
Does anyone use symmetric file encryption? What is the best practice
here? I heard of another solution which was to mount an encrypted
directory with fuser to drop files into. I think I would wounder how
safe the passphrase was for mounted filesystems, though I know
Greetings!
I've been happily using pgp and gpg off and on for decades. One thing I
never quite figured out was what the best way to use it for encrypting
sensitive files on disk. After doing that one has to remember to cleanup
after themselves and delete all the leftover plaintext versions of
On Mar 2, 2009, at 9:19 AM, Mark H. Wood wrote:
On Fri, Feb 27, 2009 at 08:37:53PM -0500, Robert J. Hansen wrote:
For long-term photographic storage, make a print from photographic
film
on archival-quality print stock. Also, I'm given to understand that
black and white photographs survive th
On Fri, Feb 27, 2009 at 08:37:53PM -0500, Robert J. Hansen wrote:
> For long-term photographic storage, make a print from photographic film
> on archival-quality print stock. Also, I'm given to understand that
> black and white photographs survive the aging process much better than
> color.
Silve
I've been amazed by the variety of thoughtful comments since I posted.
I've read all those - and a bit more besides. I'm ashamed at my
ignorance when I contacted the list last Thursday. I comfort myself with
the thought that it's only from ignorance that you can ever feel
complete knowledge could b
On Fri, 27 Feb 2009 17:25, r...@sixdemonbag.org said:
> After a little thought, it occurred to me that perhaps Sven meant there
> are three errors and it's not known where. This turns into a slightly
> more complex case, but still within the realm of possibility: just over
> twenty-two million po
Hi!
Robert J. Hansen schrieb:
> After a little thought, it occurred to me that perhaps Sven meant there
> are three errors and it's not known where.
I also meant something like some 512 bytes of the file being unreadable
because of failure of the corresponding disc sector.
But I agree that singl
On Feb 27, 2009, at 8:37 PM, Robert J. Hansen wrote:
For long-term photographic storage, make a print from photographic
film
on archival-quality print stock. Also, I'm given to understand that
black and white photographs survive the aging process much better than
color.
It's because black a
John Clizbe wrote:
> Christopher J. Walters wrote:
>> I know quite enough about the field without your snide and foolish remarks.
>> I
>> refuse to engage in a battle of wits with an unarmed opponent.
>
> Statement one: I'll ignore as other readers may make their own opinions
> as to the quality
(Replying to David, but it's really for Joseph)
David Shaw wrote:
> On Feb 27, 2009, at 6:25 PM, Joseph Oreste Bruni wrote:
>
>> Since we're talking about photos, what would be wrong with PRINTING
>> them? I think a printed photo would last a lot longer than any
>> computer-based technology. And,
John Clizbe wrote:
> All too often we see folks too overly invested in a creation to accept
> objective criticism of the idea.
There also seems to be a tendency to misread what I think are very
neutral statements as being very dry snark.
E.g., when I said I didn't see the reasoning, and having re
On Feb 27, 2009, at 6:25 PM, Joseph Oreste Bruni wrote:
Okay, I've resisted getting into this discussion long enough, and I
can't stands no more!
Since we're talking about photos, what would be wrong with PRINTING
them? I think a printed photo would last a lot longer than any
computer-bas
On Fri, Feb 27, 2009 at 07:22:56PM -0500, Robert J. Hansen wrote:
> Hard drives tend not to crash or overheat when they're powered down,
> properly mothballed, and put in long-term storage.
Unless your photos are made for your grandchildren only, I don't believe
in a personal "dead" long-term sto
Christopher J. Walters wrote:
> I know quite enough about the field without your snide and foolish remarks. I
> refuse to engage in a battle of wits with an unarmed opponent.
Statement one: I'll ignore as other readers may make their own opinions
as to the quality of knowledge demonstrated.
All
Robert J. Hansen wrote:
> I said 'about'. JPEG was standardized in 1994; PNG in 1996; SVG in 2001.
>
>> So tell me, what compression software are *you* talking about?
>
> Wavelets. Fractals. Arithmetic coding. The data compression field is
> alive and well and constantly getting better. Chec
Christopher J. Walters wrote:
> I did, later in my message.
I didn't see it. Looking over it, I still don't.
> I come from the early days of Fidonet, and BBS's. It is possible for
> a CRC32c checksum to show "OK" when there have been changes. Has
> always been this way. If you use an archiver
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Robert J. Hansen wrote:
> Christopher J. Walters wrote:
>> That's why it would be a good idea, in my opinion, to use a public
>> key pair, and a weaker cipher than AES to encrypt data like family
>> photos.
>
> I cannot for the life of me see what's
Okay, I've resisted getting into this discussion long enough, and I can't
stands no more!
Since we're talking about photos, what would be wrong with PRINTING them? I
think a printed photo would last a lot longer than any computer-based
technology. And, you could store them in shoeboxes.
Christopher J. Walters wrote:
> That's why it would be a good idea, in my opinion, to use a public
> key pair, and a weaker cipher than AES to encrypt data like family
> photos.
I cannot for the life of me see what's leading you to give this counsel.
Would you care to share your reasoning?
> I wo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Sven Radde wrote:
> Hi!
>
> It is probably one of the best choices for the purpose, however, in
> general, long-term archival and encryption don't go together nicely.
> Neither does compression or similar. Many algorithms or encryption modes
> are r
Robert J. Hansen wrote:
> With a 256-bit cipher, if you're missing 3 bits, there are only eight
> possible keys. This is not an obstacle.
After a little thought, it occurred to me that perhaps Sven meant there
are three errors and it's not known where. This turns into a slightly
more complex cas
Sven Radde wrote:
> Imagine the session-key part of an OpenPGP message be destroyed.
> Commonly, this will be far less than 1% of the actual data, but even
> with 99% intact, you won't have a chance of recovering *anything* from it.
Err. What?
With a 256-bit cipher, if you're missing 3 bits, the
Sven Radde email at sven-radde.de
wrote on Fri Feb 27 14:55:39 CET 2009 :
>When using encrypted backups, 100% data integrity plays a much
greater
>role than when just storing unencrypted data.
for really long term encryption,
would guess that it is more likely that there would be a problem
wit
Hi!
Robert J. Hansen schrieb:
> GnuPG conforms to the OpenPGP standard for cryptography. That means
> there are ... what ... 14 or so compatible implementations. You don't
> have to rely on GnuPG; there are a lot of other options out there. This
> is very good for purposes of long-term storage.
peter wrote:
> Is it true to say then, that if you wanted someone to be able to
> decrypt a (symmetrically encrypted) file, they'd need to know the
> algorithm used, the key and they'd also have to use the same program
> to decrypt as used to encrypt the file?
Let's not use words like "algorithm"
> Is it true to say then,
> that if you wanted someone to be able to decrypt a
> (symmetrically encrypted) file, they'd need to know the algorithm used,
> the key and they'd also have to use the same program to decrypt as used
> to encrypt the file?
Not quite. In general: you shouldn't base the se
Thanks for all your responses - and the speed of them.
The shoe box works fine for my pre-digital snaps - not so good for the
post digital ones! Currently, I dump my camera into my computer, sort
out the interesting images, archive them and dump the archive into
Amazon's S3. Then I feel safe from
Staggering off-topic a bit, this also points out that, for a variety
of reasons, if you want to store data for the long term, you need to
establish a periodic review of every single item in your archive.
You need to be aware of obsolescent medium types and file formats and
suchlike, and recode at-
On Thu, 26 Feb 2009 13:54, s...@intertivity.com said:
> i'm not aware of all file formats but you should stick with PKCS#12 format
> for symmetric encryption.
> It's an open standard, so I'm sure openssl and windows encryption can handle
Well kind of. PKCS#12 is likely the most ugly encryption s
Encryption is unnecessary with this low tech solution: burn them to DVDs,
make at least two copies, put one copy in a safe deposit box at your bank.
Perhaps give the other in a do not open envelope to your lawyer or someone
that you can trust 100%.
This is still a problem because who knows if DVD
nupg-users-boun...@gnupg.org [mailto:gnupg-users-boun...@gnupg.org]
On Behalf Of peter
Sent: Donnerstag, 26. Februar 2009 15:24
To: gnupg-users@gnupg.org
Subject: future proof file encryption
Hi,
I back-up my photos to remote storage. At the moment I don't encrypt
them - I don't understand e
Hi,
I back-up my photos to remote storage. At the moment I don't encrypt
them - I don't understand encryption and I'm nervous of using something
I don't understand. They're just family snaps, but I'd prefer they
stayed private. Symmetric encryption seems a good route - all I have to
remember is a
On 2/20/07, Janusz A. Urbanowicz <[EMAIL PROTECTED]> wrote:
> * without having recipient pubkey it is impossible to determine the recipient
> of the message (assuming the subkey ID is not widely known)
...
If the system was designed for the real world, the encrypted message
would, by default, consi
Janusz A. Urbanowicz alex at bofh.net.pl wrote on
Tue Feb 20 15:24:40 CET 2007 :
>* it is possible to hide recipient's completely ID by using --
throw-keyid
well, not 'completely'
running gpg-list-packets or pgpdump on the encrypted message,
lists the key-type (dh or rsa), key size, and symmetr
vedaal at hush.com vedaal at hush.com
Tue Feb 20 18:16:52 CET 2007 wrote:
> running gpg-list-packets or pgpdump on the encrypted message,
lists the key-type (dh or rsa), key size, and symmetric algorithm
used
sorry,
my mistake ;-((
pgpdump doesn't list which symmetric algo,
only lists that an
NikNot schrieb:
> Unfortunately, the whole GPG, with WebOfTrust construct, makes the
> assumption that there is no need whatsoever to protect the identity of
> the secret key holder
You have, however, the possibility of using pseudonyms as UID. Only the
signers of your key would have to know about
On 2/20/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> pgpdump doesn't list which symmetric algo,
> only lists that an mdc was or wasn't used
The attacker performing large-scale traffic uses his own software that
is - so it must be presumed - capable of distilling all (to him)
usefull informat
On Mon, Feb 19, 2007 at 10:54:17AM -0800, NikNot wrote:
> On 2/19/07, Adam Funk <[EMAIL PROTECTED]> wrote:
> >Is there any reason to physically secure your *public* keyring in
> >... (Well, I suppose you might want to hide your secret identity!)
>
> Unfortunately, the whole GPG, with WebOfTrust c
On 2/19/07, Joseph Oreste Bruni <[EMAIL PROTECTED]> wrote:
> It's funny you mention this: I got into an argument with a
> "consultant" about how X.509 certificates are a privacy violation
> because your identity is encoded into the "subject" field. I kept
> asking him, "How would you know whose ce
Adam Funk wrote:
> On 2007-02-19, John Clizbe wrote:
>
>> The passphrase is only one protection on your keypair and it's
>> pretty much the protection of last resort - given an easily
>> guessable/brute-forced passphrase, it's "Game-Over." if an attacker
>> gets access to the keyring files. Anothe
On Feb 19, 2007, at 11:54 AM, NikNot wrote:
On 2/19/07, Adam Funk <[EMAIL PROTECTED]> wrote:
Is there any reason to physically secure your *public* keyring in
... (Well, I suppose you might want to hide your secret identity!)
Unfortunately, the whole GPG, with WebOfTrust construct, makes
On 2/19/07, Adam Funk <[EMAIL PROTECTED]> wrote:
> Is there any reason to physically secure your *public* keyring in
> ... (Well, I suppose you might want to hide your secret identity!)
Unfortunately, the whole GPG, with WebOfTrust construct, makes the
assumption that there is no need whatsoever
On 2007-02-19, John Clizbe wrote:
> The passphrase is only one protection on your keypair and it's
> pretty much the protection of last resort - given an easily
> guessable/brute-forced passphrase, it's "Game-Over." if an attacker
> gets access to the keyring files. Another protection is to
> phys
On Mon, Feb 19, 2007 at 09:21:56AM -0500, [EMAIL PROTECTED] wrote:
> I have been using gpg to encrypt/decrypt files on my computer "for my
> eyes only". I have been using my public/private keypair on my keyring
> to do so. I just discovered that I can use encrypt/decrypt local
> files using a sy
[EMAIL PROTECTED] wrote:
> I have been using gpg to encrypt/decrypt files on my computer "for my
> eyes only". I have been using my public/private keypair on my keyring
> to do so. I just discovered that I can use encrypt/decrypt local
> files using a symmetric cipher--i.e., you enter one secret
I have been using gpg to encrypt/decrypt files on my computer "for my
eyes only". I have been using my public/private keypair on my keyring
to do so. I just discovered that I can use encrypt/decrypt local
files using a symmetric cipher--i.e., you enter one secret passphrase
to encrypt and then e
On 2/22/06, Vladimir Doisan <[EMAIL PROTECTED]> wrote:
> 512 MB backup file
> GnuPG-64 | GnuPG-32
> ---
> twofish (256)33.5s (15.3 mbps) | 32.2s (15.9 mbps)
> aes (12
Yes, I did exactly the same for my encrypted backups, only I chose
Twofish due to speed advantage (TW256 - 16.2 mbps vs. AES256 - 12.6
mbps). With compression enabled - encryption speed was within 0.5 mbps
across all ciphers at around 12 mbps.
I did switch over to public key encryption last month.
Yes, I did exactly the same for my encrypted backups, only I chose
Twofish due to speed advantage (TW256 - 16.2 mbps vs. AES256 - 12.6
mbps). With compression enabled - encryption speed was within 0.5 mbps
across all ciphers at around 12 mbps.
I did switch over to public key encryption last month.
David Shaw wrote:
>This is correct. Of course, it's possible that GnuPG doesn't
>recognize a particular kind of compression. If I recall, it looks for
>bzip, gzip, and zip.
A simple default test would be of course to check if the used compression
algorithm could decrease the file size: this wou
On Wed, Feb 22, 2006 at 05:49:40PM +1030, Alphax wrote:
> Francesco Turco wrote:
>
> > i have disabled compression becouse files i have to encrypt are already
> > compressed, and compression takes much more time then encryption.
> >
> > do you think it is a good choice?
> >
>
> IIRC GnuPG will
Francesco Turco wrote:
> i have disabled compression becouse files i have to encrypt are already
> compressed, and compression takes much more time then encryption.
>
> do you think it is a good choice?
>
IIRC GnuPG will detect if data is compressed before it tries to compress
it; if so, it won
Roscoe ha scritto:
Sure will.
gpg -c is what you want.
Make sure you are using a MDC, which means either using one of the
128bit blocksize ciphers (your gpg will probably use AES256 by
default, which is good - gpg -vc to find out) or passing the
--force-mdc option.
so no need to hash files
On Mon, 2006-02-20 at 17:46 +0100, Francesco Turco wrote:
> i'd like to know if gnupg is a good choice for encrypting files with a
> password and if it is possible to check if an encrypted file is
> corrupted or not (integrity check). my goal is to burn some files on cds
> and protect them both
On Mon, Feb 20, 2006 at 05:46:29PM +0100, Francesco Turco wrote:
> hello,
>
> i am very new with gnupg and cryptography in general.
>
> i'd like to know if gnupg is a good choice for encrypting files with a
> password and if it is possible to check if an encrypted file is
> corrupted or not (in
Sure will.
gpg -c is what you want.
Make sure you are using a MDC, which means either using one of the
128bit blocksize ciphers (your gpg will probably use AES256 by
default, which is good - gpg -vc to find out) or passing the
--force-mdc option.
If you want protection in the way of recovering
hello,
i am very new with gnupg and cryptography in general.
i'd like to know if gnupg is a good choice for encrypting files with a
password and if it is possible to check if an encrypted file is
corrupted or not (integrity check). my goal is to burn some files on cds
and protect them both fr
82 matches
Mail list logo
