[Crypto-chi] Follow up on March 14 crypto meeting at PS1
Dan Massoglia
dmassoglia at gmail.com
Thu Apr 23 22:34:10 CDT 2015
A)thought you werent a big privacy person
B)sorry, you did say that and thats shit on them. You have a card and the
reader has hella perks. Play that card and receive something cool
C)Privacy torts are difficult and weak. If you want to talk more about it
email me off list
Dan
On Apr 23, 2015 10:04 PM, "ME TOO" <electromechanical at gmail.com> wrote:
> Will the photographer be creating more privacy issues?
>
> On Thu, Apr 23, 2015 at 10:01 PM, Brian Kroll <brian at fiberoverethernet.com
> > wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>>
>> Hi Me Too,
>>
>> Can you explain what you are referencing?
>>
>> //Brian
>>
>> ME TOO:
>> > I thought someone made it clear. No fucking picture!
>> >
>> > On Sat, Apr 11, 2015 at 12:10 AM, joe fuentes
>> > <joseph.fuentes at live.com> wrote:
>> >
>> >> hello All
>> >>
>> >> The problem as I see it with using POP3 and stuff like this is
>> >> that it will clutter up your hard drive. I recall whilst I was
>> >> an Outlook user, my PST file was approaching its max file size
>> >> limit. Also there were limits on the size of the mailbox at the
>> >> server side. When using Earthlink I had to delete a bunch of
>> >> files on the server simply cuz I was running out of space.
>> >>
>> >> These drove me in part to move to webmail. Plus if you download
>> >> via POP your emails to your email client, such as Outlook or
>> >> Thunderbird, the messages will disappear from the server, thus
>> >> inaccessible via webmail. The downloaded emails will only be
>> >> visible on the device you downloaded it to, most likely a PC. So
>> >> you want to see those messages from another laptop, a tablet or
>> >> smartphone - you're out of luck. You'll have to dig up those
>> >> downloaded messages on the very device you downloaded them to.
>> >>
>> >> Making things worse, if you start downloading messages to your
>> >> tablet or worse yet your smartphone, you'll max out its storage
>> >> capacity lickety split like if you use K-9 or another email
>> >> client. on my Asus phablet I'm already facing space issues and
>> >> I'm not even downloading emails.
>> >>
>> >> So for practical terms looks like open source PGP plugins may be
>> >> our only solution for now unless someone builds a secure webmail
>> >> system from the ground up that has no opt out for encryption. The
>> >> trick there for its widespread adoption is that is must be easy
>> >> to use.
>> >>
>> >> Thoughts anyone?
>> >>
>> >> Joe
>> >>
>> >> Crypto-chi] Follow up on March 14 crypto meeting at PS1
>> >>>
>> > "Whilst usingplug ins like enigmail for Thunderbird is great and
>> > everything , we need to be cognizant touhhat quite often we are
>> > using
>> >>>
>> > webmail of one sort or another."
>> >
>> > Most, if not all web-mail providers give you mailbox access via
>> > POP3, or IMAP protocols which you can use with Thunderbird keeping
>> > the content both plaintext and encrypted on your local system which
>> > is more secure then browser based applications.
>> >
>> > "Especially for those of on our mobile devices."
>> >
>> > On Android, there is K-9 Mail and OpenKeyChain-- both work quite
>> > well, but as I said in my talk mobile platforms are severely broken
>> > in many ways. I would not store my private keys on a mobile phone
>> > ever. Mobile devices are very easy to loose too.
>> >
>> > "Fortunately there are various bowser extensions that facilitate
>> > this. For gpg we can count on the following..."
>> >
>> > Counting on software that has not passed community audits by
>> > security professionals or professional cryptographers is dangerous
>> > and should be avoided for sensitive use.
>> >
>> > "Google has yet to release its own Chrome plug in"
>> >
>> > I'm looking forward to this project, however I do wonder what
>> > Google will do to continue scanning your email to serve you ads
>> > based on the content so they can make money.
>> >
>> > "It's alpha not yet ready for prime time.."
>> >
>> > Don't trust early stage software especially new crypto to
>> > sensitive needs, it may harm you.
>> >
>> > "..don't know wot's taking them so long."
>> >
>> > Strong cryptography, and good code is not a rush job as any
>> > oversight can possibly compromise the security of the project in
>> > turn your safety.
>> >
>> > "Even Windows has support for GPG through VisualGPF."
>> >
>> > "..Windows app that does key management stuff like sign, decrypt
>> > and key maintenance. It's GUI based so you don't have to use the
>> > CLI to perform these tasks."
>> >
>> > GPG4Win has a nice interface and support for Windows.
>> >
>> > http://www.gpg4win.org/
>> >
>> > "...even MS Outlook has its own GnuPG plugin. Though there are
>> > some grumblings about Outlook being closed source, I think this can
>> > overcome that objection."
>> >
>> > Just using a plug-in that is open source does not make the client
>> > less susceptible to compromise. This plug-in is also not written by
>> > Microsoft.
>> >
>> > ".. let's not forget our smartphones. Chatsecure, Textsecure,
>> > Redphone.."
>> >
>> > Yes, you should use all of these! They use strong crypto and have
>> > been audited by professionals. 10/10!
>> >
>> >
>> >
>> > All the best,
>> >
>> > -Brian
>> >>> _______________________________________________ cryptoparty-chi
>> >>> mailing list cryptoparty-chi at groups.sshchicago.org
>> >>> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>> >>
>> >> _______________________________________________ cryptoparty-chi
>> >> mailing list cryptoparty-chi at groups.sshchicago.org
>> >> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>> >>
>> >>
>> >
>> >
>> >
>> > _______________________________________________ cryptoparty-chi
>> > mailing list cryptoparty-chi at groups.sshchicago.org
>> > http://groups.sshchicago.org/listinfo/cryptoparty-chi
>> >
>> -----BEGIN PGP SIGNATURE-----
>>
>> iQIcBAEBCgAGBQJVObIcAAoJEFjBjkteF9VaPNcP/2ZF13qlzmH25/cRa+fdwK1G
>> NJXJO4/asUNr9qk0Bxcx92aFiTzLd+h0CYwGMleusW+He5DnJ7pmGO+we4pG8/1a
>> /DjIoc1I8f/44gjxHAHqfzhcidPeeLW/dKkJ5vTrCVm21zAUE6Vkry9RgV5cbAJA
>> O/3PnbQd6tBWDdj/iXjcz5XsNIkUZ+kxgjIYI4FxWZKHIASFV4kKacZRxSTBqm22
>> WwU3pa5JmI7uV7NBIBYybfwBCzZwKQfM0W4wMatxoB+J8GQCrj6ynuevzIV0rG2n
>> P/9Jx3RZOL3snvKbomDP0e3MXv6F/4gVSio5y6luHmWoTe9m+GqPYEfjDhhm4d2Q
>> p47ADDIFEVWXpjfQB72NS/+Gro20mRfstuknL+C82IzMMSX3/yxGBV6gx7ySKJZL
>> lkgSCySRkNdCWxQEWrfijq/FNjeVJYtoV7iNfaFte+Im4gsYBYUf2rcYxw1GLzAY
>> qBJEXyrQhlEhhqNHeRr88i4KaxJIUdKpXX/aGg3O7Y4PM9E0xSxks4wVj3tOjvUf
>> c6ajlswU18UWIs3QUniahmryPxbNxFKpWeZt6LyrmnLQNmPM3B0lskQtyUw9EiQU
>> TZ9MCIh5U63ZqPfwzf4RjRD/jNdB1D7dPE8LdTbybKCcIZPDzbcf8QyE0aqZVwah
>> rpRONoYe5Ha9yvN2tKsr
>> =mecl
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> cryptoparty-chi mailing list
>> cryptoparty-chi at groups.sshchicago.org
>> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>>
>
>
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20150423/7884bd0b/attachment.html>
More information about the cryptoparty-chi
mailing list