Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
gpgAnon, draft 20150
gnupg-users at gnupg
May 29, 2020, 8:39 AM
Post #1 of 5 (852 views)
Permalink
The setup described in this "how-to" was originally put together
and used (and possibly still is) quite a while ago, using
Disastry's PGP 2.6.3ia-multi06 as the crypto back end.

This guide has been composed from bits and pieces of the original
user documentation, scissoring out the content that it refers to
vaguely as "group policies". Other than that, the only substantial
change is the replacement of pgp 2.6.3ia-multi06 with gpg 1.4.10
(or later).

Technical testing of the described setup with the new crypto back
end is underway.

Any comments and criticism, of whatever kind, is welcome, if it
implies the permission to incorporate it into the final version
of the document.

Available to first one hundred downloads at:
https://send.firefox.com/download/d49d3f511202f943/#ITQHMkZexDePZ1JMwziuqg



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgAnon, draft 20150 [ In reply to ]
sac at 300baud
May 29, 2020, 9:51 AM
Post #2 of 5 (852 views)
Permalink
LisToFacTor via Gnupg-users wrote:

> The setup described in this "how-to" was originally put together
> and used (and possibly still is) quite a while ago, using
> Disastry's PGP 2.6.3ia-multi06 as the crypto back end.
>
> This guide has been composed from bits and pieces of the original
> user documentation, scissoring out the content that it refers to
> vaguely as "group policies". Other than that, the only substantial
> change is the replacement of pgp 2.6.3ia-multi06 with gpg 1.4.10
> (or later).
>
> Technical testing of the described setup with the new crypto back
> end is underway.
>
> Any comments and criticism, of whatever kind, is welcome, if it
> implies the permission to incorporate it into the final version
> of the document.
>
> Available to first one hundred downloads at:
> https://send.firefox.com/download/d49d3f511202f943/#ITQHMkZexDePZ1JMwziuqg

Hi,

how does Alice protects her Live-CD and USB stick, when she leaves home
and Mallory gains access to them, so that for example the Live-CD can
be exchanged?

Does Alice use the USB-stick also with other mediums and if so how does
she detect bad USB?

<https://www.manageengine.com/data-security/security-threats/bad-usb.html>

Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgAnon, draft 20150 [ In reply to ]
gnupg-users at gnupg
May 29, 2020, 11:12 AM
Post #3 of 5 (852 views)
Permalink
On 5/29/20 4:51 PM, Stefan Claas - sac@300baud.de wrote:
> how does Alice protects her Live-CD and USB stick, when she leaves home
> and Mallory gains access to them, so that for example the Live-CD can
> be exchanged?
Live-CD is a "public resource", available from multiple locations on
the 'net and off, simply discarded when not practical to protect.
Anybody can download, burn and give her a copy. On first use, checked
with:

sudo cat /dev/cdrom | shasum -

While noting on the CD is a secret, it is quite unlikely an adversary
can modify it without being detected.

> Does Alice use the USB-stick also with other mediums and if so how does
> she detect bad USB?
USB hygiene is always a problem. Small devices and frequent hardware
cycling on the trusted device with two USB ports is helpful:
dd if=/dev/sdb of=/dev/sdc bs=10M
(with subsequent cat ... | shasum - thrown in for good measure)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgAnon, draft 20150 [ In reply to ]
sac at 300baud
May 29, 2020, 12:09 PM
Post #4 of 5 (852 views)
Permalink
LisToFacTor via Gnupg-users wrote:

> On 5/29/20 4:51 PM, Stefan Claas - sac@300baud.de wrote:
> > how does Alice protects her Live-CD and USB stick, when she leaves
> > home and Mallory gains access to them, so that for example the
> > Live-CD can be exchanged?
> Live-CD is a "public resource", available from multiple locations on
> the 'net and off, simply discarded when not practical to protect.
> Anybody can download, burn and give her a copy. On first use, checked
> with:
>
> sudo cat /dev/cdrom | shasum -
>
> While noting on the CD is a secret, it is quite unlikely an adversary
> can modify it without being detected.
>
> > Does Alice use the USB-stick also with other mediums and if so how
> > does she detect bad USB?
> USB hygiene is always a problem. Small devices and frequent hardware
> cycling on the trusted device with two USB ports is helpful:
> dd if=/dev/sdb of=/dev/sdc bs=10M
> (with subsequent cat ... | shasum - thrown in for good measure)

Maybe you could add these two tips to the document, because Alice might
not know.

BTW. A while ago my Linux online Notebook was hacked and now I use
also a (Windows) offline Notebook for encryption and I have also
purchased a Kanguru Defender 3000 USB stick, wich allows to use
a virtual keyboard (under Windows) to type in the passphrase for
the encrypted USB stick and it has also a write-protect switch,
when using on an online computer. And it is bad USB safe.

Maybe interesting for someone?!

<https://www.kanguru.com/secure-storage/defender-3000-usb-3-secure-hardware-encrypted-flash-drive.shtml>


Regards
Stefan

--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgAnon, draft 20150 [ In reply to ]
gnupg-users at gnupg
Jun 2, 2020, 3:25 AM
Post #5 of 5 (846 views)
Permalink
On Fri, 29 May 2020 15:39, LisToFacTor said:

> vaguely as "group policies". Other than that, the only substantial
> change is the replacement of pgp 2.6.3ia-multi06 with gpg 1.4.10

You should not propose the use of 1.4 for any other use than decrypting
old data. In particular not in a guide which is being read by people
who risk high personal trouble and worse. Friends don't tell friends to
use 1.4.


Shalom-Salam,

Werner


--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal