Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
How to use PGP?

By PacketMaster in Technology
Wed Nov 08, 2000 at 02:41:40 PM EST
Tags: Security (all tags)
Security

PGP is something that most people have heard of but in reality I've found that it's something almost no one truly understands how to effectively implement. Personal privacy in the "Digital Age" is terribly important yet most people don't get it. I was wondering if we could get a discussion going on the practical uses of PGP/GPG personal encryption.


PGP is something that a majority of computer users are familiar with. But does that familiarity translate into competence and practice? In dealing with many people, even people deeply involved in the Internet, I've found surprising gaps between familiarity with the problem and actual effective action on the part of the user.

I began my adventure into personal encryption about three years ago. I was beginning to become aware of the inherent lack of privacy and security in my e-mail. In my early use of cryptography, I receive a lot of the "oh, you must be doing something illegal because only people with something to hide need that" mentailty that permeated the very uninformed. However as time went on that attitude seemed to die out in favor of the current prevaling attitude of outrage at the situation coupled with complete inaction. I'll admit that my own use of PGP had falled by the wayside for whatever reason. However with the new data regarding Echelon and Carnivor, I'm back at full-steam usage. After getting a commercial verion of PGP that I could use at work to integrate into Outlook, I started asking my various co-workers and computer friends for their public keys so that we could communicate securely. Now these people were the same people that professed to be overtly concerned about personal privacy and digital freedom. Out of about a dozen or so requests, only two people had PGP and used it, one of whom I'd helped setup his PGP setup the previous year. So that's 2 for 12, or 16.6%. And this is among computer-savvy individuals.

My thoughts on this topic, which I want to open up for discussion are two pronged. First, how do you as a computer user implement personal security in your daily life, whether it being e-mail encryption, disk encryption or some other method. If you don't use personal security, why not and are you concered about the issue? And secondly, what do you do in with regards to people who don't use personal security? Do you tell them about PGP? Do you still send them insecure e-mail? I guess I'm just attempting to get a feel for how the personal privacy aspect of computing is going.

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Poll
Do you use PGP or another form of encryption or personal privacy?
o Yes - PGP 25%
o Yes - GPG 29%
o Yes - Another product 3%
o No - I used to but it's not worth the trouble 17%
o No - I never have 25%
o Huh? 0%

Votes: 127
Results | Other Polls

Related Links
o Also by PacketMaster


Display: Sort:
How to use PGP? | 47 comments (46 topical, 1 editorial, 0 hidden)
encryption (3.25 / 8) (#1)
by spaceghoti on Wed Nov 08, 2000 at 02:06:00 PM EST

I've occasionally thought about using PGP, but then two things occurred to me: first, my workstation could barely handle the load it had at the time. Second, if someone has a problem with something they intercepted, my first question is going to be "why were you looking?" I make it a policy to live without regret as much as possible. Mean what I say and do, retract only when proven wrong, not when someone else disapproves on personal grounds.

In other words, someone who wants to hurt me because I don't encrypt my communication is welcome to try. If they want to use it against me, they'd better have a more compelling reason than "I think you're immoral" because that won't wash with me. A McCarthy-esque investigation will find me utterly uncooperative and unrepentant.



"Humor. It is a difficult concept. It is not logical." -Saavik, ST: Wrath of Khan

Why I don't encrypt email (3.40 / 10) (#3)
by loner on Wed Nov 08, 2000 at 02:19:24 PM EST

Most of the email I send and receive is regular day-to-day chatter, trivial details of work or hobbies, and a few snippets regarding some purchases I made or some problems I'm having with a product. Occasionally, I need to send an email about sensitive work-stuff involving trade-secrets or confidential items. The latter I either send through company email or encrypt separately and send as an attachment.

Now as far as the bulk of my email, sure I was worried about it being plain-text and everything, at first. Then I thought "hey, there is nothing in these emails that I wouldn't repeat to people verbally," you know, at the water-cooler to a colleague, or to a friend over a beer. And how can I be 100% sure that one of these people isn't passing on everything to the feds? Or one of these people really is a fed?

So I had two choices: either encrypt everything and stop talking to everybody except my mom, or just relax and let it go. After all, I'm not doing anything too criminal according to today's society, and if somehow I become a public danger in tomorrow's society, well shit happens. I'm not going to stress myself out just because things might change drastically in the near-future.

Why you should encrypt email (3.77 / 9) (#21)
by MashH on Wed Nov 08, 2000 at 07:00:04 PM EST

If only "sensitive stuff" is encrypted, it stands out. It is obvious that if only 1 message out of 50 is encrypted, that 1 message must be important. If you're paranoid about privacy then this reasoning is even more important. If you always encrypt, then noone can even realise when you are talking about something important.
Also, if you encrypt everything, you get used to doing it, the process gets easier, and it won't be such a pain when you need to use it.


[ Parent ]
Good point (2.66 / 3) (#32)
by loner on Thu Nov 09, 2000 at 12:45:56 PM EST

You're right, one encrypted email out of many will stand out. What I should have said, and usually do: never send sensitive stuff via email, always encrypt it and put it on a password-protect ftp server that is only accessible through a secure LAN or a VPN connection.

[ Parent ]
Difficulty in using encryption (3.40 / 1) (#4)
by Sigma 7 on Wed Nov 08, 2000 at 02:29:30 PM EST

Although I have thought of getting either PGP or GPG to improve security, I have decided not to use such encryption at this time.

Since I use multiple computers, I cannot easily adopt an encryption package. If I were to do so, I would need such a package installed on every computer, and would need to synchronize the key database across all of these computers. This would be a tedious process, since the computers are not networked with each other.

At this moment in time, the need for privacy does not outweigh the difficulty in applying encryption. However, if I need to handle any important or sensitive information, I would not hesitate to get such a package.

Key synchronization (4.00 / 7) (#15)
by Eponymous, Showered on Wed Nov 08, 2000 at 05:15:19 PM EST

You might not need to synchronize keys across computers. Why not just have several keys? There are no technical reasons not to have several keys. Depending on your paranoia level, you could even use the same (well thought out) passphrase with all of the keys.

If you do want a simple way to sync them, take a look at Unison. Even if they are not directly connected, you can sync them through a 3rd machine that they both can connect to. I use this to sync my bookmarks, junkbuster files, address book and other stuff with great success.

[ Parent ]
For the impatient (3.66 / 12) (#5)
by scjody on Wed Nov 08, 2000 at 02:53:08 PM EST

I'm strongly in favor of encryption.. I encrypt email whenever possible, sign virtually all my messages, and encourage my friends to setup PGP. My reasons are partially paranoia and partially convenience: it's nice to have PGP already setup when you need it. Also, a much overlooked feature of PGP is the ability to sign messages. I look forward to being able to sign a contract this way :)

I'm in the process of putting together a guide for the impatient on PGP.. It's very much a work in progress, but I would appreciate comments. The idea is to tell you what you need to know and omit the rest. Future versions will include links to other information sources for those who are both impatient and curious :)

need to know (3.20 / 5) (#7)
by farl on Wed Nov 08, 2000 at 02:56:59 PM EST

how about: quick guide to installing PGP across different platforms, public vs. private keys, practical notes/caveats to be aware of, how to create key databases that can work across a network.


Farl
k5@sketchwork.com
www.sketchwork.com
[ Parent ]
work in progress (3.83 / 6) (#8)
by scjody on Wed Nov 08, 2000 at 03:15:14 PM EST

Thanks for your suggestions..

quick guide to installing PGP across different platforms: Will be done.. Currently there's only the gpg guide, as that's what I use.

public vs. private keys: Good idea, hadn't thought of that.. I also plan on writing something about trust, and signing keys.

how to create key databases that can work across a network.: That, I have no experience with and currently no need for.. So I probably won't write that anytime soon.

[ Parent ]

COMMENT RATING (1.80 / 5) (#11)
by farl on Wed Nov 08, 2000 at 04:01:16 PM EST

the parent-response that this is a reply to got given a 2.00 for answering PERFECTLY what the writer had asked.

Can someone explain why this would only get a 2?
Maybe i am missing the point of the rating system, but I figure that accurate, concise responses should get a 4 as a base. Seeing as they answer comments in an accurate, concise way with no fluff.

Farl
Farl@sketchwork.com


Farl
k5@sketchwork.com
www.sketchwork.com
[ Parent ]
not long enough (1.50 / 4) (#13)
by scjody on Wed Nov 08, 2000 at 04:24:35 PM EST

My comment wasn't long enough. Fact: in general, longer comments get rated higher...

[ Parent ]
longer comments (2.33 / 6) (#19)
by farl on Wed Nov 08, 2000 at 05:30:48 PM EST

so the more waffle that goes into a point the better it is?

It would make more sense that the more factual information that accurately answers a question or responds to a comment would get the higher ratings.

CONTENT OVER QUANTITY

Sorry to wax about that, but its an ongoing arguement we have at work a lot.

Say the comment is "Do you like X?" An appropriate response is YES or NO, with maybe some explanation, but the explanation was NOT part of the question. Short answer. 5.00 rating IMHO. I try to answer the question posed, not what I am trying to guess the questioneer meant by their question...

Farl
farl@sketchwork.com


Farl
k5@sketchwork.com
www.sketchwork.com
[ Parent ]
rating comments (2.00 / 4) (#25)
by jesterzog on Thu Nov 09, 2000 at 02:17:44 AM EST

Usually I use 4 as a baseline for a good, insightful comment and I don't bother to rate the short ones.

I don't really get offended if someone rates my comments down, though. If it's not interesting to most people (whether it answers a question right or not) then they're completely within their rights to mod it to whatever interest level they think it should have. If several hundred people find a yes/no answer very interesting, the mod level would reflect that. It's not very likely though.

When I get annoyed is when people start modding down comments because they disagree with them, instead of because they're not interesting. To me this is just another way of trying to hide alternative views instead of arguing the point. If someone's put some effort into their comment and it's a good ontopic argument, it should be rated up.


jesterzog Fight the light


[ Parent ]
use poll (1.50 / 4) (#30)
by hany on Thu Nov 09, 2000 at 08:37:56 AM EST

If the only comments that should get rating 5 are those which are "YES", "NO", "1)", "2)", ..., "B)", ... than the author of article should just make a poll because it's better to see how much readers chooses "A" over "2" than to count manualy 'trere are X that chooses "A", Y that chooses "2" ... and WTF is this sucker rated to 0 which posted "neither"?'.

But now we are far from original topic ... BTW did those not content with low rating of original parent post rate it higher?


hany


[ Parent ]
Education (1.00 / 2) (#42)
by davidduncanscott on Fri Nov 10, 2000 at 09:09:42 AM EST

I blame English teachers. "Write a 500 word essay..."

If you said what you needed to say in 250 words, you lost out.

[ Parent ]

Additional verbiage (1.00 / 2) (#43)
by davidduncanscott on Fri Nov 10, 2000 at 09:14:29 AM EST

I hate replying to myself, but who was the French author who sent his agent a wire to ask about sales of his new book? It was a memorable correspondence, easily quoted in full:
"?"

"!"



[ Parent ]
rating (1.00 / 2) (#47)
by radar bunny on Sun Nov 12, 2000 at 02:17:27 PM EST

i dont think thwt im the only one who left slashdot because of people moaning and groaning about moderation/rating. Please don't take k5 in that direction. I don't think this is an unreasonably request.

[ Parent ]
Collating of information (4.60 / 10) (#6)
by jesterzog on Wed Nov 08, 2000 at 02:55:16 PM EST

I'm also quite irritated at the public lack-of-acceptance of encryption technology. In the wake of my government recently declaring that it's increasing the powers of various government departments to monitor electronic communications and break into people's systems, I wrote a very dumbed down reply to a letter in the local paper. (As yet unpublished, but hopefully it's in the queue.) There's the physical barrier that most people can't psychologically get their head around. If they press the send button and it arrives instantanously, it must have been impossible for anyone to see something going that fast.

Basically I focused on one of my favourite metaphors of email being like postcards, and encryption being like an envelope. Then on how easy it is for someone in the right place to simply scan traffic from millions of people passing through and search for keywords, and either use that information themselves or sell it to the highest bidder.

The vast majority of people live on the assumption that anything they say isn't of any real interest to others. (Who wants to hear about the weather, anyway?) What a lot of people don't realise is that in day-to-day discussion they're probably alluding to how much money they have, when they're going on holiday, and all sorts of realistically sensitive information.

In the real world this information would be hard to collate because it's geographically diverse, but on the net huge chunks of it are likely to go through a single router in any given hour. Search for obvious keywords, and cross-reference it with other keywords and before long you could have a reasonably accurate list of rich people on holiday from a given suburb.

In the wrong hands this information (which is only an example) can be used for anything from targetting unwanted marketing, to breaking into people's homes.

The main argument that seems to come up against what I've just said is that technology isn't that great, probably nobody's done it before so why would they in the future, or that typical house-breaking-into criminals probably don't have the resources to monitor Internet traffic. All I can really say to this is that they're probably partly wrong as it is, information can be sold, and the Internet and computers are expanding so exponentially fast that in a few years it will be much more feasible.

I think it's very unfortunate that people using encryption are so often labeled as having something to hide. I can almost never encrypt my email because nobody I know has anything set up. I usually sign it or at least but a sig on (pointing to my public key), just to set an example. The ironic thing is that the one time I was able to send and receive a PGP-encrypted email, it got really irritating typing in my 29 character pass-phrase three times in 5 minutes as I kept reopening the message to check things. Luckily that's a minor thing that can be fixed, though. :)


jesterzog Fight the light


webmail (3.44 / 9) (#9)
by Garc on Wed Nov 08, 2000 at 03:20:33 PM EST

A lot of my less than computer saavy friends and family use webmail sites like hotmail, or netscape. They find it convient that they can check their mail from any computer on the internet.

Even if they were interested in encryption (most of them probably aren't), I don't think hotmail has form a for you to enter your private key.

Just think of the security implications of such a form existing. A malicious programmer on the back end, and he/she can snag a whole lot of private keys and pass phrases. Then said person could easily forge mail encrypted/signed documents.

garc
--
Tomorrow is going to be wonderful because tonight I do not understand anything. -- Niels Bohr
webmail (3.75 / 4) (#22)
by squee on Wed Nov 08, 2000 at 08:55:42 PM EST

Want something more secure than hotmail <snigger>

http://www.hushmail.com/

[ Parent ]
You racist! (1.50 / 4) (#39)
by vsync on Fri Nov 10, 2000 at 03:25:27 AM EST

You said "snigger"!

--
"The problem I had with the story, before I even finished reading, was the copious attribution of thoughts and ideas to vsync. What made it worse was the ones attributed to him were the only ones that made any sense whatsoever."
[ Parent ]
PGP-signing all email: good or bad? (4.09 / 11) (#10)
by molo on Wed Nov 08, 2000 at 03:40:34 PM EST

About six months ago, I switched MUAs to Mutt and began GPG-signing all outgoing email (Mutt makes it easy). After giving it some thought, I am now questioning my decision.

When I sign an email, I basicly identify that it really came from me. The implications of this could be big if a legal situation ever arises that has email communication as evidence. Possible results:

  • If someone spoofs my email address and the message is not signed with my key, it becomes most likely that I didn't write the spoof, or at least that if I did, I was trying to hide it. This is probably good.

  • If someone gains access to my key and passphrase, then they could sign messages and masquerade as me with impunity. This is bad, but that is why revocation certificates exist.

  • If the content of my email is the subject of a dispute, it could strengthen my opponent's case by proving that the message actually came from me (think libel). While it is perhaps ethically questionable to call into question the validity of a message which you well know you wrote, it would not be outside of the scope of a legal defense. By signing the message and showing that I (or someone with my key and passphrase) originated the message, it would not allow me to call into question the validity of the email with nearly as much uncertainty as before. This is bad if it is done against me, but good if I am able to do it against someone else (just thinking from a legal perspective).

I'm not sure why I'm thinking about this. Perhaps I should be more careful about what I say in my emails, or perhaps I should be leaving my emails unsigned and saying whatever I want.

Then again, wasn't there a recent initiative to allow digital signatures to be legally binding in the US? Would this apply here?

Regardless, I don't know what to make of all this anymore. I'm looking for some advice. I'd be interested to see what everyone else has to say about this.

--
Whenever you walk by a computer and see someone using pico, be kind. Pause for a second and remind yourself that: "There, but for the grace of God, go I." -- Harley Hahn

Legal proof would change the internet society? (3.00 / 2) (#29)
by Robby on Thu Nov 09, 2000 at 08:29:49 AM EST

if the content of my email is the subject of a dispute, it could strengthen my opponent's case by proving that the message actually came from me (think libel). While it is perhaps ethically questionable to call into question the validity of a message which you well know you wrote, it would not be outside of the scope of a legal defense. By signing the message and showing that I (or someone with my key and passphrase) originated the message, it would not allow me to call into question the validity of the email with nearly as much uncertainty as before. This is bad if it is done against me, but good if I am able to do it against someone else (just thinking from a legal perspective).

Ok, honestly, don't think of it as bad from any point. It makes the internet into a standard forum where if you sign something, you are then legally liable and traceable (? on that one) for what you say. One of the cool things thats gone on the internet is the power to speak due to the enormous anonymity that you've got. Widespread cryptography would go towards ruining this sort of unusual 'society' thats been built on the Internet.



[ Parent ]

would limit freedom of expression? (3.00 / 2) (#31)
by molo on Thu Nov 09, 2000 at 11:55:03 AM EST

It makes the internet into a standard forum where if you sign something, you are then legally liable and traceable (? on that one) for what you say.

Wouldn't this be cause for lawsuits? Wouldn't that be more harmful to the signer than good? If people knew they could be sued for what they say in an email or web log post, wouldn't it place stronger limits in their minds on what was acceptable speech, thereby limiting their freedom of expression? Yes, I think this might change internet society.

Ok, honestly, don't think of it as bad from any point. [...] One of the cool things thats gone on the internet is the power to speak due to the enormous anonymity that you've got. Widespread cryptography would go towards ruining this sort of unusual 'society' thats been built on the Internet.

That sounds bad to me. Maybe I misunderstood the point of your post, but this sounds like you are agreeing with my above paragraph. How is that not bad?

--
Whenever you walk by a computer and see someone using pico, be kind. Pause for a second and remind yourself that: "There, but for the grace of God, go I." -- Harley Hahn
[ Parent ]

It's irritating to use (4.10 / 10) (#12)
by mingTmerciless on Wed Nov 08, 2000 at 04:12:30 PM EST

IMHO, the biggest impediment to expanded use of encryption is simply that it's a real pain in the ass to use.

...encryption won't be widely used until it requires zero additional thought. Not a little thought, zero thought. None.

Encryption will have to be built-in from the ground up. At the basic user level, there shouldn't be yet-another-passphrase to enter. A user will not care about keyservers, or certificates, or any of the other cruft that goes along with encrypted email. It's like asking your average car driver to actually care about the precise mechanism by which gasoline gets injected into their cylinders. Encryption written for use by cypherpunks gets used only by cypherpunks, because nobody else cares about the intricate details of it's operation.

Maybe they should care, but they don't. Saying that they ought to care is pointless -- it's not going to happen no matter how many times you explain the benefits. Some people I know simply won't conduct unencrypted conversation via email -- so naturally nobody else bothers to send them email, regardless of how important it is (eg: a server crashed, which seriously impaired Guy XYZ's work -- but nobody warned him of the impending failure, because nobody could be bothered to send him email; they figured "if he's gonna be obstinate, he'll suffer the consequences").

...and since any chain is only as strong as the weakest link, we all lose in the end.

This is why Groove doesn't give you any choice -- everything is encrypted whether you want it or not, and nothing is harder than it would otherwise be without encryption.

Make it braindead simple, and make it the default.

Maybe a little bit (2.33 / 3) (#14)
by Eponymous, Showered on Wed Nov 08, 2000 at 05:07:52 PM EST

I would contend that people would probably stand a little bit of hassle, but not much. I say this only because people do put their snail mail in envelopes. Although, on second thought, people may do this so they have a place to easily write the address and to put the stamp and a container to hold, for example, the electric bill and the check. Nevermind.

[ Parent ]
Re: It's irritating to use (2.50 / 4) (#17)
by WWWWolf on Wed Nov 08, 2000 at 05:24:47 PM EST

IMHO, the biggest impediment to expanded use of encryption is simply that it's a real pain in the ass to use.

Wholeheartedly seconded!

Personally, I'm glad I use XEmacs and its wonderful Mailcrypt package ("M-x encrypt" and lo, the Gibberish shall Lie). Little by little, I've even learned elisp to make me more productive with Emacsen... it's amazing how knowing elisp makes "pains in the ass" to turn into trivial every-day things.

...of course, I can't expect the Masses to do the same. Not many people believe me when I say "come on, XEmacs won't bite" =(

(At least the big UNIX sites, like universities, should make Mutt the "preferred" mail proggy - or at very least install it and encourage people to check it out. Not as popular and well-known as Pine, but cool nevertheless what comes to PGP/GPG use...)

-- Weyfour WWWWolf, a lupine technomancer from the cold north...


[ Parent ]
A little bit of knowledge is necessary (4.66 / 3) (#24)
by mcelrath on Thu Nov 09, 2000 at 12:38:13 AM EST

...encryption won't be widely used until it requires zero additional thought. Not a little thought, zero thought. None.

Or people learn a little about it. I disagree strongly that encryption should be transparent. You're correct that requiring a small amount of extra thought will prevent the masses from using it. However, encryption is something like checks, and car keys. You have to know how they work in order to use them. Can you imagine a person not understanding that when they wrote a check money would be deducted from their account? And not understanding the necessity of signing as authentication? This would be a disaster. People would be preyed upon left and right for their ignorance. Or car keys. What if you didn't understand that your car needed a key to be opened? Again, you would be preyed upon left and right.

Knowledge of the basics of public key encryption (that there is a key, and this must be kept secret, that your passphrase allows access to this key, and that you must exchange a public key to communicate) should be known by the user. Otherwise encryption is dangerous. People could be easily and systematically defrauded, and they'd be none the wiser. When encryption is used for identity verification, the user must take a personal interest in it, since carelessness with encryption can lead directly to identity theft, financial fraud, and worse.

It's unfortunate that this is the case. But like the intracacies of phone numbers, area codes, and phone-dialing protocol, even the lower half of the bell curve will eventually learn it if it becomes necessary to do so.

--Bob
1^2=1; (-1)^2=1; 1^2=(-1)^2; 1=-1; 2=0; 1=0.
[ Parent ]

Thought is still needed (4.50 / 2) (#26)
by pak21 on Thu Nov 09, 2000 at 05:02:38 AM EST

...encryption won't be widely used until it requires zero additional thought. Not a little thought, zero thought. None.

No - thought should still be needed. Whilst a decent encryption system (de facto) removes the physical eavesdropping problem, and public key systems remove the need to transfer a key, users still need to be aware of 'social engineering' attacks - understanding things like what their passphrase does, trust, validating keys etc. If people don't understand what they're doing, they'll get it wrong, and we'll lose the advantages.

[ Parent ]

little thought vs. zero thought (4.00 / 2) (#28)
by hany on Thu Nov 09, 2000 at 08:12:01 AM EST

While now using encryption requires a lot from user, it would be nice and good if such requirement drop lower.

But I think that enryption with "zero thought" wont work because it will be insecure (for example because of people blindly trusting public keys they receive not verifying them before critical usage).

Being insecure and vulnerable is quite easy. Being secure and well defended requires some labor and knowledge.


hany


[ Parent ]
real world (4.33 / 3) (#34)
by mstevens on Thu Nov 09, 2000 at 01:51:41 PM EST

You don't expect anything in the real world to be usable without people having some idea how to use it...

This is like saying that people won't put locks on their houses unless locks require no additional knowledge to use, and are just as easy as opening unlocked doors. Whereas, of course, the security provided by locks needs all sorts of knowledge - what a key is, where to get them, how to use them, the fact that you shouldn't let untrusted people near them...

I can never understand why people are happy to accept things require knowledge and expertise in the real world, but when they are computerised they suddenly have to become foolproof and require no thought.



[ Parent ]
My experiences (2.87 / 8) (#16)
by WWWWolf on Wed Nov 08, 2000 at 05:15:23 PM EST

First, how do you as a computer user implement personal security in your daily life, whether it being e-mail encryption, disk encryption or some other method.

Personally, I use both PGP5 and GPG (the first only for "compatibility reasons").

Usually, however, I don't use neither to actually encrypt everything, just to sign stuff. PGP5 for NoCeM signing, GPG for everything else (mostly E-mail).

And secondly, what do you do in with regards to people who don't use personal security? Do you tell them about PGP? Do you still send them insecure e-mail?

Well, I don't personally insist anyone signing anything that isn't absolutely, positively, needed to be signed or encrypted...

-- Weyfour WWWWolf, a lupine technomancer from the cold north...


PGP (3.85 / 7) (#18)
by Eponymous, Showered on Wed Nov 08, 2000 at 05:28:02 PM EST

I use PGP for several things. First, I have all of my data on my file server encrypted with PGPDisk. This is a practically effortless means of keeping your data safe. On windows, you mount a file and it becomes a virtual disk. Once it's mounted (with your passphrase), encryption/decryption is done on the fly, transparently. If the machine is stolen (or the feds pull a Steve Jackson/Jello Biafra on you), the passphrase is required to get access to all of that data again. I also keep my swapfile on that encrypted volume.

When I do backups of that data to CD-R every day, I simply run the zipfile of all my data through pgp, encrypting it to my public key. Once again, an attacker would need my private key and especially the passphrase to gain access to my backups.

Although I know better, I'd like to think my data is secure from almost any adversary. If my hardware were abducted, I know that I'd be out a couple of grand per machine, but that some freak or stranger (or cop) wouldn't have access to my personal finances, my family photos, my various writings, even (god forbid) my .emacs file.

Give PGP and PGPdisk a try. They're pretty easy and kinda fun. I'm thinking about switching to Scramdisk for the disk crypto. I gotta do my homework first, though.

I don't encrypt my email since most of my loser friends can't keep a PGP install running to save their lives. It's really not important to most of them and software rot/install fever gets the best of them. I did sign all my emails at one point, but that got boring and it makes a bit of a mess of the message. I ought to look at S/MIME.

PGPDisk under Linux? (3.25 / 4) (#20)
by lovelace on Wed Nov 08, 2000 at 05:53:15 PM EST

I use PGP for several things. First, I have all of my data on my file server encrypted with PGPDisk. This is a practically effortless means of keeping your data safe. On windows, you mount a file and it becomes a virtual disk. Once it's mounted (with your passphrase), encryption/decryption is done on the fly, transparently. If the machine is stolen (or the feds pull a Steve Jackson/Jello Biafra on you), the passphrase is required to get access to all of that data again. I also keep my swapfile on that encrypted volume.
Is there a way to mount PGPdisks under Linux? Since linux already supports loopback devices I would think this would be easy. Does anyone know the answer to this?

[ Parent ]
Two approaches to the problem (4.66 / 3) (#23)
by scjody on Wed Nov 08, 2000 at 11:11:55 PM EST

Yes and no. While I'm not aware of anything that's specifically PGPDisk compatible, I do know of two ways to do what you want:

  1. International Kernel + Loopback FS: I have used this in the past and it works quite well. It seems to support a variety of cyphers. Basically, you patch your kernel with a patch from kerneli.org, then setup a loopback encrypted filesystem. A loopback file system is a file created on another partition that can be mounted as a filesystem. So you would have a large file somewhere that would contain your encrypted data..
  2. Cryptographic File System (cfs): This is what I use now. It's easy to setup (even apt gettable..) and use. The cfs server runs on boot and works like an nfs server, except it reads and decrypts from your local disk rather than reading from the network. Encrypted directories and their contents are stored as files in a complex structure under, for example, ~/.crypt. This structure can be accessed by attaching it, for example as /crypt/scjody, and accessing the files from there. I have many things, for example ~/.gnupg, symlinked to directories in /crypt/scjody. For more info on CFS, see the HOWTO.
While researching this, I also found this useful page covering these and other encrypted filesystems. Hope this helps!

[ Parent ]
small deployment of encryption and me (4.00 / 3) (#27)
by hany on Thu Nov 09, 2000 at 05:03:31 AM EST

Because I have experience with small deployment of encryption among Internet users too I'm doing this:
  1. I'm sending important and less important e-mail signed - this at least makes recipients aware of "whoa, there is some GPG/PGP"
  2. I have link to my public key in my e-mail signature (thus every e-mail sent)
  3. to those interested I explain what it is and sometimes even help to set-up GPG/PGP for (mostly) e-mail communication
  4. I'm signing software which I produced or which comes to me signed

And to make my use of encryption complete:

  • I'm verifying signed/encrypted e-mail messages I received (personal, advisories from BT, ...)
  • I"m encrypting critical data

hany


Lack of good mail clients (4.00 / 3) (#33)
by sbeitzel on Thu Nov 09, 2000 at 12:51:53 PM EST

I've tried, I mean, really tried, to use PGP. I've got a key pair and everything. But how do I go about integrating it with my email program?

Look, a lot of people swear by mutt. I guess that means that a lot of people are really impressed by character-based email programs. That's all well and good, but the one thing that I really hate about using Linux as my desktop operating system is the lack of a decent graphical email program. I happen to like being able to work on several emails at once. That's the way I work. I also happen to like using the mouse to help me edit text.

I've tried Netscape's mail client, and I hate it. It doesn't cope at all well with passwords that have non-printing characters, and it insists on connecting to a POP or IMAP daemon. I use fetchmail to get all my mail onto the local machine; my email client should just look in $MAIL for chrissake!

KMail annoys the hell out of me. It's not at all clear where its "INBOX" is.

I'm currently using TkRat, which also manages to bug the hell out of me but at least it doesn't do unexpected things to my mailboxes.

But with all of these mailers, PGP/GPG integration is decidedly spotty. What I want is something that uses the same clipboard as my Gnome xterm, that lets me copy text from incoming messages, that handles attachments gracefully, that doesn't take all my incoming messages and store them in some weird format in an undetermined location, and that lets me encrypt my outgoing messages by selecting the entries from my keyring. For crying out loud, I have at least half a dozen email addresses and not all of them are on my key. My friends are in similar situations. I don't want my mailer trying to be clever and only encrypting messages to the email addresses in the recipient list; I want to be able to pick from my keyring.

So in order to send encrypted email, I have to compose the message outside the mailer, save it to a text file, encrypt it, and then import the encrypted file into the outbound message.

Well, I'll tell you: I work on multiple emails more often than I encrypt outbound messages, so encryption falls by the wayside.

I wonder if a filter would be a better solution (4.50 / 4) (#36)
by SEAL on Thu Nov 09, 2000 at 02:42:58 PM EST

Consider this:

You compose an email in the app of your choice. Click send. It connects to your filter program, which then looks for the recipient addresses, finds them on your keyring, and encrypts as necessary. It could also prompt you for a passphrase when needed.

Once that's done, it passes the outbound mail off to the normal place for sending. If there's no evidence of encryption, like a PGP or GPG header, then it just passes the mail through as-is.

In reverse, when you check your mail, you could tell your mail program to connect to this filter, and have it decrypt messages as needed.

Most of this would be transparent - effectively what you'd have is a replacement daemon for POP3 and sendmail. Heck - this would even solve the problem for a lot of Windows users. Much easier than writing a plugin for Outlook, anyhow. No GUI to worry about and it's not too hard to write portable network code. File attachments might require a little more care, though.

Hmm maybe I'll see if I can throw something together this weekend...

Anyone know if there's something like this already? I'd hate to duplicate another's effort.

Best regards,

SEAL

It's only after we've lost everything that we're free to do anything.
[ Parent ]
Cool (2.50 / 2) (#37)
by Eimi on Thu Nov 09, 2000 at 05:13:53 PM EST

Sounds like a fantastic idea. About the only problem I can see would be how it could properly prompt you for your passphrase. Not sure how to deal with that. But it soujnds quite useful.

[ Parent ]
Hmm. Kinda. (4.50 / 2) (#38)
by sbeitzel on Thu Nov 09, 2000 at 06:12:04 PM EST

See, here's the problem:
Bob Dude gets his work email at bob@bletch.com, but receives his personal email at bdude@goshwhattau.edu, bdude@free.email.com, bobthemagnificent@vanity.domain.net, and bob@my.domain.net

Meanwhile, his PGP key only contains his work and alumni email addresses. So if I want to send a message to him at one of the other locations (perhaps because those two are down, or he can't get to them) then this filter will have no way of knowing which key to use, because his public key doesn't have all his email addresses on it.

So, should Bob Dude have a key for every email address? Is that the real problem, there? In that case, we need to think about other issues, like:
  • newaliases(1) - this should create a new key pair, or maybe modify an existing key pair, when a new alias for a local user gets created.
  • adduser(8) - this script should create SSH keys and PGP keys for new users.


[ Parent ]
about Mutt... (3.00 / 2) (#46)
by rongen on Fri Nov 10, 2000 at 10:40:36 PM EST

I don't want to sound like I am pushing Mutt on you, but if you set it up to use the graphical editor of your choice for editing mail you might find it will do everything you wish for... Also, mutt is deliberately designed to let you run a bunch of copies at the same time. I often do this to send a message while a browse a couple more for info. Also I use emacs (but whatever you like is fine, right) as my editor for mutt so I can do pretty much anything with the text as I am editing...

Just some food for thought!
read/write http://www.prosebush.com
[ Parent ]

incompatibility (3.00 / 3) (#35)
by mstevens on Thu Nov 09, 2000 at 01:56:33 PM EST

I've found the biggest problem is the differences between PGP/MIME and the old way of sending pgp email. And the fact that gpg and pgp can't always read each other's keys. I haven't found a way to send pgp encrypted email that everyone with a pgp client of some kind can read.

I've also occasionally tried to adopt the policy of always pgp signing emails. You can't do it. So many people will moan, especially if you post to mailing lists, mostly because if you pick one format, they're using the other, and can't read your email, or it beeps at them, or they have to use something special. So in the end I went back to not pgp signing or encypting anything much.



Lists (3.00 / 2) (#40)
by arafel on Fri Nov 10, 2000 at 05:04:13 AM EST

I wouldn't have minded if it weren't for the fact that, for some reason, Eudora appeared to choke on it. It basically made your mail unreadable, which isn't a good thing. :-)

Paul
[ Parent ]
Choking (4.00 / 2) (#41)
by mstevens on Fri Nov 10, 2000 at 05:31:22 AM EST

That's my point - this is what happens, today, if you try to use PGP. I've
had similar problems with Outlook, and just about everything but mutt,
really. I suspect people using other packages have the reverse issue.
We need an encryption standard as portable and reliable as email
(which requires some knowledge to use, but is easily mastered by most
people once they appreciate why it's worth the effort)

Michael.

[ Parent ]
Not all programs (3.00 / 2) (#44)
by arafel on Fri Nov 10, 2000 at 09:27:30 AM EST

Mail between, say, Eudora and Outlook works okay. Could have something to do with the fact that both use PGP rather than GPG, I suppose. But yeah, mutt seems to be the only thing at the moment which uses the right types.
Paul
[ Parent ]
compatibility (3.00 / 2) (#45)
by mstevens on Fri Nov 10, 2000 at 10:24:13 AM EST

I agree that *some* combinations of things work, but it's not yet at the stage we have email, where pretty much anyone can mail another person and have it work...

[ Parent ]
How to use PGP? | 47 comments (46 topical, 1 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!