Mailing List Archive

Mark Fernandes wrote:

Hello Mark,

[...]

> Hello Stefan. Forgive my ignorance, but I'm failing to see the significant
> benefit of such a method. Is what you are proposing similar to sending an
> encrypted message on CD via the post, that the recipient then gets
> decrypted using the public key published on the internet?

Yes, it is the same procedure, except that I used postcards.

> I don't consider postal systems, even those in the EU, to be generally
> secure or at least verifiable as being secure. Actually worked for a
> Christmas stint at Royal Mail, helping out with the extra mail--didn't
> convince me that mail was much secured. Postmen can be blackmailed, bribed,
> or succumb to other methods of attack. What's stopping someone working in
> the postal system from simply corruptly sending data to outside the EU?

I strongly doubt that *hard working* postmen will do this, because sooner or
later this will be detected and investigated and it would cost postmen IMHO
valuable time (which they probably don't have) to copy and send my mail to
3rd parties outside the EU. IIRC, postal services scan mail for the addresses,
for automatic sorting machines, but I have never read that they also scan
letter content within a letter or from postcards, which would violate
the confidentiality of letters, guaranteed by laws, in Germany and elsewhere.

And if you think, or someone else thinks that *hard working* postmen could
be not trusted, how about all the roots working at email providers? I am
more concerned nowadays (remember Edward Snowden handling over electronic
documents from his employer to third parties) that people (maybe part-time
or intern etc.) can handle over such data to 3rd parties outside the EU,
much much easier and without been detected.

If all Interent citizens had to / or would run their own postfix server then
this would be a different story IMHO.

Last but not least encrypted postcards were popular among couples many many
decades ago (if you google for encrypted postcards) and I think it is a valid
option, which I trust much much more than encrypted email (and I have email
since 1985).

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

>
> Date: Tue, 6 Oct 2020 12:34:43 +0200
> From: Stefan Claas <sac@300baud.de>
> To: Mark Fernandes <m.fernandes.business@gmail.com>,
> gnupg-users@gnupg.org
> Subject: Re: Five volunteers needed (EU .... Are you sure that this is
> really advantageous?
> Message-ID: <20201006113425.00007f72@300baud.de>
> Content-Type: text/plain; charset=US-ASCII
>
> ...



I strongly doubt that *hard working* postmen will do this, because sooner or
> later this will be detected and investigated and it would cost postmen IMHO
> valuable time (which they probably don't have) to copy and send my mail to
> 3rd parties outside the EU. IIRC, postal services scan mail for the
> addresses,
> for automatic sorting machines, but I have never read that they also scan
> letter content within a letter or from postcards, which would violate
> the confidentiality of letters, guaranteed by laws, in Germany and
> elsewhere.
>
> And if you think, or someone else thinks that *hard working* postmen could
> be not trusted, how about all the roots working at email providers? I am
> more concerned nowadays (remember Edward Snowden handling over electronic
> documents from his employer to third parties) that people (maybe part-time
> or intern etc.) can handle over such data to 3rd parties outside the EU,
> much much easier and without been detected.
>
>
Hello Stefan. I'm not saying hard-working, honest postmen would do this,
but not all postmen are necessarily hard-working and honest. How difficult
is it to steam-open an envelope, take a photo of the contents with your
smartphone, send it abroad, and then reseal the envelope? And that's just
the obvious form of corruption... My father lived through a revolution in
the country of his birth, and ended-up leaving the country. The people who
caused the revolution likely didn't all of a sudden organise; probably
through clandestine, and partly corrupt practices, they organised and
planned their attacks. Believing that the postal systems are definitely
secure just seems unwarranted.

I tend to think (perhaps you might say wrongly), that the internet
represents a more secure form of communication, partly because of its
history of origin and development being based in the US military.

Concerning the roots of email providers, I was under the belief that often
internet services were encrypted such that employees of a provider
basically couldn't see user assets in unencrypted form. I would be
surprised if Google employees could read my emails without somehow getting
the password from me. I know email isn't necessarily secure, but so far as
employees and company resources at the provider's end, I don't think they
can do much really. Extra efforts would have to be made to intercept
unencrypted traffic. If I just sent a GMAIL email to another GMAIL address,
because such emails are not at all sent unencrypted (as far as I know), it
would be impossible to read the email unless they somehow hacked my user
environment, eg. if they did something like capturing my password using
hidden cameras in my room. Perhaps I'm wrong?

I'm definitely not saying that the postal system can't be used. But I'm
just saying that perhaps it doesn't represent more than a little more
security than certain digital forms of communication. The good thing about
cryptography algorithms, is that you can study the mathematics behind them,
and convince yourself that they work. Whereas with the postal system, it's
more based simply on reputation and the word of other people. The
algorithms can be verified by users, but the same doesn't seem much true
with the postal system.

Your idea though, of using both digital comms and the postal system
together, is probably a good one, but just not sure you have the right form
yet.


Thanks,


Mark F

Mark Fernandes wrote:

[...]

Hello Mark,

> Hello Stefan. I'm not saying hard-working, honest postmen would do this,
> but not all postmen are necessarily hard-working and honest. How difficult
> is it to steam-open an envelope, take a photo of the contents with your
> smartphone, send it abroad, and then reseal the envelope? And that's just
> the obvious form of corruption... My father lived through a revolution in
> the country of his birth, and ended-up leaving the country. The people who
> caused the revolution likely didn't all of a sudden organise; probably
> through clandestine, and partly corrupt practices, they organised and
> planned their attacks. Believing that the postal systems are definitely
> secure just seems unwarranted.

Yes, understand, but people who are sending (encrypted) sensitive things with
postal mail can also use security envelopes, which does not let light shine
through, can use covers for NFC tags and additionally tamper evident bags so
that a bribed postman could not photograph the content of the letter.

This is all available for purchase online.

> I tend to think (perhaps you might say wrongly), that the internet
> represents a more secure form of communication, partly because of its
> history of origin and development being based in the US military.

I like to say it this way, when the ARPANET and later the relatively small
Internet, compared to other global networks came up people did not rely on
encryption and their communications were somewhat more secure, because of
how OSs for the computers and the used software was designed, compared with
nowadays hardware / software components.

> Concerning the roots of email providers, I was under the belief that often
> internet services were encrypted such that employees of a provider
> basically couldn't see user assets in unencrypted form. I would be
> surprised if Google employees could read my emails without somehow getting
> the password from me. I know email isn't necessarily secure, but so far as
> employees and company resources at the provider's end, I don't think they
> can do much really. Extra efforts would have to be made to intercept
> unencrypted traffic. If I just sent a GMAIL email to another GMAIL address,
> because such emails are not at all sent unencrypted (as far as I know), it
> would be impossible to read the email unless they somehow hacked my user
> environment, eg. if they did something like capturing my password using
> hidden cameras in my room. Perhaps I'm wrong?

Well, first of all, we should ask ourselves why in the world do people get
so many many services on the Internet for *free* ...? I think it has to do
with the U.S. Supremacy & Leadership role. Normally when you or me would
start a business you would need a lot of money, then secure your business,
and finally charge users, so that you can make an income for you and your
employees and cover the monthly network traffic/hardware/maintenance costs.

Regarding Google Mail etc. These services are run on multi-user systems
and people with super-user privileges, which a root user assigned to them,
can control the whole system and does not need your encrypted and salted
password to access your account. However, your email is encrypted in transient
when it leaves the servers or arrives at servers. Modern and privacy oriented
email services like Tutanota or ProtonMail do not allow this, because their
servers encrypt you email, while it rests on the servers. Hence probably
why these modern services receive often heavily DDOS attacks...

What a lot of people probably don't know, when we had global (and local) Online
Services decades ago, like CompuServe, AOL etc, where you could also chat, write
email and had forums. users have *been charged monthly* for using these Online
Services, besides, the access points they used! And these business were successful
and had millions of users.

Later when Al Gore 'invented' the Internet all these cool and good Networks,
Online Services etc. disappeared.

In case you have access to a good library, with computer books, or can get
old computer books from sellers, I highly recommend the book "The Matrix",
from John S. Quarterman. The Book is from the late 80's and shows people
that we had plenty of global computer networks and which are all no longer
exists.

> I'm definitely not saying that the postal system can't be used. But I'm
> just saying that perhaps it doesn't represent more than a little more
> security than certain digital forms of communication. The good thing about
> cryptography algorithms, is that you can study the mathematics behind them,
> and convince yourself that they work. Whereas with the postal system, it's
> more based simply on reputation and the word of other people. The
> algorithms can be verified by users, but the same doesn't seem much true
> with the postal system.

Correct, but my idea is based on that people can use the postal system with
encryption too.

> Your idea though, of using both digital comms and the postal system
> together, is probably a good one, but just not sure you have the right form
> yet.

Well, I think, in 2020 and ongoing it is a good and valid option and let's
see how this will pan out, i.e. hearing later politicians and LEA saying the
same thing what they say about encryption on the Internet ... Once this will
happen than we see that they need, for what ever reason, full control of
peoples digital content.

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Hi


On Wednesday 7 October 2020 at 1:33:04 PM, in
<mid:20201007133304.00003f4d@300baud.de>, Stefan Claas wrote:-



> Later when Al Gore 'invented' the Internet

I thought Tim Berners-Lee invented the internet in 1989.

--
Best regards

MFPA <mailto:2017-r3sgs86x8e-lists-groups@riseup.net>

I miss civilisation and I want it back.

MFPA wrote:

> Hi
>
>
> On Wednesday 7 October 2020 at 1:33:04 PM, in
> <mid:20201007133304.00003f4d@300baud.de>, Stefan Claas wrote:-
>
>
>
> > Later when Al Gore 'invented' the Internet
>
> I thought Tim Berners-Lee invented the internet in 1989.

He was the inventor of the World Wide Web. And I had put the
word invented in quotes.

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Stefan Claas wrote:

> MFPA wrote:
>
> > Hi
> >
> >
> > On Wednesday 7 October 2020 at 1:33:04 PM, in
> > <mid:20201007133304.00003f4d@300baud.de>, Stefan Claas wrote:-
> >
> >
> >
> > > Later when Al Gore 'invented' the Internet
> >
> > I thought Tim Berners-Lee invented the internet in 1989.
>
> He was the inventor of the World Wide Web. And I had put the
> word invented in quotes.

Better should have said that Tim Berners-Lee was the inventor
of the World Wide Web ...

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Stefan Claas wrote:

[...]

> Well, first of all, we should ask ourselves why in the world do people get
> so many many services on the Internet for *free* ...? I think it has to do
> with the U.S. Supremacy & Leadership role. Normally when you or me would
> start a business you would need a lot of money, then secure your business,
> and finally charge users, so that you can make an income for you and your
> employees and cover the monthly network traffic/hardware/maintenance costs.

[...]

Regarding the Internet as of today and Al Gores vision and the Internet
commerce etc.

I always wondered why it is not possible for me and probably many other
people to not get a *static* IPv6 address additionally when you sign up
as private individual at an ISP of your choice?

People could use as usual still common IPv4 for their regular surfing etc.
but had then the ability, with a static IPv6 address to run their own
email server and other services from home with a little Raspberry Pi etc.,
without purchasing a VPS plan, thus one would only need to register a
domain of choice and the records management could also bee done a) with
the Domain Registrar or your local ISP, instead of the VPS hosting provider.

Interesting ... isn't it? (Or would that make to much work for TLAs to
conduct mass surveillance and what is the position of EU politician when
they speak about digitalization of the EU etc?

I ask this, because when one looks at Wikipedia:

https://en.wikipedia.org/wiki/IPv6

people may wonder why it takes sooooo loooong that every citizen on this
planet could get a static IPv6 address for *free* when they sign up for
an ISP of their choice.

Regards and good night,
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 07/10/2020 23:27, Stefan Claas wrote:
> I always wondered why it is not possible for me and probably many other
> people to not get a *static* IPv6 address additionally when you sign up
> as private individual at an ISP of your choice?

There isn't much consumer demand for it (most people don't even know
what IPv6 is), so ISPs aren't going to spend time on it unless there's
something in it for them. Eventually yes, they'll have to move to IPv6
because the world will run out of IPv4 addresses, but while that event
is looming on the horizon there's no due date for it. Also, IPv6 is only
critical if you don't already own a huge block of IPv4 (which most
established ISPs do). And since they'll have to support IPv4
indefinitely so as not to cut off access to the millions of websites
that will never migrate to IPv6, they've probably calculated that NAT4
is sufficient.

My ISP does offer IPv6 though - just not on all of its network segments.
Yet.

--
Andrew Gallagher

> There isn't much consumer demand for it (most people don't even know
> what IPv6 is), so ISPs aren't going to spend time on it unless
> there's something in it for them.

Here in the United States, it is generally quite difficult for consumers
to get -anything- except the bog-standard that their ISP offers.
Doesn't matter what it is: if it's not part of the bog-standard
consumer-grade package your only recourse is to upgrade to a
commercial-grade package.

There are some exceptions to this rule, but by and large it holds true.

Andrew Gallagher wrote:

> On 07/10/2020 23:27, Stefan Claas wrote:
> > I always wondered why it is not possible for me and probably many other
> > people to not get a *static* IPv6 address additionally when you sign up
> > as private individual at an ISP of your choice?
>
> There isn't much consumer demand for it (most people don't even know
> what IPv6 is), so ISPs aren't going to spend time on it unless there's
> something in it for them. Eventually yes, they'll have to move to IPv6
> because the world will run out of IPv4 addresses, but while that event
> is looming on the horizon there's no due date for it. Also, IPv6 is only
> critical if you don't already own a huge block of IPv4 (which most
> established ISPs do). And since they'll have to support IPv4
> indefinitely so as not to cut off access to the millions of websites
> that will never migrate to IPv6, they've probably calculated that NAT4
> is sufficient.
>
> My ISP does offer IPv6 though - just not on all of its network segments.
> Yet.

Mine offers this only for business customers, same with others in Germany.

Technically there should be no differences been made between businesses and
private individuals IMHO, because their is not shortage of them.

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Back in the old days of the internet there was ISP called Primenet (no
longer around) that did give static IPs. I had one at that time. 
Nowadays it seems like only possible with business accounts at at least
with Cox, those are 2-3x the cost of residential ones. So unless you
want to spend the coin you are stuck with the dynamic IPv4 and IPv6
addresses.

On 10/8/2020 9:00 AM, Robert J. Hansen via Gnupg-users wrote:
>> There isn't much consumer demand for it (most people don't even know
>> what IPv6 is), so ISPs aren't going to spend time on it unless
>> there's something in it for them.
> Here in the United States, it is generally quite difficult for consumers
> to get -anything- except the bog-standard that their ISP offers.
> Doesn't matter what it is: if it's not part of the bog-standard
> consumer-grade package your only recourse is to upgrade to a
> commercial-grade package.
>
> There are some exceptions to this rule, but by and large it holds true.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

--
PGP Key Upon Request

On 2020-10-06 at 12:34 +0200, Stefan Claas wrote:
> Mark Fernandes wrote:
>
> Hello Mark,
>
> [...]
>
> > Hello Stefan. Forgive my ignorance, but I'm failing to see the
> > significant
> > benefit of such a method. Is what you are proposing similar to
> > sending an
> > encrypted message on CD via the post, that the recipient then gets
> > decrypted using the public key published on the internet?
>
> Yes, it is the same procedure, except that I used postcards.


>
> > I don't consider postal systems, even those in the EU, to be
> > generally secure or at least verifiable as being secure. Actually
> > worked for a Christmas stint at Royal Mail, helping out with the
> > extra mail --didn't convince me that mail was much secured. Postmen
> > can be blackmailed, bribed, or succumb to other methods of attack.
> > What's stopping someone working in the postal system from simply
> > corruptly sending data to outside the EU?
>
> I strongly doubt that *hard working* postmen will do this, because
> sooner or later this will be detected and investigated and it would
> cost postmen IMHO valuable time (which they probably don't have) to
> copy and send my mail to 3rd parties outside the EU. IIRC, postal
> services scan mail for the addresses, for automatic sorting machines,
> but I have never read that they also scan letter content within a
> letter or from postcards, which would violate the confidentiality of
> letters, guaranteed by laws, in Germany and elsewhere.
>
> And if you think, or someone else thinks that *hard working* postmen
> could be not trusted, how about all the roots working at email
> providers? I am more concerned nowadays (remember Edward Snowden
> handling over electronic documents from his employer to third
> parties) that people (maybe part-time or intern etc.) can handle over
> such data to 3rd parties outside the EU, much much easier and without
> been detected.


First of all, postcards are fine for a proof of concept. They are more
'fun' to send and receive. However, for a serious encrypted
conversation Alice and Bob should use enveloped mail.
Using a postcard you have pretty much weakened the letter
confidentiality, imho.

And if rather than writing text you are sending some electronics, a QR,
etc. you will be attracting even more attention ("Hey, John, see this
weird postcard that is being sent").

The real contents themselves are encrypted, but they would typically
want to blend with other messages, not to stand out. The NFC tags are
out of the way, since they can easily be found amidst all the mail.

A more subtle approach would be to have their armored pgp message with
spaces inserted, then sent inside an envelope, so that even if looked
against the light it seemed like filled with "normal word".


To consider postmen harder to bribe seems naive. Plus, there are many
hardworking sysadmins that would be offended by your words.
If you want to compare postal mail and electronic mail, you should
focus on the benefits of each medium.
For example, a letter sent to its final destination but not yet
received could be read by the admin of the email mailbox. A postman
could not "recall" the letter from your mailbox to read it after it has
been delivered (or, if it is possible to extract a delivered letter
from your mailbox, that's possible not only for your postman but also
for your neighbours).
Once you pick your physical mail, it's no longer in the mailbox.
Nowadays, most people keep a copy of their emails stored on their
providers' mailbox.


Most postmen will never open your mail to read it, nor will they
maliciously hand it over to a third party. However, if you were framed.
Maybe you were considered a person of interest by a Government, or a
competitor wanted to spy your mail (even though it'd be illegal), that
would not be complex.
If they managed to bribe the postman that delivers your mail would
simply keep mail directed to you on their bag. Then they would hand it
out to to their spymaster (or process it themselves on reaching home),
and actually deliver it the next day.?
That would require them some effort. But whoever is paying the bribe
should offer one that compensates for that.

Remember that while you may encrypt and sign the message to ensure
confidentiality and integrity, the postmen control the medium, and thus
availabilty.


You might want to send a canary token encoded ina QR and see if anyone
triggers that. Postmen is not expected and should not scan or read it,
just as the NSA is full of professional people that should not peek
into content unrelated to their assigned work, yet might end up sharing
your nude photos with their colleagues.?
(using a QR would have the interesting issue that I think some postal
systems do use a QR internally to encode the addressing, so could a
user-level message QR be confused -and thus scanned- with a transport-
level QR?)

As a coded letter is likely to bring attention to it (few people if any
send encrypted messages that way), they would ideally hide it into
something less conspicuous. They could use invisible ink over a normal-
looking text or, a pretty clever way to sneak your QR would be to
provide an ad of he products from a company, with the real data hidden
on different QR attached to the magazine.


? A postcard would be even simpler, just the time of taking a
smartphone picture and send to their contact.
? https://www.huffpost.com/entry/nsa-nude-photos_n_5597472

Best


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

?ngel wrote:

[...]

Apologies for not quoting your message content and deleting it.

We all can probably discuss many more things about postal mail
versus email, postman, Internet etc. and what not.

For me the Internet spans, as a closed net/mesh, around the globe
and therefore I do not see it as decentralized places, which can,
as we know, technically remotely easier been digitally controlled
than decentralized analog postal systems, which can function
independently when delivery in each country is mostly done within
it's borders, while the nature of the Internet has no borders.

Since I have started the thread publicity to let GnuPG users know
other communication forms and which can be be read everywhere,
without access restrictions, it will be interesting to see if all
postcards will arrive ... ;-)

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Stefan Claas wrote:

> Since I have started the thread publicity to let GnuPG users know
> other communication forms and which can be be read everywhere,
> without access restrictions, it will be interesting to see if all
> postcards will arrive ... ;-)

Update.

I received feedback from (not all*) participants and they had no
problems to read the NFC tags, with smart phones or an external
reader, so they were in proper condition, as expected. As of my
understanding, iOS users will probably need iOS 14 in order to
read NFC tags natively, while iOS 13 users and below most likely
need and NFC app from the AppStore. Regarding Android, reports
were also good and people used apps from their store(s).

*since I have not stored the email conversations, as I wrote in
my initial posting, I can not ask if they had success or not,
because I don't remember their email addresses.

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

El día sábado, octubre 10, 2020 a las 03:57:39p. m. +0200, Stefan Claas escribió:

> Stefan Claas wrote:
>
> > Since I have started the thread publicity to let GnuPG users know
> > other communication forms and which can be be read everywhere,
> > without access restrictions, it will be interesting to see if all
> > postcards will arrive ... ;-)
>
> Update.
>
> I received feedback from (not all*) participants and they had no
> problems to read the NFC tags, with smart phones or an external
> reader, so they were in proper condition, as expected. As of my
> understanding, iOS users will probably need iOS 14 in order to
> read NFC tags natively, while iOS 13 users and below most likely
> need and NFC app from the AppStore. Regarding Android, reports
> were also good and people used apps from their store(s).

As one of the testers: Using an iOS system is not a real world option for me
because the iOS can execute commands stored on the NFC tag and getting a
plain file out of the tag over to some UNIX laptop is tricky. A real
world option for me would only be a Linux based mobile, like the UBports.com
ones or a Purism L5, both have no NFC hardware at the moment and would
need an additional reader gadget.

matthias

--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
??? ????? ??? ??????, ??? ?????? ??? ?????????? (??a????? ????? ?????)
Without books no knowledge - without knowledge no communism (Vladimir Ilyich Lenin)
Sin libros no hay saber - sin saber no hay comunismo. (Vladimir Ilich Lenin)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Matthias Apitz wrote:

> El d?a s?bado, octubre 10, 2020 a las 03:57:39p. m. +0200, Stefan Claas escribi?:
>
> > Stefan Claas wrote:
> >
> > > Since I have started the thread publicity to let GnuPG users know
> > > other communication forms and which can be be read everywhere,
> > > without access restrictions, it will be interesting to see if all
> > > postcards will arrive ... ;-)
> >
> > Update.
> >
> > I received feedback from (not all*) participants and they had no
> > problems to read the NFC tags, with smart phones or an external
> > reader, so they were in proper condition, as expected. As of my
> > understanding, iOS users will probably need iOS 14 in order to
> > read NFC tags natively, while iOS 13 users and below most likely
> > need and NFC app from the AppStore. Regarding Android, reports
> > were also good and people used apps from their store(s).
>
> As one of the testers: Using an iOS system is not a real world option for me
> because the iOS can execute commands stored on the NFC tag and getting a
> plain file out of the tag over to some UNIX laptop is tricky. A real
> world option for me would only be a Linux based mobile, like the UBports.com
> ones or a Purism L5, both have no NFC hardware at the moment and would
> need an additional reader gadget.

Thanks for pointing this out. Could you elaborate a bit on how this works?

I ask because a standard tag I used stores only roughly 800 bytes.

In case raw binary data would be stored instead of links, for example, how
does iOS automatically executes this data, once the tag is noticed by the
iOS device?

Regards
Stefan


--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Thu, Oct 08, 2020 at 12:27:24AM +0200, Stefan Claas wrote:
> Regarding the Internet as of today and Al Gores vision and the Internet
> commerce etc.
>
> I always wondered why it is not possible for me and probably many other
> people to not get a *static* IPv6 address additionally when you sign up
> as private individual at an ISP of your choice?
>
> People could use as usual still common IPv4 for their regular surfing etc.
> but had then the ability, with a static IPv6 address to run their own
> email server and other services from home with a little Raspberry Pi etc.,
> without purchasing a VPS plan, thus one would only need to register a
> domain of choice and the records management could also bee done a) with
> the Domain Registrar or your local ISP, instead of the VPS hosting provider.

Certainly it would be preferable to have a static IPv6 address for that
sort of thing, but it's still quite simple to run services from home by
using dynamic DNS. I'm able to have ddclient run on my router, which
will inform my DNS provider (Cloudflare) of any changes to my dynamic
IPv4 address. Sure, during the occasional change to my address, my
services might go down for a minute or two. For me at least, that's not
the end of the world.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

John A. Leuenhagen via Gnupg-users wrote:

> On Thu, Oct 08, 2020 at 12:27:24AM +0200, Stefan Claas wrote:
> > Regarding the Internet as of today and Al Gores vision and the Internet
> > commerce etc.
> >
> > I always wondered why it is not possible for me and probably many other
> > people to not get a *static* IPv6 address additionally when you sign up
> > as private individual at an ISP of your choice?
> >
> > People could use as usual still common IPv4 for their regular surfing etc.
> > but had then the ability, with a static IPv6 address to run their own
> > email server and other services from home with a little Raspberry Pi etc.,
> > without purchasing a VPS plan, thus one would only need to register a
> > domain of choice and the records management could also bee done a) with
> > the Domain Registrar or your local ISP, instead of the VPS hosting provider.
>
> Certainly it would be preferable to have a static IPv6 address for that
> sort of thing, but it's still quite simple to run services from home by
> using dynamic DNS. I'm able to have ddclient run on my router, which
> will inform my DNS provider (Cloudflare) of any changes to my dynamic
> IPv4 address. Sure, during the occasional change to my address, my
> services might go down for a minute or two. For me at least, that's not
> the end of the world.

Well, yes and no. I run many years ago with a dynamic IP address services
too and had a domain with no-ip.com. But nowadays if you like to run a mail
server you will need a static IP address, because if it would be dynamic
your are considered as spammer, due to black listing of dynamic IP address
ranges.

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Sun, Oct 11, 2020 at 09:48:37AM +0200, Stefan Claas wrote:
> John A. Leuenhagen via Gnupg-users wrote:
>
> > On Thu, Oct 08, 2020 at 12:27:24AM +0200, Stefan Claas wrote:
> > > Regarding the Internet as of today and Al Gores vision and the Internet
> > > commerce etc.
> > >
> > > I always wondered why it is not possible for me and probably many other
> > > people to not get a *static* IPv6 address additionally when you sign up
> > > as private individual at an ISP of your choice?
> > >
> > > People could use as usual still common IPv4 for their regular surfing etc.
> > > but had then the ability, with a static IPv6 address to run their own
> > > email server and other services from home with a little Raspberry Pi etc.,
> > > without purchasing a VPS plan, thus one would only need to register a
> > > domain of choice and the records management could also bee done a) with
> > > the Domain Registrar or your local ISP, instead of the VPS hosting provider.
> >
> > Certainly it would be preferable to have a static IPv6 address for that
> > sort of thing, but it's still quite simple to run services from home by
> > using dynamic DNS. I'm able to have ddclient run on my router, which
> > will inform my DNS provider (Cloudflare) of any changes to my dynamic
> > IPv4 address. Sure, during the occasional change to my address, my
> > services might go down for a minute or two. For me at least, that's not
> > the end of the world.
>
> Well, yes and no. I run many years ago with a dynamic IP address services
> too and had a domain with no-ip.com. But nowadays if you like to run a mail
> server you will need a static IP address, because if it would be dynamic
> your are considered as spammer, due to black listing of dynamic IP address
> ranges.
That is true, you definitely need a static IP address to run a mail
server. For many other things though, I've managed to get by with a
dynamic address.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

El día sábado, octubre 10, 2020 a las 09:04:18p. m. +0200, Stefan Claas escribió:

> > As one of the testers: Using an iOS system is not a real world option for me
> > because the iOS can execute commands stored on the NFC tag and getting a
> > plain file out of the tag over to some UNIX laptop is tricky. A real
> > world option for me would only be a Linux based mobile, like the UBports.com
> > ones or a Purism L5, both have no NFC hardware at the moment and would
> > need an additional reader gadget.
>
> Thanks for pointing this out. Could you elaborate a bit on how this works?

I haven't tested it, but it is wiely known, for example:

https://gototags.com/blog/understanding-nfc-shortcuts-iphone

matthias
--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
??? ????? ??? ??????, ??? ?????? ??? ?????????? (??a????? ????? ?????)
Without books no knowledge - without knowledge no communism (Vladimir Ilyich Lenin)
Sin libros no hay saber - sin saber no hay comunismo. (Vladimir Ilich Lenin)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Matthias Apitz wrote:

> El d?a s?bado, octubre 10, 2020 a las 09:04:18p. m. +0200, Stefan Claas escribi?:
>
> > > As one of the testers: Using an iOS system is not a real world option for me
> > > because the iOS can execute commands stored on the NFC tag and getting a
> > > plain file out of the tag over to some UNIX laptop is tricky. A real
> > > world option for me would only be a Linux based mobile, like the UBports.com
> > > ones or a Purism L5, both have no NFC hardware at the moment and would
> > > need an additional reader gadget.
> >
> > Thanks for pointing this out. Could you elaborate a bit on how this works?
>
> I haven't tested it, but it is wiely known, for example:
>
> https://gototags.com/blog/understanding-nfc-shortcuts-iphone

Thanks, nice way to automate things with iOS.

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

El día domingo, octubre 11, 2020 a las 03:55:25p. m. +0200, Stefan Claas escribió:

> > I haven't tested it, but it is wiely known, for example:
> >
> > https://gototags.com/blog/understanding-nfc-shortcuts-iphone
>
> Thanks, nice way to automate things with iOS.

Hmm, nice that others can rewrite your NFC tag (the UID matters) with
bad shortcut commands, only having loosely access to a NFC tag you
tabbed, for example, in your car. Maybe we have different opinions about
'nice'.

matthias

--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
??? ????? ??? ??????, ??? ?????? ??? ?????????? (??a????? ????? ?????)
Without books no knowledge - without knowledge no communism (Vladimir Ilyich Lenin)
Sin libros no hay saber - sin saber no hay comunismo. (Vladimir Ilich Lenin)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Matthias Apitz wrote:

> El d?a domingo, octubre 11, 2020 a las 03:55:25p. m. +0200, Stefan Claas escribi?:
>
> > > I haven't tested it, but it is wiely known, for example:
> > >
> > > https://gototags.com/blog/understanding-nfc-shortcuts-iphone
> >
> > Thanks, nice way to automate things with iOS.
>
> Hmm, nice that others can rewrite your NFC tag (the UID matters) with
> bad shortcut commands, only having loosely access to a NFC tag you
> tabbed, for example, in your car. Maybe we have different opinions about
> 'nice'.

I had not set a password, so that the recipients can play with it. With a
password set the NFC tag can not be written to.

Regards
Stefan

--
NaClbox: cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
The computer helps us to solve problems, we did not have without him.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Probably a bit outside the scope of the list, but in my experience most
users underestimate the risks involved in running their own servers. 
Probably not anyone reading a GPG mailing list, but I only mention it
because of the discussion of no-ip and DDNS stuff -- usually only tools
used by non-commercial, non professional entities.  I run into this a
lot with people who buy cheap camera systems for their homes, put it on
the same LAN as everything else in the house,  open up port 80 right
into their NVR, give the default NVR user an easy password, and then
proceed to run that thing for years without ever patching the NVR server.

There are so many IP6 addresses available that everyone in the world
could be given a trillion of them to use and it wouldn't make an
appreciable dent in the total left available.  I suspect in the future
your NAT gateway will live in the cloud and every device will have it's
own static IP. 

On 10/11/20 2:56 AM, John A. Leuenhagen via Gnupg-users wrote:
> On Sun, Oct 11, 2020 at 09:48:37AM +0200, Stefan Claas wrote:
>> John A. Leuenhagen via Gnupg-users wrote:
>>
>>> On Thu, Oct 08, 2020 at 12:27:24AM +0200, Stefan Claas wrote:
>>>> Regarding the Internet as of today and Al Gores vision and the Internet
>>>> commerce etc.
>>>>
>>>> I always wondered why it is not possible for me and probably many other
>>>> people to not get a *static* IPv6 address additionally when you sign up
>>>> as private individual at an ISP of your choice?
>>>>
>>>> People could use as usual still common IPv4 for their regular surfing etc.
>>>> but had then the ability, with a static IPv6 address to run their own
>>>> email server and other services from home with a little Raspberry Pi etc.,
>>>> without purchasing a VPS plan, thus one would only need to register a
>>>> domain of choice and the records management could also bee done a) with
>>>> the Domain Registrar or your local ISP, instead of the VPS hosting provider.
>>> Certainly it would be preferable to have a static IPv6 address for that
>>> sort of thing, but it's still quite simple to run services from home by
>>> using dynamic DNS. I'm able to have ddclient run on my router, which
>>> will inform my DNS provider (Cloudflare) of any changes to my dynamic
>>> IPv4 address. Sure, during the occasional change to my address, my
>>> services might go down for a minute or two. For me at least, that's not
>>> the end of the world.
>> Well, yes and no. I run many years ago with a dynamic IP address services
>> too and had a domain with no-ip.com. But nowadays if you like to run a mail
>> server you will need a static IP address, because if it would be dynamic
>> your are considered as spammer, due to black listing of dynamic IP address
>> ranges.
> That is true, you definitely need a static IP address to run a mail
> server. For many other things though, I've managed to get by with a
> dynamic address.
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

--
-Ryan McGinnis
http://bigstormpicture.com
PGP Fingerprint: 5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD