Re: First quantum gates in silicon

demic and > at times relies on unsourced facts and opinions. And sure enough, > some of the theories sound almost conspiratorial. Still, the paper > does a good job of evaluating the strengths and weaknesses of the > NSA's highly unexpected abandonment of ECC in a post

Re: File perms for conf files

ser. (I think the Administrators group is only added if an administrator has used Windows Explorer to look in the user's home folder hierarchy). -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___ Gnupg

Re: fulldisc encryption

from the same drawbacks that TC does (e.g. lack of GPT support). -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: fulldisc encryption

On 31/05/2014 06:57, Faramir wrote: > El 30-05-2014 20:21, Mark Rousell escribió: > ... >> Note that there is also DiskCryptor for open source full disk >> encryption on Windows. See http://diskcryptor.com. I've not tested >> it but it does seem to work, alth

Re: fulldisc encryption

On 31/05/2014 08:42, Johan Wevers wrote: > On 31-05-2014 8:35, Mark Rousell wrote: > >> All that said, Free OTFE might be a good basis on which to continue >> development if the licence terms of TrueCrypt 7.1a turn out to be too >> restrictive to allow a successful

Re: Google releases beta OpenPGP code

adly). It will give people the warm and fuzzies because it's there but few people who use Gmail will know why it's there or how to use it or bother to use it. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___

Re: Mascot_p

On 17/06/2014 15:55, ved...@nym.hush.com wrote: > [...] > Maybe an armored robotic #D Gnu might be a consideration. Oh yes, excellent idea. :-) -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___

Re: Mascot_p

On 17/06/2014 18:47, Mick Crane wrote: > > >> On 17 Jun 2014, at 17:53, Mark Rousell wrote: >> >>> On 17/06/2014 15:55, ved...@nym.hush.com wrote: >>> [...] >>> Maybe an armored robotic #D Gnu might be a consideration. >> >> Oh y

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

s of critical importance to liberty. By choosing to believe that privacy (or specifically privacy of information) is a concept that has "fade"ed you are playing into the hands of those who would wish to forcefully strip us all of privacy, whether we like or or not. That would be a mistake, I

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

involves some extent of information sharing, and always has, but that doesn't mean that privacy (and all the nuanced concepts that are contained within that word) has somehow evaporated the first time you communicate with someone, or travel somewhere, etc. -- Mark Rousell PGP public key: h

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

still does not mean that we need to share more than we want or need to where we have a choice, and we still do have lots of choices in this matter (especially in the context of my earlier message). -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

ocks come, but nobody's > listening to me. I'm getting in the way of the latest special about the > Kardashians, you see... I know what you mean. I have faith in the longer run but I'm not going to like the process that we end up going through to get there because people are not taking the threat seriously now, whilst there is still time to prevent the worst. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

if you truly wanna be in control of your data, your gonna have to > regulate and restrain yourself until your testicles are drawn over the > back of your neck *or* accept it aint possible now, it may never be, > and when you accept th

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

On 29/08/2014 09:29, Samir Nassar wrote: > It is safe to say this thread has moved way off topic from being about using > gnupg. > > Samir Yes. My apologies for my part in taking it off-topic. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key

Re: Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

estrain yourself until your testicles are drawn over the > back of your neck *or* accept it aint possible now, it may never be, > and when you accept that you'll keep out of the loony bin & fruit > cake parlour I think you are looking at the whole situation through defeatist

Re: Turning off GPG-Agent on default install of GPG4Win 2.0.0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Allen Schultz wrote: > I think I figured ot what is acting as the gpg-agent in this newer > install. Since they dropped WinPT and added Kleopatra, the interface > changed to this (to me) annoying pinentry.exe asking for my passphrase. > I think I will

Location of GnuPG 1.4.11 Windows binary

I just thought the following might be helpful for Windows users of GnuPG 1.x. I had been running 1.4.10 on Windows for some time and I thought it was time I checked for an upgrade so I visited http://www.gnupg.org/download/ to see if there was a new version. I found that 1.4.11 was available but t

Re: can someone verify the gnupg Fingerprint for pubkey?

On 07/06/2012 11:27, Werner Koch wrote: > On Wed, 6 Jun 2012 21:54, pe...@digitalbrains.com said: > > If you look at my OpenPGP mail header you will be pointed to a “finger” > address - enter it into your web browser (in case you don't know what > finger is) and you will see Just as an aside, I

Re: can someone verify the gnupg Fingerprint for pubkey?

On 09/06/2012 12:05, michael crane wrote: > > On Sat, June 9, 2012 10:28 am, Mark Rousell wrote: >> On 07/06/2012 11:27, Werner Koch wrote: >>> On Wed, 6 Jun 2012 21:54, pe...@digitalbrains.com said: >>> >>> If you look at my OpenPGP mail header you wi

Re: can someone verify the gnupg Fingerprint for pubkey?

On 10/06/2012 15:03, Sam Smith wrote: > I wasn't going to say anything, but I had no idea what Mr. Koch was > talking about with that "finger" stuff. I studied his email and the > email header looking for clues. Couldn't decipher what he meant. > >> Date: Sat, 9 Jun 2012 10:28:04 +0100 >> From: ma

Re: Why OpenPGP is not wanted - stupid is in vogue right now

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/06/2013 09:46, Henry Hertz Hobbit wrote: > My personal observations agrees with Rob Hansen's studies 100%. > Even when required to use encryption people hate doing it and their > concept is entirely focused on the ciphering with them thinking >

Re: GpgEX for 64 bit Windows test version

On 25/06/2013 09:56, Bob Henson wrote: > I put it in a separate directory in the end, so I should have the best > of both worlds. I don't think I have any 32bit processes in use - but > I'm covered anyway. If you run any 32bit programs at all (i.e. most applications) then the system-supplied file

Re: GpgEX for 64 bit Windows test version

On 25/06/2013 14:31, Werner Koch wrote: > On Tue, 25 Jun 2013 10:40, jo...@netpage.dk said: > >> But if you do this, the extension won't be available in 32bit >> processes! (32bit explorer.exe, file selection dialogues in 32bit > > Windows 7 64 bit has no more option to use a 32 bit explorer. This

Re: GpgEX for 64 bit Windows test version

On 26/06/2013 03:25, Mark Rousell wrote: > On 25/06/2013 09:56, Bob Henson wrote: >> I put it in a separate directory in the end, so I should have the best >> of both worlds. I don't think I have any 32bit processes in use - but >> I'm covered anyway. > > If y

Re: Don't Panic.

m/seecurity/status/995906576170053633>, a professor of computer security at the University. (Re-sent as my outgoing server got a "451-xx.xx.xx.xx+is+not+yet+authorized+to+deliver+mail+from" error first time round.) -- Mark Rouse

Re: Don't Panic.

m/seecurity/status/995906576170053633>, a professor of computer security at the University. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Kommentar: Efail ist ein Megafail für E-Mail-Verschlüsselung | heise online

cs of individual users and use cases, are not helping security, safety, or privacy (no matter what some of the benefits of Signal may be). -- Mark Rousell ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: A postmortem on Efail

requires some kind of active change by users who do need it is a reasonable and sensible compromise imo. In short, it is not necessary to entirely remove the ability to decrypt legacy-encrypted data to have the effect of deprecating its use. -- Mark Rousell PGP p

Re: A postmortem on Efail

lients > and plug-ins like enigmail as a checkbox. Personally I'd prefer that mail client did not provide an interface to any "--legacy" options but it's up to mail client authors of course. -- Mark Rousell PGP public key: http://www.signa

Re: A postmortem on Efail

dias is signal > not a replaceable for e-mail, until the signal company does not offer a > own e-mail service. > > That's just my gut instincts the future will share some lights into this > EFAIL scandal. I share this view. -- Mark Rousell

Re: A postmortem on Efail

y code will reach end of life. If and when that happens, I strongly suspect that there will still be users who will need to decrypt legacy-encrypted data and I think it is important that they can still do this with a maintained (2.x.y) code base. (And I realise that this is easy for me to say since I&

Re: A postmortem on Efail

On 20/05/2018 21:32, Damien Goutte-Gattat via Gnupg-users wrote: > On 05/20/2018 08:45 PM, Mark Rousell wrote: >> I think it is important that they can still do this with a maintained >> (2.x.y) code base. > > Support for PGP 2 has already been dropped from the current sta

Re: Break backwards compatibility

to be able to decrypt legacy-encrypted data. [1] https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060473.html [2] https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060474.html -- Mark Rousell PGP public key: http://www.signal100.com/mark

Re: A postmortem on Efail

On 21/05/2018 09:54, Damien Goutte-Gattat via Gnupg-users wrote: > On 05/21/2018 04:07 AM, Mark Rousell wrote: >> I think you mean that support for 2.0.y has been dropped, surely? > No, I do mean that support for all PGP 2-related stuff has been dropped > from the current stable

Re: A postmortem on Efail

gt; continue over another end-to-end encrypted platform, such as Signal.” > > Because that couldn't possibly create a Chinese Whispers style > situation of self-perpetuating FUD … 🤦 Very foolish and very slanted indeed in a certain direction. -- Mark Rousell __

Re: A postmortem on Efail

is hardly ever updated except to patch code vulnerabilities then so be it. But do not throw your long-time users or their data under the bus for the sake of eliminating backwards compatibility. Stability and compatibility really do matter to many classes of users. -- Mark Rousell

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

ta under the bus". It's not a reasonable option. [1] https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060512.html -- Mark Rousell ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

p box with LUKS. Or both. You are proposing to alter archival data. That's not an option. If you change it then you've changed the archive then it is no longer an accurate archive. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 _

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

the archived data but to just cut them off such that they have to use unmaintained software is not what one should have to expect. It would be reckless. And, as I say, continuing to support present day archival use cases does not mean that the main body

Re: A postmortem on Efail

monstrated attacks they released that have the gravest consequence > here, it's that the number one recommended mitigation technique is to > remove cryptographic functions from MUAs. Without wanting to sound like a conspiracy geek, removing encryption from email would, o

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

can make backwards-incompatible progress without dropping all maintained support for legacy decryption. -- Mark Rousell ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Break backwards compatibility

On 21/05/2018 04:56, Jochen Schüttler wrote: > Some people have the necessity to decrypt old data, so there should be a > separate tool for them to do exactly that. It's the only way to start > off fresh. Agreed. And I think that GnuPG 1.x provides this tool, doesn't it.

Re: Break backwards compatibility

now obsolete > encrypted material and that it can't be used to create such material > anymore. Seems reasonable to me, although does GnuPG 1.x already effectively fulfil that role? -- Mark Rousell ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: Breaking changes

no need to throw present day, long-time users who must handle legacy-encrypted data under the bus to do so. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Breaking changes

d data. Preventing users from encrypting new data using legacy encryption does NOT need to mean that other users have to be prevented from (quite legitimately) accessing archived data using legacy encryption with maintained software. -- Mark Rousell ___ Gnupg-

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

they have access to maintained software to access (i.e. decrypt only) this old data (and this project is definitely the best source of such maintained software) then that is enough to satisfy what I perceive as critical requirements for many types of user in thi

Re: Breaking changes

On 22/05/2018 02:39, Mark Rousell wrote: > Get real. These people are long-time GnuPG users and now you want to > throw them under the bus because... well, because you prefer it that > way. No, that's not a fair, it's not reasonable, it's not ethical, or > it's eve

Re: Break backwards compatibility already: it’s time. Ignore the haters. I trust you.

uld rightly and properly be supported with maintained software. I agree that preventing new data encryption with legacy standards is desirable. Just don't throw other users (who need to decrypt old standards and old data with currently maintained software) under t

Re: gnupg.org Listserver maybe misconfigured?

is list does not do this. If this was done, it would prevent your list-forwarded emails showing up in your DMARC report. I note that your bruckner.tk domain appears to have a p=none policy so, if I understand all this correctly, it should not matter to you.

Re: gnupg.org Listserver maybe misconfigured?

On 18/06/2018 18:24, Juergen BRUCKNER wrote: > Hello Mark! > > Thank you very much for your answer and clarificattion. My pleasure. -- Mark Rousell ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listi

Re: Washington State Electronic Notary Public endorsements

On 17/09/2018 19:53, C.J. Collier wrote: > > In short, GnuPG can now be used to perform notarial acts > <http://app.leg.wa.gov/RCW/default.aspx?cite=42.45.140> in the State > of Washington! > Well done! I expect that lesser people than you would have just given u

Re: ProtonMail and Anonymity

ut it). SIMs are widely available for purchase with no identity requirements and can very often be topped up anonymously for cash via newsagents. As for phones, it's been a while since I bought a new phone (although I suspect that it is still possible to buy them new for cash) but of course sec

Re: ProtonMail and Anonymity

d the person who introduced you to it. (Although it would have been nicer for it to be declared openly as an affiliate link). -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 signature.asc Description: OpenPGP digital signature _

Re: ProtonMail and Anonymity

his is the same as many other EU countries due to one of the EU's data retention regulations whose name I've now forgotten. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 ___ Gnupg-users mailing

Re: ProtonMail and Anonymity

On 06/05/2019 16:27, Mauricio Tavares wrote: > On Mon, May 6, 2019 at 11:17 AM Mark Rousell wrote: >> Check your local laws first. I am pretty sure that doing that (specifically >> the no logs bit) in the UK would now be a criminal offence. ;-) This is the >> same as many o

Re: ProtonMail and Anonymity

trol and license their use. The cassus belli for this will, I suspect, be probably very widespread evasion of the forthcoming 'porn block' using proxies and VPNs. -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 __

Re: SKS Keyserver Network Under Attack

s (or much of anything else connected with OpenPGP). But again, perhaps this is also a bug of sorts. Perhaps there does need to be a way for critical non-hierarchical Internet infrastructure like this to be financed. Isn't Eric S. Raymond working on something like this right now? -- Mark Rouse

Re: SKS Keyserver Network Under Attack

em that the attacker's motivation is blindingly obvious and that good things definitely can and *should* come of this shock to the system. The inertia to which I referred was and is real. And, let's face it, it's not as bad as either 911 or a suicide. This is bad, but it's not a disaster. And a disaster *can* still be avoided in this context. At risk of sounding like a politician, this is a wakeup call. -- Mark Rousell ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: FAQ change

th no archive), i.e. the core service continues as it does now. (Yes, I can well imagine that the death of the Yahoo Groups mail list service could well happen soon but it has not been announced as yet). Reference: https://help.yahoo.com/kb/groups/SLN31010.html --

Re: How to decrypt a message while preserving the signature? [ ref:_00D58dJQM._5004IusPCe:ref ]

case of Avas Flowers on mozilla.general, when they were finally unsubscribed they seem to be unwillingly re-subscribed soon after. (N.B. Mozilla.general isn't just accessible as a newsgroup; it's also accessible as a mail list). -- Mark Rousell

Re: How to decrypt a message while preserving the signature? [ ref:_00D58dJQM._5004IusPCe:ref ]

On 04/11/2019 02:12, Mark Rousell wrote: > The same thing is happening on the mozilla.general mail list at the > moment although with a company called 'TheFork'. It has also happened > in the past on mozilla.general with a wholesale cut flowers supplier > called Avas Flower

Re: New GnuPT-Version and new WinPT-Website

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Barry wrote: > Hello, > > a new version GnuPT has been published. > > New in this version: > > WinPT was updated to version 1.3.1 . There were many small bug fixes. > Also an update for GnuPT-Portable > . > > Barry Do you have the URL for the web

Re: New GnuPT-Version and new WinPT-Website

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Most kind of you Robert, however I posted my message to prompt Barry to perhaps provide the URL which he apparently missed out of his announcement. - -- MarkR PGP public key: http://www.signal100.com/markr/publickey Key ID: C9C5C162 -BEGIN PGP S

Re: New GnuPT-Version and new WinPT-Website

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John W. Moore III wrote: > Robert J. Hansen wrote: >> Mark Rousell wrote: >>> I rather think it's up to someone posting an announcement about "new >>> WinPT-Website" to provide the URL, don'