Mailing List Archive

* Stefan Vasilev via Gnupg-users:

> How would you solve this task?

With Alice having to rely on cryptography she can do in her head?
Some shift cipher and carrier pigeons. :-)

-Ralph

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

I have dealt with a similar problem in real life, as a real problem with real people.

We created a custom Linux environment, burned it to Blu-Ray, and Alice crossed the border with her Linux environment tucked into her CD player.

On the other side she acquired a laptop, Blu-Ray drive, and USB drive locally, booted into this custom environment, then flashed her BIOS and gave her drives a low-level format.

Rebooting into Linux (to reduce the likelihood of BIOS-based malware being present in memory) she used her system normally, although never touching the local hard drive. All storage was on USB stick.

Prior to departing the country she wiped the laptop hard drive and donated it to a school. The Blu-Ray disc and USB drive were physically destroyed and discreetly dumped.

I am not at liberty to say who Alice was, where she was, or why her needs were so extreme. But yes, we actually did this.


On May 3, 2021 4:24:01 AM CDT, Stefan Vasilev via Gnupg-users <gnupg-users@gnupg.org> wrote:
>Hi all,
>
>here is a little scenario. Alice and Bob needs to find a way to do
>encrypted communications globally.
>
>The task is the following: Alice needs to travel to a foreign country
>without any devices (laptop, smartphone etc.).
>
>At arrival she needs to communicate daily (no real time communications)
>
>with Bob to exchange encrypted documents.
>
>Alice is not allowed to login in any services, like her Gmail account,
>social media etc. to not reveal her login credentials.
>
>She can't use Tor, because at her destination Tor is blocked. The only
>option she has is to use Internet Cafés or public libraries etc.
>
>She is aware that at an Internet Café keyloggers may be installed. Last
>
>but not least she does not carry any notices on paper with her.
>
>
>How would you solve this task?
>
>
>Regards
>
>Stefan
>
>
>
>
>
>_______________________________________________
>Gnupg-users mailing list
>Gnupg-users@gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-users

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Ralph Seichter wrote:

> * Stefan Vasilev via Gnupg-users:
>
>> How would you solve this task?
> With Alice having to rely on cryptography she can do in her head?
Well, so to speak, this would be an option in the future.
> Some shift cipher and carrier pigeons. :-)

Ha ha, but she needs to do that over a long distance and daily.

Regards

Stefan



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh@sixdemonbag.org wrote:

> I have dealt with a similar problem in real life, as a real problem
> with real people.
>
> We created a custom Linux environment, burned it to Blu-Ray, and Alice
> crossed the border with her Linux environment tucked into her CD player.
>
> On the other side she acquired a laptop, Blu-Ray drive, and USB drive
> locally, booted into this custom environment, then flashed her BIOS
> and gave her drives a low-level format.
>
> Rebooting into Linux (to reduce the likelihood of BIOS-based malware
> being present in memory) she used her system normally, although never
> touching the local hard drive. All storage was on USB stick.
>
> Prior to departing the country she wiped the laptop hard drive and
> donated it to a school. The Blu-Ray disc and USB drive were physically
> destroyed and discreetly dumped.
Thanks a lot, this sounds very good!
>
> I am not at liberty to say who Alice was, where she was, or why her
> needs were so extreme. But yes, we actually did this.
>
Sure, I fully understand!

Regards

Stefan

On 03-05-2021 15:39, Robert J. Hansen via Gnupg-users wrote:

> and gave her drives a low-level format.

I remember from the stone age (end 1980's begin 90's) that you could
low-level format a disk with the DOS command debug by calling some BIOS
routine by assembler routines.

Modern harddisks don't allow that anymore. Should I assume that
"low-level format" in this case means something like

dd if=/dev/zero of=/dev/sdX

--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Ralph Seichter via Gnupg-users <gnupg-users@gnupg.org> wrote:
>
> * Stefan Vasilev via Gnupg-users:
>
> > How would you solve this task?
>
> With Alice having to rely on cryptography she can do in her head?
> Some shift cipher and carrier pigeons. :-)

Neal Stephenson's novel Cryptonomicon is excellent. I strongly
recommend it to anyone who enjoys reading & is interested in crypto.
Part of the plot involves a cipher that operates a bit like RC-4,
permuting an array, but the array is a deck of cards.
https://www.schneier.com/academic/solitaire/

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Sandy Harris wrote:

> Ralph Seichter via Gnupg-users <gnupg-users@gnupg.org> wrote:
>> * Stefan Vasilev via Gnupg-users:
>>
>>> How would you solve this task?
>> With Alice having to rely on cryptography she can do in her head?
>> Some shift cipher and carrier pigeons. :-)
> Neal Stephenson's novel Cryptonomicon is excellent. I strongly
> recommend it to anyone who enjoys reading & is interested in crypto.
> Part of the plot involves a cipher that operates a bit like RC-4,
> permuting an array, but the array is a deck of cards.
> https://www.schneier.com/academic/solitaire/

I remember Bruce Schneier's Solitaire. One can also use the Elsie Four
(LC4) cipher for that.

The task, however, is also communicating (daily) without logging into
any services and if

required to send larger documents, or even photos.

Regards

Stefan


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

> Neal Stephenson's novel Cryptonomicon is excellent. I strongly
> recommend it to anyone who enjoys reading & is interested in crypto.
> Part of the plot involves a cipher that operates a bit like RC-4,
> permuting an array, but the array is a deck of cards.
> https://www.schneier.com/academic/solitaire/

Please don't. Solitaire is not a particularly well-designed cipher, in
either the human factors sense or in the cryptographic strength sense.
Even Schneier himself says it's mostly of interest only as a curiosity
and not for serious purposes.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

> Modern harddisks don't allow that anymore. Should I assume that
> "low-level format" in this case means something like
>
> dd if=/dev/zero of=/dev/sdX

[puts on forensics professional hat]

Good question! The tl;dr of it is that the technique to wipe a hard
drive will vary according to the kind of technology used in
manufacturing the drive, and to a lesser extent the kind of forensics
nerdery you're afraid of.

This is the origin of the myth of the 30-odd-pass "Gutmann shred". It
was always a complete myth that you needed 30-odd passes to wipe a hard
drive. The 30+ passes were if you had no knowledge about the underlying
technology of the drive and needed to account for antique FM-coded
drives all the way up through modern SSDs. If you were thinking of
doing a 30+-pass shred, the best thing to do was smack yourself in the
face for being so foolish and then go off and read the label on your
hard drive. :)

For modern SSDs I generally recommend a single pass with random data:

dd if=/dev/urandom of=/dev/foo bs=1M

(Don't forget the blocksize [bs] parameter; it can improve speed
significantly.)

This is enough to foil the vast majority of forensic analysis. Yes,
yes, SSDs have remapping capabilities which means certain memory cells
won't get hit even if you do this, and it's theoretically possible for a
good forensics nerd to do all kinds of wild magic to pull off data you
didn't even know was there... but that kind of very high-level forensics
nerdery costs a lot of money, and few people are worth that kind of
investment.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Dienstag, 4. Mai 2021 18:47:50 CEST Robert J. Hansen via Gnupg-users wrote:
> For modern SSDs I generally recommend a single pass with random data:
>
> dd if=/dev/urandom of=/dev/foo bs=1M
>
> (Don't forget the blocksize [bs] parameter; it can improve speed
> significantly.)
>
> This is enough to foil the vast majority of forensic analysis. Yes,
> yes, SSDs have remapping capabilities which means certain memory cells
> won't get hit even if you do this, and it's theoretically possible for a
> good forensics nerd to do all kinds of wild magic to pull off data you
> didn't even know was there... but that kind of very high-level forensics
> nerdery costs a lot of money, and few people are worth that kind of
> investment.

I'd always use full disk encryption ideally with the key stored on a USB
token. Otherwise, with a very good passphrase.

And, after use, wipe the disk and destroy the token.

Modern enterprise-level SSDs also have secure erase, but, of course, you'd
have to trust the hardware manufacturer to implement it properly without any
backdoors which you probably don't want to do in the above scenario.

Regards,
Ingo

Or, for the really paranoid ;-)you can have random data on a read-only
mini cdrom,and use it as an OTP, and throw it into a garbage
incinerator afterwards.
If you are up against adversaries where this is necessary,this methods
may ultimately not help ...
=====

On 5/4/2021 at 1:19 PM, "Ingo Klöcker" wrote:On Dienstag, 4. Mai
2021 18:47:50 CEST Robert J. Hansen via Gnupg-users wrote:
> For modern SSDs I generally recommend a single pass with random
data:
>
> dd if=/dev/urandom of=/dev/foo bs=1M
>
> (Don't forget the blocksize [bs] parameter; it can improve speed
> significantly.)
>
> This is enough to foil the vast majority of forensic analysis. Yes,
> yes, SSDs have remapping capabilities which means certain memory
cells
> won't get hit even if you do this, and it's theoretically possible
for a
> good forensics nerd to do all kinds of wild magic to pull off data
you
> didn't even know was there... but that kind of very high-level
forensics
> nerdery costs a lot of money, and few people are worth that kind of
> investment.

I'd always use full disk encryption ideally with the key stored on a
USB
token. Otherwise, with a very good passphrase.

And, after use, wipe the disk and destroy the token.

Modern enterprise-level SSDs also have secure erase, but, of course,
you'd
have to trust the hardware manufacturer to implement it properly
without any
backdoors which you probably don't want to do in the above scenario.

Regards,
Ingo

I have literally never in my life seen any meaningful use case for the OTP after about 1974.

It's not part of a sensible discussion. :)

On May 4, 2021 4:46:31 PM CDT, vedaal via Gnupg-users <gnupg-users@gnupg.org> wrote:
>Or, for the really paranoid ;-)you can have random data on a read-only
>mini cdrom,and use it as an OTP, and throw it into a garbage
>incinerator afterwards.
>If you are up against adversaries where this is necessary,this methods
>may ultimately not help ...
>=====
>
>On 5/4/2021 at 1:19 PM, "Ingo Klöcker" wrote:On Dienstag, 4. Mai
>2021 18:47:50 CEST Robert J. Hansen via Gnupg-users wrote:
>> For modern SSDs I generally recommend a single pass with random
>data:
>>
>> dd if=/dev/urandom of=/dev/foo bs=1M
>>
>> (Don't forget the blocksize [bs] parameter; it can improve speed
>> significantly.)
>>
>> This is enough to foil the vast majority of forensic analysis. Yes,
>> yes, SSDs have remapping capabilities which means certain memory
>cells
>> won't get hit even if you do this, and it's theoretically possible
>for a
>> good forensics nerd to do all kinds of wild magic to pull off data
>you
>> didn't even know was there... but that kind of very high-level
>forensics
>> nerdery costs a lot of money, and few people are worth that kind of
>> investment.
>
>I'd always use full disk encryption ideally with the key stored on a
>USB
>token. Otherwise, with a very good passphrase.
>
>And, after use, wipe the disk and destroy the token.
>
>Modern enterprise-level SSDs also have secure erase, but, of course,
>you'd
>have to trust the hardware manufacturer to implement it properly
>without any
>backdoors which you probably don't want to do in the above scenario.
>
>Regards,
>Ingo

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Sounds like you're having to trust some kind of tech from the country you're going to, so with that in mind:

Buy burner phone and SIM with cash from some place where normal people buy phones and SIMs with cash. Install Signal. Done

For identification, have some code word that will be the first thing you send. Maybe even have a duress code word, too.

Now there are some places this won't work. Some places only sell phones that are pre-compromised. If you know what you're doing you can probably flash it with GrapheneOS, though that would require buying a computer, in that country, too. At some point you're probably in the "gonna be taking some serious risks no matter what" territory, unless you're working for MI6 or something.


-Ryan McGinnis

ryan@digicana.com

http://bigstormpicture.com

5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD

??????? Original Message ???????

On Monday, May 3rd, 2021 at 4:24 AM, Stefan Vasilev via Gnupg-users <gnupg-users@gnupg.org> wrote:

> Hi all,
>

> here is a little scenario. Alice and Bob needs to find a way to do
>

> encrypted communications globally.
>

> The task is the following: Alice needs to travel to a foreign country
>

> without any devices (laptop, smartphone etc.).
>

> At arrival she needs to communicate daily (no real time communications)
>

> with Bob to exchange encrypted documents.
>

> Alice is not allowed to login in any services, like her Gmail account,
>

> social media etc. to not reveal her login credentials.
>

> She can't use Tor, because at her destination Tor is blocked. The only
>

> option she has is to use Internet Cafés or public libraries etc.
>

> She is aware that at an Internet Café keyloggers may be installed. Last
>

> but not least she does not carry any notices on paper with her.
>

> How would you solve this task?
>

> Regards
>

> Stefan
>

> Gnupg-users mailing list
>

> Gnupg-users@gnupg.org
>

> http://lists.gnupg.org/mailman/listinfo/gnupg-users

Ryan McGinnis wrote:

> Sounds like you're having to trust some kind of tech from the country you're going to, so with that in mind:
>
> Buy burner phone and SIM with cash from some place where normal people buy phones and SIMs with cash. Install Signal. Done
>
> For identification, have some code word that will be the first thing you send. Maybe even have a duress code word, too.
>
> Now there are some places this won't work. Some places only sell phones that are pre-compromised. If you know what you're doing you can probably flash it with GrapheneOS, though that would require buying a computer, in that country, too. At some point you're probably in the "gonna be taking some serious risks no matter what" territory, unless you're working for MI6 or something.
>
>

Alice likes to keep the costs low and would only purchase a laptop
there, to prepare

data, prior taking it to the Internet Café's (compromised) computer.
Phones, whether

dumb or smart, she likes to avoid. But thanks for the proposal, much
appreciated.


Regards

Stefan



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Alice is an idiot if she’s trying to defeat nation-state adversaries and be a thrifty shopper at the same time, but even so, in most places a laptop isn’t going to be cheaper than a cheap mobile phone.

You really want Alice to use some public library computer for some reason, but I am going to assume Alice isn’t a complete moron and would avoid this, given there are a hundred better options that won’t result in her genitals being shocked in some dingy government interrogation room.

If you have to use a laptop then, cool, grab an ISO of Debian, install it, find the nearest WiFi hotspot, make a free protonmail account, send an email. Done.

-Ryan McGinnis
ryan@digicana.com
http://bigstormpicture.com
5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD



> On May 7, 2021, at 5:36 PM, Stefan Vasilev <stefan.vasilev@posteo.ru> wrote:
>
>
> Ryan McGinnis wrote:
>
>> Sounds like you're having to trust some kind of tech from the country you're going to, so with that in mind:
>>
>> Buy burner phone and SIM with cash from some place where normal people buy phones and SIMs with cash. Install Signal. Done
>>
>> For identification, have some code word that will be the first thing you send. Maybe even have a duress code word, too.
>>
>> Now there are some places this won't work. Some places only sell phones that are pre-compromised. If you know what you're doing you can probably flash it with GrapheneOS, though that would require buying a computer, in that country, too. At some point you're probably in the "gonna be taking some serious risks no matter what" territory, unless you're working for MI6 or something.
>>
>>
>
> Alice likes to keep the costs low and would only purchase a laptop
> there, to prepare
>
> data, prior taking it to the Internet Café's (compromised) computer.
> Phones, whether
>
> dumb or smart, she likes to avoid. But thanks for the proposal, much
> appreciated.
>
>
> Regards
>
> Stefan

Ryan McGinnis wrote:

> Alice is an idiot if she’s trying to defeat nation-state adversaries
> and be a thrifty shopper at the same time, but even so, in most places
> a laptop isn’t going to be cheaper than a cheap mobile phone.
>
> You really want Alice to use some public library computer for some
> reason, but I am going to assume Alice isn’t a complete moron and
> would avoid this, given there are a hundred better options that won’t
> result in her genitals being shocked in some dingy government
> interrogation room.
>
> If you have to use a laptop then, cool, grab an ISO of Debian, install
> it, find the nearest WiFi hotspot, make a free protonmail account,
> send an email.  Done.


Alice is no complete moron, because she can't register a free ProtonMail
account

without a phone. Or did she missed there an anonymous registration procedure

which works? If yes, then she is of course a moron. :-D


Regards

Stefan



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Protonmail only requires a phone number to send a verification “are you a real human” SMS if the IP you are registering from is a source of previous abuse.

So, like, don’t use a VPN when you do it.

Or if you’re worried about it, make the account back in your safe country before you travel to Deathistan by using a burner phone SIM or something. These are pretty easily solvable problems that don’t lead to getting your genitals shocked.

-Ryan McGinnis
ryan@digicana.com
http://bigstormpicture.com
5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD



> On May 7, 2021, at 5:58 PM, Stefan Vasilev <stefan.vasilev@posteo.ru> wrote:
>
>
> Ryan McGinnis wrote:
>
>> Alice is an idiot if she’s trying to defeat nation-state adversaries
>> and be a thrifty shopper at the same time, but even so, in most places
>> a laptop isn’t going to be cheaper than a cheap mobile phone.
>>
>> You really want Alice to use some public library computer for some
>> reason, but I am going to assume Alice isn’t a complete moron and
>> would avoid this, given there are a hundred better options that won’t
>> result in her genitals being shocked in some dingy government
>> interrogation room.
>>
>> If you have to use a laptop then, cool, grab an ISO of Debian, install
>> it, find the nearest WiFi hotspot, make a free protonmail account,
>> send an email. Done.
>
>
> Alice is no complete moron, because she can't register a free ProtonMail
> account
>
> without a phone. Or did she missed there an anonymous registration procedure
>
> which works? If yes, then she is of course a moron. :-D
>
>
> Regards
>
> Stefan

Hi,

8 mai 2021, 00:58 de gnupg-users@gnupg.org:

> Alice is no complete moron, because she can't register a free ProtonMail account
>
> without a phone. Or did she missed there an anonymous registration procedure
>
> which works?
>
I don't use ProtonMail so I can't say.

But otherwise you have Tutanota (no phone number required): 
https://tutanota.com/blog/posts/anonymous-email/

Best regards,
l0f4r0

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

l0f4r0 wrote:

> Hi,
>
> 8 mai 2021, 00:58 de gnupg-users@gnupg.org:
>
>> Alice is no complete moron, because she can't register a free ProtonMail account
>>
>> without a phone. Or did she missed there an anonymous registration procedure
>>
>> which works?
>>
> I don't use ProtonMail so I can't say.
>
> But otherwise you have Tutanota (no phone number required):
> https://tutanota.com/blog/posts/anonymous-email/

Hi,

thanks! I already found a solution by using an .onion based email provider,

with clearnet usage support. Super simple registration, where the user only

supplies a username and a password. Nothing more. :-)

Regards

Stefan


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Am 08.05.2021 um 15:04 schrieb Stefan Vasilev via Gnupg-users:
> l0f4r0 wrote:
>
>> Hi,
>>
>> 8 mai 2021, 00:58 de gnupg-users@gnupg.org:
>>
>>> Alice is no complete moron, because she can't register a free
>>> ProtonMail account
>>>
>>> without a phone. Or did she missed there an anonymous registration
>>> procedure
>>>
>>> which works?
>>>
>> I don't use ProtonMail so I can't say.
>>
>> But otherwise you have Tutanota (no phone number required):
>> https://tutanota.com/blog/posts/anonymous-email/
>
> Hi,
>
> thanks! I already found a solution by using an .onion based email
> provider,
>
> with clearnet usage support. Super simple registration, where the user
> only
>
> supplies a username and a password. Nothing more. :-)
>
BTW. Tutanota does (full???) Browser fingerprinting and they where required

to 'upgrade' their email service.

Regards

Stefan


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 08.05.2021 15:04, Stefan Vasilev via Gnupg-users wrote:

> Hi,
>
> thanks! I already found a solution by using an .onion based email
> provider,
>
> with clearnet usage support. Super simple registration, where the user
> only
>
> supplies a username and a password. Nothing more. :-)
>
> Regards
>
> Stefan
>
Those already familar with IPFS can also create an encrypted 'diary',
where the

search term for the 'diary' is a memorizeable 256bit hex key, thus
making it not

possible to guess the diary name. Thus avoiding any log-in procedures at
services

and IPFS is used around the world and for example also popular in Russia
and China.

https://ipjot.herokuapp.com/


Regards

Stefan




_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Maybe
for i in {1..9} ; do dd if=/dev/zero of=/dev/sdX ; done
just to be careful

Or /dev/urandom as if= value

On Mon, May 3, 2021, 11:14 Johan Wevers <johanw@vulcan.xs4all.nl> wrote:

> On 03-05-2021 15:39, Robert J. Hansen via Gnupg-users wrote:
>
> > and gave her drives a low-level format.
>
> I remember from the stone age (end 1980's begin 90's) that you could
> low-level format a disk with the DOS command debug by calling some BIOS
> routine by assembler routines.
>
> Modern harddisks don't allow that anymore. Should I assume that
> "low-level format" in this case means something like
>
> dd if=/dev/zero of=/dev/sdX
>
> --
> ir. J.C.A. Wevers
> PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>

This will work too and doesn't care about the type ????

https://youtu.be/wb3Xa1h_RqM

On 5/4/2021 9:47 AM, Robert J. Hansen via Gnupg-users wrote:
>> Modern harddisks don't allow that anymore. Should I assume that
>> "low-level format" in this case means something like
>>
>> dd if=/dev/zero of=/dev/sdX
>
> [puts on forensics professional hat]
>
> Good question!  The tl;dr of it is that the technique to wipe a hard
> drive will vary according to the kind of technology used in
> manufacturing the drive, and to a lesser extent the kind of forensics
> nerdery you're afraid of.
>
> This is the origin of the myth of the 30-odd-pass "Gutmann shred".  It
> was always a complete myth that you needed 30-odd passes to wipe a
> hard drive.  The 30+ passes were if you had no knowledge about the
> underlying technology of the drive and needed to account for antique
> FM-coded drives all the way up through modern SSDs.  If you were
> thinking of doing a 30+-pass shred, the best thing to do was smack
> yourself in the face for being so foolish and then go off and read the
> label on your hard drive.  :)
>
> For modern SSDs I generally recommend a single pass with random data:
>
> dd if=/dev/urandom of=/dev/foo bs=1M
>
> (Don't forget the blocksize [bs] parameter; it can improve speed
> significantly.)
>
> This is enough to foil the vast majority of forensic analysis. Yes,
> yes, SSDs have remapping capabilities which means certain memory cells
> won't get hit even if you do this, and it's theoretically possible for
> a good forensics nerd to do all kinds of wild magic to pull off data
> you didn't even know was there... but that kind of very high-level
> forensics nerdery costs a lot of money, and few people are worth that
> kind of investment.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

--
PGP Key Upon Request


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

For what it's worth if you're gung-ho about our heroine using a public library computer or something and you can't stego some info into an image for one of the image boards because you don't have any tech of your own in that country, then using a OTP to publicly post something to a pastebin that Bob is actively monitoring is probably the way to go. A OTP doesn't require any kind of tech to pull off and it's about as secure as it can get. This could facilitate two way communications as well, so long as you both know where the messages will be dropped. It's not very subtle, but it'd work.


-Ryan McGinnis

ryan@digicana.com

http://bigstormpicture.com

5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD

??????? Original Message ???????

On Saturday, May 8th, 2021 at 8:04 AM, Stefan Vasilev via Gnupg-users <gnupg-users@gnupg.org> wrote:

> l0f4r0 wrote:
>

> > Hi,
> >

> > 8 mai 2021, 00:58 de gnupg-users@gnupg.org:
> >

> > > Alice is no complete moron, because she can't register a free ProtonMail account
> > >

> > > without a phone. Or did she missed there an anonymous registration procedure
> > >

> > > which works?
> >

> > I don't use ProtonMail so I can't say.
> >

> > But otherwise you have Tutanota (no phone number required):
> >

> > https://tutanota.com/blog/posts/anonymous-email/
>

> Hi,
>

> thanks! I already found a solution by using an .onion based email provider,
>

> with clearnet usage support. Super simple registration, where the user only
>

> supplies a username and a password. Nothing more. :-)
>

> Regards
>

> Stefan
>

> Gnupg-users mailing list
>

> Gnupg-users@gnupg.org
>

> http://lists.gnupg.org/mailman/listinfo/gnupg-users