I need to do the following:
- when a new machine is created, automatically import a public key and give it
full trust
- be able to encrypt files with that public key without any interactive
prompting (from a shell script/cron job)
in other words, a machine has to go from virgin state (OS + softw
On May 4, 2011, at 7:01 PM, Jon Drukman wrote:
> I need to do the following:
>
> - when a new machine is created, automatically import a public key and give it
> full trust
>
> - be able to encrypt files with that public key without any interactive
> prompting (from a shell script/cron job)
>
>
David Shaw jabberwocky.com> writes:
> You're looking for the "--trust-model always" option. Add that to your
options, and the trust model
> becomes "if it's on my keyring, it's fully trusted". It's up to you to make
sure that only keys that are fully
> trusted are on your keyring, of course. :
On Thu, May 5, 2011 at 02:19, Jon Drukman wrote:
> putenv('HOME=/tmp/gpg');
> @mkdir('/tmp/gpg');
>
At this point, you should be watching carefully. What if another user has
created this directory to spoof the key?
Use the appropriate command for creating a unique temporary directory.
Should be
On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
Dropbox exposes your secret
keys to dropbox employees (and anyone who can convince them to snoop):
http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html
That article makes no sense at all.
a) Storing files containing yo
> Once these two extremely straightforward principles are observed...
For the better part of a decade now I've volunteered to publish my private
certificate in the _New York Times_ if someone will pay for the advertising
space. With a strong passphrase that's not known to anyone else, the priva
On Thu, May 5, 2011 at 04:24, M.R. wrote:
> On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
> Once these two extremely straightforward principles are observed,
> it is perfectly OK to give the files containing your secrets to
> someone/anyone else for safekeeping,
"perfectly OK" is quite an extre
On Thu, May 5, 2011 at 05:34, Robert J. Hansen wrote:
> > Once these two extremely straightforward principles are observed...
>
> For the better part of a decade now I've volunteered to publish my private
> certificate in the _New York Times_ if someone will pay for the advertising
> space. With
On Wed, May 4, 2011 at 10:24 PM, M.R. wrote:
> On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
>
>> Dropbox exposes your secret
>> keys to dropbox employees (and anyone who can convince them to snoop):
>>
>>
>> http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html
>
> That
On Thu, Apr 28, 2011 at 12:03 PM, M.R. wrote:
> On 28/04/11 13:40, Johan Wevers wrote:
>>
>> I'm not so sure. Especially for human rights activists in, say, Syrie or
>> Tibet, might not want the government to know when they are mailing with
>> foreign journalists.
>
> Quite probably, but I do not
The typical user most likely *does* believe files are locally
encrypted then sent to Dropbox. But isn't that still pretty
meaningless? If Dropbox is encrypting your file then you have to trust
that Dropbox either can't decrypt the file or that, if they can, they
would never under any circumstance c
> "A federal judge has ordered a criminal defendant to decrypt his hard
> drive by typing in his PGP passphrase so prosecutors can view the
> unencrypted files, a ruling that raises serious concerns about
> self-incrimination in an electronic age."
That court's opinion was predicated on the fact B
12 matches
Mail list logo
