Comment Re:I use GnuPG (Score 1) 309
claws-mail
claws-mail
I now use webmail almost exclusively (when using PCs) and/or any number of different mobile device clients to get to my email. I don't even know how I would approach trying to set up an encrypted email system that works on 'everything' from webmail on PCs at home and at work to my ios tablet to my android phone to my girlfriend's macbook.
This is what IMAP is for. Just access your gmail over IMAP as the nerd gods intended with multiple gpg-supporting clients on multiple devices. Even if you don't use gpg, using gmail over IMAP is the way to go, you don't get the ads that way.
so it will work equally well from your home desktop machine and from a random internet cafe machine and from a web only terminal in an airport.
And yes it is insecure and fundamentally broken from a security point of view - that's the point being made.
Well, one can always use a gpg supporting mail client on an android device so that one doesn't need access mail insecurely over a web kiosk or internet cafe.
While I did generate at my first gpg key on a PS2 Linux kit, that's a serious edge case there with that vita statement, tepples. There ARE clients with gpg support for Android.
While the "user popup overlay thing" we usually get doesn't have the field to upload the key, I recently discovered you can upload them if you use this URL, which gives you the field to put it in.
I think Mail.app interfaces with OSX's built in "passwords/keys/keychain" feature to generate an S/MIME key if you don't want to use one of the comodo freecerts.
I don't use GPG to encrypt my email, for example, because nobody I know has anything installed capable of decrypting is or even verifying the signature.
I always sign my mail and follow a couple of mailing lists where gpg usage is not uncommon.
Sorry, I rambled on a bit there, but the point is, there's no real support or infrastructure for this kind of encryption.
Well, it's "some" better. The gpg4win download contains everything a windows user needs because it includes the windows version of claws mail, which has gpg support built in; the windows version of Kleopatra and GPA, two GUI's for gpg.
And the gpg4win documentation is "somewhat" better than it used to be. At least the PDF version is,
http://wald.intevation.org/frs...
the HTML version still has sucky navigation:
http://www.gpg4win.org/doc/en/...
It's not built into the applications that people already use, so they have to get multiple plugins, and then other supporting files for those plugins.
Thunderbird really needs gpg support built in by default, like claws mail does. Technically the gpg support in claws-mail is also a plugin, but the plugin is included by default.
It's just a mess before you even get to key management, and there's not really a good, iron-clad key management system.
I'm not sure what you mean by that? But yes, it's not optimal on Windows. For us Linux users it's much easier because gpg is usually installed by default and every thing we need is a "yum install" or "apt-get install" away
Since the parent was a Linux user (obviously since they mentioned Kmail), I didn't feel the need to do a complete step by step detailed tutorial.
besides, doing either:
[code] sudo apt-get install seahorse claws-mail thunderbird -enigmail kgpg[/code]
or [code]sudo yum install seahorse claws-mail thunderbird-enigmail kgpg[/code]
Really isn't that hard. Just found out GPA isn't deprecated, updated version is available...it's not in the Fedora repos though.
Oh I know, I'm a long-time slashdotter
I must be getting old when 7-digit UID"s are long time slashdotters. Get off my lawn! Hot Grits! CowboyNeal! Beowulf Clusters of Libraries of Congress!
Especially since I think those books are terrible. They are about as representative of BDSM as the average Pentecostal service is and the writing is terrible too. Seriously the sentences read like the comments on a facebook post about a middle-school cheerleading competition, only with more spelling errors.
The reason for that is obvious when you know that 50 Shades of Grey started out as Twilight fan-fiction.
The Fifty Shades trilogy was developed from a Twilight fan fiction series originally titled Master of the Universe and published episodically on fan-fiction websites under the pen name "Snowqueen's Icedragon".
- Crypto doesn't play well with webmail
- Find a way to make it work with webmail.
It does already work with webmail, if you use a proper e-mail client to access your webmail, which is what people should be doing anyway.
If you want to use crypto in GMail then you have to cut and paste and clearly it's too much effort.
You don't have to cut and paste...if you access your Gmail with a real e-mail client over IMAP or POP3, which is what you should be doing anyway...no advertisements that way.
What is holding adoption back is webmail. Until someone comes up with a really good solution for webmail
The solution is to use a proper e-mail client with your webmail service. I use gmail but I use it via IMAP with a real e-mail client.
I was saying all this 14 years ago.
FOSS Encryption is a mess. It is basically impossible for a regular user to set up encrypted mail.
I'm an expert, and I never even managed too. (The K-Mail crew basically lying about their GPG-features didn't help back then)
First things first, there are easy button ways to create your keys. I used GPA for my first key, but that's deprecated/no longer used. We have KGPG and Seahorse now. (Seahorse might be the Passwords & Keys application in your menu)
But it's not that hard to do it on the command line. All you do is:
[code]
gpg --gen-key
[/code]
Then follow the prompts/instructions, which are actually fairly clear with reasonable defaults.
Then you need an e-mail client with good support for it. I personally recommend either Claws-Mail or Thunderbird with the Enigmail plugin. Then you follow their details on how to set up the e-mail client for gnupg.
I'd like to add that I hate PGP signatures in email messages, too.
For one, the operating systems and apps do not treat keys and sigs as first-class objects; they always end up looking like inlined ASCII barf,,/quote>
pgp-mime is supposed to be preferred over pgp-inline, at least for e-mail/newsgroups.
or little text files that have no informative icon + tooltips or associated apps.
For the e-mail client I use, they do have a little key icon and a tooltip that says
Type: application/pgp-signature
Size: xxx
Description: OpenPGP Digital Signature"
No application is assigned to them though, but I don't really need it in my e-mail application.
PGP isn't a standard
It most certainly is:
RFC 1991, 2440, 4880, 5581, 6637, 2015, 3156
http://en.wikipedia.org/wiki/P...
The e-mail client I use has gnupg support by default.
Old programmers never die, they just hit account block limit.