> what do you guys think ... i consider that a contradiction, and stupid one.
A better alternative would be a PGP browser addon, which I think already exists (but I'm too lazy to check on). Granted, you still have to trust your browser/addon maker to a certain extent, but presumably if you're looking for web based mail encryption, you already do.
Certainly does: firegpg
On Mon, 13 Dec 2010 16:57:52 +1300 firegpg is the only way I can get friends and family to communicate with me securely. I don't even know what the interface looks like, but it does work (apparently). -- end
Is there a light at the end of the tunnel somewhere to make email secure even for amateurs who don't know how to use PGP? I'm very curious about the future of email, especially now. I would like to hear opinions of OpenBSD wizards. The thing is that it is very hard to persuade someone to use PGP all the time.
On Tue, 14 Dec 2010 23:06:49 +0100 yes, as strange as it sounds, the solution is called education.
Well, since Egypt we know that it's not going to happen.
On Tue, 14 Dec 2010 23:33:13 +0100 btw, you top top-posted on purpose to make your point, didn't you?
On Tue, 14 Dec 2010 23:33:13 +0100 egypt what? lots of goverments are working hard on getting darwin back into our daily life. too weak or stupid? you die. some people have the patience to teach, others don't. old people miss the cuteness factor of children, but still... everybody should have experienced how satisfying it is to see senior home inhabitants starting to teach "the internet" to others once they got it. what really stands out is, that they don't expect all the girls on a social networking site to have to show them theirs because they uploaded a photo of theirs. :)
On Tue, 14 Dec 2010 23:06:49 +0100 it is very hard to persuade someone to use PGP in the first place, and even harder to believe they have a secure machine. Sometimes you may find encrypted pdfs are an easy solution but then if they're running adobe reader or worse flash then they're almost guaranteed to have had a known exploit every week for the last.... I'll let you know when they stop. Of course you could say similar about firefox, but the exploits are rarely as bad. A graphical and simple (probably impossible) OpenBSD browser, would really be something, but now I'm just dreaming. On the other hand, the fact it is hard to get someone to use gpg may mean that if they do then you can trust them to a higher degree than if it was already setup for all users. You can use gpg to securely talk to yourself, of course.
I have a great experience with Pidgin and OTR. Even a child could handle the first authorization after a simple installation of OTR plugin. A lot of my friends use it now, because I have encouraged a little paranoia in them. However, it's not email though.
On 14/12/2010, Kevin Chadwick <email@example.com> wrote: </snipped> xxxterm should fit that description. hth Fred (Sent from xxxterm :~])
no disrespect to marco, but it's nothing more than a (lighter than usual) shim around webkit. it's just like safari, chrome, midori, arora, etc., wrt files it will try parsing and the attack surface so exposed.
I thought that the point about xxxterm was nice keybindings, a nice configuration file and some keyboard free interface...
PGP has gotten easier with various front ends. Take a look at GPG Made Easy for an example of simplifying the library calls for application access to PGP encryption. jb
Typing "pgp --make-it-safe" or clicking a button has never been the hard part. The key management and trust clusterfuck is the hard part. Kaminksy's "DNS is the root of all certs" approach looks promising, so I think there's a chance we'll see real progress within ten years.
Dan Kaminsky (http://dankaminsky.com) has been working on "Domain Key Infrastructure" bootstrapped of of dnssec that looks pretty interesting. I'm not sure where the video is for this talk (it was at blackhat/defcon 2010), but I found the slides.. http://www.slideshare.net/dakami/phreebird-suite-10-introducing-the-domain-key-infrast...
On Tue, 14 Dec 2010 16:38:54 -0800 he is not the only one doin keys via dns(sec). verisign had a reason to sell their ca-buisness when they did.
|David Brownell||Re: build #337 failed for 2.6.24-rc1-gb1d08ac In function `usbnet_set_settings':|
|Eberhard Moenkeberg||Re: OT: character encodings (was: Linux 2.6.20-rc4)|
|Matthew Garrett||Re: 2.6.25-rc6 regression - hang on resume [Bug 10319]|
|Andy Walls||Re: [PATCH 11/32] v4l/cx18: update workqueue usage|
|Thomas Gleixner||[patch -mm 19/28] x86_64: Use generic cmos update|
|Mark Junker||git on MacOSX and files with decomposed utf-8 file names|
|Pat Thoyts||[PATCH] git-gui: use themed tk widgets with Tk 8.5|
|Michael Witten||Re: 'git gc --aggressive' effectively unusable|
|Johannes Schindelin||Re: error: cannot lock ref 'refs/remotes/origin/*'|
|Jonathan Nieder||Re: [PATCH v2] git-send-email.perl: fix In-Reply-To for second and subsequent patc...|
|David Miller||Re: [PATCH 32/53] netns xfrm: finding policy in netns|
|Jean-Louis Dupond||Re: tg3 driver not advertising 1000mbit|
|Jan Engelhardt||[PATCH 1/3] net: tcp: make hybla selectable as default congestion module|
|Matt Mackall||Re: [regression] nf_iterate(), BUG: unable to handle kernel NULL pointer dereference|
|Eric Dumazet||Re: HTB accuracy on 10GbE|
|Linux Kernel Mailing List||V4L/DVB (8018): Add em2860 chip ID|
|Linux Kernel Mailing List||[ARM] unconditionally define __virt_to_phys and __phys_to_virt|
|Linux Kernel Mailing List||ixgbe: fix automatic LRO/RSC settings for low latency|
|Linux Kernel Mailing List||ipv6: fix an oops when force unload ipv6 module|
|Linux Kernel Mailing List||3c515: convert to net_device_ops|
|Samuel Baldwin||Re: Forum engine|
|Robert||disklabel - cylinder rounding|
|nixlists||Re: Which laptops do the developers use?|
|Claudio Jeker||Re: OT: Python (was Re: vi in /bin)|
|L. V. Lammert||OT, .. but has anyone seen a crontab editor|