Re: GPG tool for Windows Embeddd Compact 7

Hi, Can you give the solution for GPGtool which will run for Windows Embedded Compact 7. Or any Binary file which will be compatible for windows embedded compact 7. looking forward to hear from you. Regards D Bhukta +918600096629 On Fri, Feb 21, 2014 at 1:29 AM, Alan Meekins wrote: > Not a

Re: Heartbleed attack on Openssl

On Tue, Apr 8, 2014 at 11:01 PM, Felipe Vieira wrote: > Dear GNUPG community, > I think a lot of unexperienced users would like to know more about the > Heartbleed problem found on some of the openssl versions. I have two broad > questions and two specific questions: > 1) Which type of clients ha

Re: Heartbleed attack on Openssl

On 09/04/14 14:17, Sam Gleske wrote: > On Tue, Apr 8, 2014 at 11:01 PM, Felipe Vieira > wrote: > > Dear GNUPG community, > I think a lot of unexperienced users would like to know more about > the Heartbleed problem found on some of the openssl versions. I >

Re: Heartbleed attack on Openssl

> Dear GNUPG community, That right there should be your first hint. :) This is a great email list to get informed opinions on GnuPG and the OpenPGP RFCs, but this may not be a great place to get informed commentary on OpenSSL. It's a completely different software package run by a completely dif

It's 2014. Are we there yet?

Folks, I'm an ardent reader of this (and a few other) mailing lists, but usually stay quiet and in the background. However, in light of global events and paradigm shifts in the last few months, I'm tempted to speak up. While I do use PGP/GPG, I have to admit tha

It's 2014. Are we there yet?

Folks, I’m an ardent reader of this (and a few other) mailing lists, but usually stay quiet and in the background. However, in light of global events and paradigm shifts in the last few months, I’m tempted to speak up. While I do use PGP/GPG, I have to admit that

Re: It's 2014. Are we there yet?

On Wed, Apr 9, 2014 at 1:20 PM, Kapil Aggarwal wrote: > - I don’t even know what I need. – Well, assuming they are starting > to recognize the need, I suspect they will find out relatively easily as to > what they need. With a few caveats of course. There’s way more FUD/noise/BS > out there

Re: It's 2014. Are we there yet?

> The “secure communications” paradigm of course spans a whole spectrum > from “I don’t give a ” to “I’ll do anything to protect my > communications, including giving away my first born”. I suspect the > “average Joe user” in 2014 is slightly above the former, but way below > the latter. Withou

RE: It's 2014. Are we there yet?

I have. I was hoping there has been atleast a small rise in user perception about secure communications and newer software platforms/delivery channels that are beneficial. -Original Message- From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Robert J. Hansen Sent: Wednes

Re: Heartbleed attack on Openssl / Pertinent? I say yes.

On 4/9/2014 2:08 PM, Robert J. Hansen wrote: safe. How would you protect your home and valuables then? That is the type of problem that Heartbleed is, and it IMO needs to be posted EVERYWHERE, so that people can at least try to protect themselves. Please re-read my message. I never told him

Re: Heartbleed attack on Openssl / Pertinent? I say yes.

On 4/9/2014 12:51 PM, Robert J. Hansen wrote: Dear GNUPG community, That right there should be your first hint. :) This is a great email list to get informed opinions on GnuPG and the OpenPGP RFCs, but this may not be a great place to get informed commentary on OpenSSL. It's a completely dif

Re: It's 2014. Are we there yet?

On Wed, Apr 9, 2014 at 3:23 PM, Daniel Kahn Gillmor wrote: > Hi Sam-- > > [offlist for now, see why below] > > On 04/09/2014 01:29 PM, Sam Gleske wrote: > > I've written a document for my family and regularly link it on facebook > > encouraging friends and family to use it. Warning to PGP experts

Re: Heartbleed attack on Openssl

On Apr 10, 2014 12:22 AM, "Felipe Vieira" wrote: > > So going back to the original question as I can see there is no disagreement on its importance: > 1) What are the consequences to the ordinary user? > All the news are lacking information on that. Can you point relevant examples? Any service us

Re: Heartbleed attack on Openssl

So going back to the original question as I can see there is no disagreement on its importance: *1) What are the consequences to the ordinary user? * All the news are lacking information on that. Can you point relevant examples? All I could gather is that the only major/well known server to be comp

Re: Heartbleed attack on Openssl

On Wed, Apr 9, 2014 at 6:45 PM, Pete Stephenson wrote: > On Apr 10, 2014 12:22 AM, "Felipe Vieira" wrote: > > > > So going back to the original question as I can see there is no > disagreement on its importance: > > 1) What are the consequences to the ordinary user? > > All the news are lacking

Re: Heartbleed attack on Openssl

> 1) What are the consequences to the ordinary user? None. The ordinary user is such an easy target that as bad as this attack is, I don't see it as making things any worse. > All the news are lacking information on that. Can you point relevant > examples? Not yet. Give it a few days: news rep

Re: It's 2014. Are we there yet?

On 09/04/2014, Kapil Aggarwal wrote: > Now, what will help drive this adoption more? > > All thoughts are very much welcome and appreciated. One possible answer: https://www.mailpile.is/faq/ I haven't tried it myself, btw. ___ Gnupg-users mailing list

Re: Heartbleed attack on Openssl

On 04/09/2014 07:20 PM, Robert J. Hansen wrote: > No, it does not. Nor does Chrome. Chromium (from which chrome is based) actually embeds a copy of openssl, but doesn't use it for its TLS implementation, which is where the bug would be triggered. (i'm not sure why they do this embedding actuall

PGP/GPG does not work easily with web-mail.

PGP/GPG does not work easily with web-mail. Most email, today, is read and write using the browser POP ou IMAP mail is a rarity That is the problem Some text/link in this problem? José Simões ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://

Re: Heartbleed attack on Openssl

> Chromium (from which chrome is based) actually embeds a copy of openssl, > but doesn't use it for its TLS implementation, which is where the bug > would be triggered. (i'm not sure why they do this embedding actually, > i haven't reviewed it). I have heard that Chrome is migrating to OpenSSL in

Re: Heartbleed attack on Openssl

Thanks everyone for the quick and complete feedback. New questions arose: 1) Firefox uses NSS instead of OpenSSL. Still it can communicate with a OpenSSL based server (say X) and thus the browser's type is irrelevant. The communication between browser and X could be eavesdropped. Is that correct?

Re: PGP/GPG does not work easily with web-mail.

On Wed, Apr 09, 2014 at 11:37:52PM +0100, One Jsim wrote: > PGP/GPG does not work easily with web-mail. > > Most email, today, is read and write using the browser > > POP ou IMAP mail is a rarity > > That is the problem > > Some text/link in this problem? > > José Simões Well... I started to

Re: Heartbleed attack on Openssl

> Thanks everyone for the quick and complete feedback. New questions arose: Again, you will have better luck asking on an OpenSSL mailing list. There is no guarantee that anyone on this mailing list is an expert in OpenSSL. > The communication between browser and X could be eavesdropped. Is that

request for pgp encrypted messages for testing

Hey there, As I've said before, I'm working on a PGP based web mail program. https://github.com/timprepscius/mv The whole thing is GPL-Affero. Copy, steal, add, reduce, as you wish. Demonstration is here (which is often killed/reset/etc/so...): http://pmx.mooo.com/ And some screenshots: http:

Re: PGP/GPG does not work easily with web-mail.

You may want to look at these: - http://www.mailvelope.com/ - https://chrome.google.com/webstore/detail/mymail-crypt-for-gmail/jcaobjhdnlpmopmjhijplpjhlplfkhba/details - https://www.penango.com/products ​​Some info about the above: http://www.makeuseof.com/tag/encrypt-your-gmail-hotmail-and-other-w

Re: Heartbleed attack on Openssl

Hello Robert ! "Robert J. Hansen" wrote: >> 1) What are the consequences to the ordinary user? > None. The ordinary user is such an easy target that as bad as this > attack is, I don't see it as making things any worse. Does it make sense to disable SSL in my browser for a couple of week

Re: Heartbleed attack on Openssl

On 4/9/2014 9:06 PM, Laurent Jumet wrote: Does it make sense to disable SSL in my browser for a couple of weeks? No, but for my own curiosity what is your thought process that leads you to ask that question? Doug ___ Gnupg-users mailing list

Re: Heartbleed attack on Openssl

On 4/10/2014 12:06 AM, Laurent Jumet wrote: > Does it make sense to disable SSL in my browser for a couple of weeks? > HTTPS is linked with TLS v1.2 128 bit ARC4 (2048 bit RSA/SHA) instead. I am flattered that you think I am a mind reader, but I assure you, I am not able to use the Heartbl

Re: PGP/GPG does not work easily with web-mail

PGP actually does work well with web mail. There are two libraries which do pgp encryption, there are 3 that I know which do AES-SHA256-CBC-PKCS7. There are at least two libraries which do pkdf2 sha 256. There is also one library which does AES-SHA256-GCM, but I'm not sure if it does pkcs7 or no