This Blog Is Not For Reading

A blog, just like any blog, only more so

  • Subscribe

  • Categories

  • RSS Bob Jonkman’s Microblog

    • Favorite 29 August 2020
      bobjonkman favorited something by eloquence: Disturbing reports that Google Play is threatening to kick out Mastodon apps. See:https://mastodon.social/@Gargron/104763960269049818https://toot.fedilab.app/@fedilab/104765191594914330App stores have a track record of acting capriciously & are also easy targets for gov't censors (including Trump). This is why alternatives like @fdroidorg are so important for user freedom.If unfamiliar: F-Droid is a free & open […]
    • bobjonkman repeated a notice by eloquence 29 August 2020
      RT @eloquence Disturbing reports that Google Play is threatening to kick out Mastodon apps. See:https://mastodon.social/@Gargron/104763960269049818https://toot.fedilab.app/@fedilab/104765191594914330App stores have a track record of acting capriciously & are also easy targets for gov't censors (including Trump). This is why alternatives like @fdroidorg are so important for user freedom.If unfamiliar: F-Droid is a free & open source app you […]
    • New note by bobjonkman 25 August 2020
      I do like the taste of onion bagels. When the other bagels in the bag acquire an onion flavour it's a poor experience at best, almost certainly leading to the purchase of a *real* onion bagel. #AOBFS #AcquiredOnionBagelFlavourSyndrome
    • bobjonkman repeated a notice by lnxw48a1 25 August 2020
      RT @lnxw48a1 @bobjonkman @blacksam Would that still be true if you actually liked onion bagels? Asking because, although I don't eat bagels at all, it seems to me that you're probably unusually sensitive to the flavor of onion ... which would likely be the case if you disliked that flavor.
    • New note by bobjonkman 24 August 2020
      If there is one onion bagel in a bag of bagels, they're *all* onion bagels...
    • bobjonkman repeated a notice by blacksam 24 August 2020
      RT @blacksam How come no matter what flavor bagel you buy from the bakery, it's always, to some extent, an onion bagel? #bagels #onions #wtf
    • Favorite 24 August 2020
      bobjonkman favorited something by blacksam: How come no matter what flavor bagel you buy from the bakery, it's always, to some extent, an onion bagel? #bagels #onions #wtf
    • Favorite 24 August 2020
      bobjonkman favorited something by lnxw48a1: #TIL: Gravity keyhole https://en.wikipedia.org/wiki/Gravitational_keyhole and Roche limit https://en.wikipedia.org/wiki/Roche_limit
    • Favorite 31 May 2020
      bobjonkman favorited something by atarifrosch: @bobjonkman: Das habe ich heute bekommen, wiederum 2 Monate später …
    • bobjonkman repeated a notice by fsf 24 May 2020
      RT @fsf Remote education has provided an unfortunate opportunity for privacy-invading proprietary software to invade students' lives. Learn how many people are fighting back: https://u.fsf.org/32h

Preparing for the Keysigning Cryptoparty, 2 Dec 2013

Posted by Bob Jonkman on 24th November 2013

Key Pair

Cryptoparty like it’s 31 December 1983!

At the next KWLUG meeting on Monday, 2 December 2013 I’ll be demonstrating how to do e-mail encryption with Thunderbird and Enigmail. If you’ve never used e-mail encryption before then bring a laptop, and we’ll create keys and learn how to use them. We’ll save the lesson with pointy sticks for another day.

For those people who already have GnuPG/PGP keys I’m also hosting a Formal Keysigning. Participants will introduce themselves, read their GnuPG key fingerprint, then anyone else is invited to vouch for that person:

Bob: “I’m Bob Jonkman, and my GnuPG fingerprint is 04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA”

Andrew: “I’ve known Bob since the early days, and that’s really him”

This is a great way to expand your Web Of Trust to include people whose keys you might not otherwise sign (because you don’t know them very well, or they only have ID issued by an authority you don’t like). With all these introductions and vouchings the chance of someone misrepresenting their identity is vanishingly small, so you can trust that the key fingerprint they read is really associated with that person.

To make this process go smoothly I’d like to have a printout of all the participants’ keyIDs, UserIDs, and key fingerprints, which I’ll distribute at the keysigning. That way you can just check off each name/keyID/fingerprint as people read them, and then sign their keys later at your leisure. But to get that printout I’ll need the public key of anyone who would like to participate in the keysigning.

If you’re using Thunderbird and Enigmail then open the Key Management window, right-click on your key and select “Send Public Keys by E-mail”, and send it to me ( bjonkman@sobac.com )

If you’re a command-line weenie then use

gpg --export 0xYOURKEYID > 0xYOURKEYID-public-key-for-YOURNAME.pgp

and send that file 0xYOURKEYID-public-key-for-YOURNAME.pgp to me (substitute your actual keyID and actual name as needed).

Of course, I’d prefer signed, encrypted e-mail, but public keys are public (so encryption isn’t necessary), and public keys should already be self-signed anyway.

Unfortunately, if you’re creating your keys for the first time at the meeting you won’t be able to send me anything now. You can still participate in the vouching process, and we’ll have an informal keysigning after the formal keysigning, where all you need to do is read your fingerprint straight from your computer and those people who already know you can sign your key.

I’m still working on the procedures for the formal keysigning; you can see the work in progress (and contribute!) on the Formal Keysigning page on the Wiki.

Thanx, and hope to see you on Monday, 2 December 2013!

–Bob, who is the Keymaster. Who will be the Gatekeeper?

The Cryptoparty keypair logo from the Cryptoparty Artwork repository on GitHub is available in the CC0Public Domain.

Tags: , , , , , , , , , , , , , , , , , ,
Posted in Crypto, email, KWLUG, PGP/GPG, privacy | Comments Off on Preparing for the Keysigning Cryptoparty, 2 Dec 2013

Why I’m an E-mail Luddite

Posted by Bob Jonkman on 2nd October 2013

Statue of a Luddite

Luddite Memorial, Liversedge

The pervasive expectation of HTML everywhere came to light in a recent e-mail exchange:

Him: Bob, have a look at this video: LOLcats at work

Me: Did you intend to send a link with that?

Him: Yes, here it is: LOLcats at work

Me: Sorry, still no link. Remember, I don’t receive HTML e-mail…

Him: Wut? I’ve never heard of someone not receiving HTML e-mail!

E-mail was never designed for HTML; it is intended to be a plain-text medium. HTML is merely cobbled on, and mail clients have no standard way to render HTML messages, resulting in different displays on different mail programs. Some mail programs, especially those run from the command line, can’t show HTML rendered messages at all.

Although I use a graphical mail client (Thunderbird), I choose to not display HTML for two reasons:

1) Security: HTML mail can have Javascript code or other objects embedded. That’s a great way to get virus infections on your computer. I don’t want any code running on my computer that I didn’t put there myself.

2) Privacy: HTML mail that links to external images allows the owner of those images to track your mail usage: When you open the mail, how often you open it, the location you open it at, what computer you’re using, and whether you forward it to others (and then, when they open the mail, how often, their location, &c).

Not to mention that HTML messages are far bigger than text messages, especially when the HTML contains embedded images, fonts, and other stuff. Now, that’s not such a big deal with fast connections, unlimited download caps, and cheap disk drives, but it will still make a difference on small-format devices like phones and watches.

That said, if you do send me HTML e-mail, be sure to embed any images or LOLcat videos. That way I can still view them as static attachments, without revealing when, where, and how often I view them.

For more info have a look at the Wikipedia article on HTML e-mail

–Bob.

You can send HTML e-mail to Bob Jonkman at bjonkman@sobac.com

The Luddite Memorial, Liversedge by Tim Green is used under a CC-BYCreative Commons — Attribution 2.0 Generic — CC BY 2.0 license.

Tags: , , , , , , , , , , , , , , , , , ,
Posted in email, privacy, security | 1 Comment »

 
Better Tag Cloud