social.gl-como.it

Cerca

Elementi taggati con: gnupg

Immagine/foto

Riseup responde con almacenamiento de e-mail cifrado como respuesta a requerimientos legales



https://riseup.net/es/about-us/press/canary-statement

Tras agotar nuestras opciones legales, Riseup decidió recientemente cumplir con dos requerimientos judiciales a cargo del FBI. Esto antes que enfrentar cargos por desacato a la corte (lo que habría significado cárcel para algunxs de nosotrxs y/o el fin de Riseup como organización). El primero de estos requerimientos se refería a una red internacional de extorsión mediante DDoS. El segundo a una cuenta que usaba ransomware para extorsionar dinero de distintas personas.

Las actividad de extorsión viola claramente el espíritu del contrato social 1 que tenemos con nuestrxs usuarixs: Tendrás nuestro respaldo mientras tus objetivos no se enmarquen en una gente pro explotación, misoginia, racista, etc.

Estos requerimientos venían acompañados de una prohibición de informar, impidiéndonos contar la existincia de éstos. Como consecuencia no podíamos actualizar nuestra “Warrant Canary” 2.

Decidimos tomar acción para asegurarnos que Riseup nunca más pueda tener acceso al contenido de los correos. Desde hoy, todas las cuentas de e-mail creadas en Riseup están cifradas de forma personal en nuestros servidores, con su contenido solo accesible por sus respectivos usuarixs. En el futuro próximo, migraremos todas las cuentas existentes a este sistema (pueden obtener detalles técnicos en 3).

Para ser absolutamente claros, este tipo de encriptación de mensajes no es de extermo a extremo. Con el nuevo sistema aún pones confianza en el proveedor mientras te encuentras conectado. Para comunicarte de forma real mediante cifrado de extremo a extremo en el e-mail debes usar un cliente con soporte OpenPGP (que no sea un webmail) tal cual como lo necesitabas antes.

Seguiremos desarrollando un sistema de cifrado de extremo a extremo más fácil y comprensivo durante este año, pero hasta que se encuentre listo todas las cuentas de correo se encontrarán cifradas de forma personal.

en solidaridad,
Riseup

#riseup #softwarelibre #privacidad #gnupg #gpg #otr #canarywarrant #cifrado
 
Immagine/foto

Riseup responde con almacenamiento de e-mail cifrado como respuesta a requerimientos legales



https://riseup.net/es/about-us/press/canary-statement

Tras agotar nuestras opciones legales, Riseup decidió recientemente cumplir con dos requerimientos judiciales a cargo del FBI. Esto antes que enfrentar cargos por desacato a la corte (lo que habría significado cárcel para algunxs de nosotrxs y/o el fin de Riseup como organización). El primero de estos requerimientos se refería a una red internacional de extorsión mediante DDoS. El segundo a una cuenta que usaba ransomware para extorsionar dinero de distintas personas.

Las actividad de extorsión viola claramente el espíritu del contrato social 1 que tenemos con nuestrxs usuarixs: Tendrás nuestro respaldo mientras tus objetivos no se enmarquen en una gente pro explotación, misoginia, racista, etc.

Estos requerimientos venían acompañados de una prohibición de informar, impidiéndonos contar la existincia de éstos. Como consecuencia no podíamos actualizar nuestra “Warrant Canary” 2.

Decidimos tomar acción para asegurarnos que Riseup nunca más pueda tener acceso al contenido de los correos. Desde hoy, todas las cuentas de e-mail creadas en Riseup están cifradas de forma personal en nuestros servidores, con su contenido solo accesible por sus respectivos usuarixs. En el futuro próximo, migraremos todas las cuentas existentes a este sistema (pueden obtener detalles técnicos en 3).

Para ser absolutamente claros, este tipo de encriptación de mensajes no es de extermo a extremo. Con el nuevo sistema aún pones confianza en el proveedor mientras te encuentras conectado. Para comunicarte de forma real mediante cifrado de extremo a extremo en el e-mail debes usar un cliente con soporte OpenPGP (que no sea un webmail) tal cual como lo necesitabas antes.

Seguiremos desarrollando un sistema de cifrado de extremo a extremo más fácil y comprensivo durante este año, pero hasta que se encuentre listo todas las cuentas de correo se encontrarán cifradas de forma personal.

en solidaridad,
Riseup

#riseup #softwarelibre #privacidad #gnupg #gpg #otr #canarywarrant #cifrado
 

Email Self-Defense - a guide to defend yourself from surveillance with GnuPG encryptionhttps://emailselfdefense.fsf.org/en/



Immagine/foto
This #guide will teach you a basic #surveillance self-defense skill: #email #encryption. Once you've finished, you'll be able to send and receive emails that are scrambled to make sure a surveillance agent or thief intercepting your email can't read them. All you need is a computer with an #Internet connection, an email account, and about forty minutes. (...)

#gnupg #gpg #emailselfdefense #gnu #gpl #fsf #gnulinux #linux #ssl #tls #journalism #tutorial #howto #enigmail #security #weboftrust #journalism++ #jplusplus

http://www.jplusplus.org/en/

via Diaspora* Publisher -

Email Self-Defense - a guide to fighting surveillance with GnuPG encryption

Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 40 minutes with GnuPG.
 

Email Self-Defense - a guide to defend yourself from surveillance with GnuPG encryptionhttps://emailselfdefense.fsf.org/en/



Immagine/foto
This #guide will teach you a basic #surveillance self-defense skill: #email #encryption. Once you've finished, you'll be able to send and receive emails that are scrambled to make sure a surveillance agent or thief intercepting your email can't read them. All you need is a computer with an #Internet connection, an email account, and about forty minutes. (...)

#gnupg #gpg #emailselfdefense #gnu #gpl #fsf #gnulinux #linux #ssl #tls #journalism #tutorial #howto #enigmail #security #weboftrust #journalism++ #jplusplus

http://www.jplusplus.org/en/

via Diaspora* Publisher -

Email Self-Defense - a guide to fighting surveillance with GnuPG encryption

Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 40 minutes with GnuPG.
 

DVD-based Clean Room for PGP and PKI | DanielPocock.com

Back in April, I started discussing the PGP Clean Room idea (debian-devel discussion and gnupg-users discussion), created a wiki page and started development of a script to build the clean room ISO using live-build on Debian.

Keeping the master keys completely offline and putting subkeys onto smart cards and other devices dramatically lowers the risk of mistakes and security breaches. Using a read-only DVD to operate the clean-room makes it convenient and harder to tamper with.
#gnupg #crypto
 

Resisting the centralization of network infrastructure



https://lwn.net/Articles/697398/ Keynote by Mr GnuPG Werner Koch at GUADEC 2016:
Today, the new attempt is Keybase.io, which many users like for its convenience (linking PGP keys to social media accounts). But it fundamentally violates the end-to-end privacy principle of PGP by binding keys to privacy-invading services. Periodically, he said, proposals pop up to implement "validating" PGP keyservers—but none of them work in a decentralized fashion. He urged users to stand up against all attempts to centralize PGP.

Finally, he looked at federation in general. Mail servers have more and more difficulty interoperating, he said, and XMPP has "lost its track" and is being replaced by centralized systems like WhatsApp and Signal. He encouraged developers to make federation a priority and to design for it from the beginning.

Note: If you are not subscribed to LWN, you cannot yet read the article, but it will be open in one week. Be patient, the article is worth it. Or subscribe to LWN, they deserve more subscribers!

#decentralization #federation #gnupg #openpgp #xmpp #signal #keybase #keybaseio

Subscription required [LWN.net]

 

Confirming all use of an SSH agent

For a long time I’ve wanted an ssh-agent setup that would ask me before every use, so I could slightly more comfortably forward authentication over SSH without worrying that my session might get hijacked somewhere at the remote end (I often find myself wanting to pull authenticated git repos on...
My favourite user interface would be "enter passphrase/pin once after login (or card removal/reinsert), press a button on the smartcard reader / device for every use", but this is already starting to look interesting.

(of course, most of the times I'm working from a place where there is nobody else who could press that button)

#gnupg
 

Verifying gpg keys

Suppose you have a gpg keyid like 9F6C6333 that corresponds to both key 1AE0322EB8F74717BDEABF1D44BB1BA79F6C6333 and 88BB08F633073D7129383EE71EA37A0C9F6C6333, and you don't know which of the two to use. You go to http://pgp.cs.uu.nl/ and find out that the site uses short key IDs, so the two keys are indistinguishable. Building on Clint's hopenpgp-t...
#gnupg @Gruppo Linux Como @LIFO
 

No more unencrypted emails to gpg contacts · Dhole's blog

But the reason for this post is an issue that I believe happens in every email client (or should I say, MUA, to be more precise). I’ve seen it happening to people using both Thunderbird and mutt, and I bet it has happened in other cases: sending an email to someone for which you have their GPG key unencrypted unwillingly.
A script (for mutt) to give a better interface to the choice between encrypting and not-encrypting emails. (And there are always reasons not to encrypt a significant number of emails, e.g. when they are to a public mailing list.)

#gnupg
 

OpenPGP Best Practices - help.riseup.net

We have gathered here a lot of information about configuring GnuPG. There are detailed explanations for each configuration suggestion. Many of these changes require you to make changes to the GnuPG configuration file on your machine located at ~/.gnupg/gpg.conf ...


#OpenPGP #GnuPG #GPG
 

ssh authentication with an OpenPGP smartcard

I've decided I don't want to keep an ssh key on my traveling laptop, but I still need to be able to authenticate to a number of hosts (and expecially gpg repositories). I also have an OpenPGP smartcard (from the FSFE). A plan is starting to form.

There are a number of guides available, but many of those are obsolete; the following pages are from this decade:





I've had some success from outside X, now I need to find out where I should disable ssh-agent from starting every time a start an X session, so that gpg-agent can take its place.

@Gruppo Linux Como @LIFO #gnupg
 

Gnupg: How to select a specific subkey for signing?

Yes. Stick a "!" after the keyid you specify and GnuPG will use it verbatim.


At least, an explanation why some #gnupg commands need a ! after the key id.
 
Immagine/foto

Hide from the super villians



Krita drawing - 3.508px × 2480px - 2.5MB - tekst. Another propaganda piece. Share or rework.

Immagine/foto

Licenced CC like all other works on this profile
Immagine/foto

#comics #x-men #spiderman #superman #batman #wonderwoman #daredevil #tor #gnupg #gpg #art #krita #inkscape #drawing #Illustration
#mywork #ownwork #cc #creativecommons #cc-by
 

Fsf: Email Self-Defense - a guide to fighting surveillance with GnuPG





Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 30 minutes with GnuPG.


#fsf #gnupg #guide
 
nuovi vecchi