This Blog Is Not For Reading

A blog, just like any blog, only more so

  • Subscribe

  • Categories

  • RSS Bob Jonkman’s Microblog

    • New note by bobjonkman 29 November 2020
      Bread machines are great. I haven't bought a loaf of bread in about three years. If #sonTwo's bread machine has custom settings, I recommend 20 min knead time, changing the rise times (1hr, 1.5hrs, 1.5hrs) and at least 60-70 min bake time. A good recipe is 1 cup water, 2.5 cups all-purpose flour, 2 tbsp […]
    • bobjonkman repeated a notice by lnxw48a1 29 November 2020
      RT @lnxw48a1 #sonTwo texted to tell me that his in-laws bought them a bread machine. Me: Oh, cool! I was thinking the same thing, but it's beyond my current budget. They can sometimes be competitive, but I'm more of *good, you're helping take care of our kids and grandkids*
    • New note by bobjonkman 28 November 2020
      I'm near the Great Lakes (about an hour's drive from either Lake Ontario or Lake Huron, depending whether I go South or West). It was 5C for most of the day, about 40F for your USians. Apparently that's normal for this time of year...
    • bobjonkman repeated a notice by lnxw48a1 28 November 2020
      RT @lnxw48a1 About halfway through today's #YoCo ( #yogurt and #coffee ). Indoor temperature is 60°F, outdoor temperature is 30°F. Outdoor cats' water dish has about 0.5in / 1cm of ice on top. Very glad I'm not near the Great Lakes right now.
    • Favorite 24 November 2020
      bobjonkman favorited something by lnxw48a1: @vegos I agree. To most organizations, their primary concern is reach. So they congregate on big #corpocentric #socnets, even when the central corporation running things is actively hostile to their point of view. Then they're butthurt when their accounts are shadowbanned. Years ago, I tried to persuade some local Black […]
    • bobjonkman repeated a notice by lnxw48a1 24 November 2020
      RT @lnxw48a1 @vegos I agree. To most organizations, their primary concern is reach. So they congregate on big #corpocentric #socnets, even when the central corporation running things is actively hostile to their point of view. Then they're butthurt when their accounts are shadowbanned. Years ago, I tried to persuade some local Black churches and ethic-focused […]
    • bobjonkman repeated a notice by lnxw48a1 24 November 2020
      RT @lnxw48a1 https://techcrunch.com/2020/11/24/australia-spy-agencies-covid-19-app-data/ [techcrunch com] #Australia spy agencies caught collecting #COVID-19 app data #surveillance Source: https://mastodon.social/@glynmoody/105266051824700682
    • New note by bobjonkman 3 October 2020
      There's also Megablocks, the precursor to Duplo. And there are also Micro Megablocks, the same size as LEGO. The kits for Micro Megablocks were much better than the LEGO kits, making slightly larger models but using only standard bricks. The LEGO models were smaller, depending on many custom pieces specific to the kit, which were […]
    • Favorite 3 October 2020
      bobjonkman favorited something by clacke: Not only are Duplo blocks *like* Lego blocks, they *are* Lego blocks, and I don't just mean that Duplo is a Lego brand and produced in the same factory, the two systems are actually compatible.A Lego 2x2 block fits and sticks to the underside of a Duplo block, and the […]
    • bobjonkman repeated a notice by clacke 3 October 2020
      RT @clacke Not only are Duplo blocks *like* Lego blocks, they *are* Lego blocks, and I don't just mean that Duplo is a Lego brand and produced in the same factory, the two systems are actually compatible. A Lego 2x2 block fits and sticks to the underside of a Duplo block, and the nob on […]

Preparing for the Keysigning Cryptoparty, 2 Dec 2013

Posted by Bob Jonkman on 24th November 2013

Key Pair

Cryptoparty like it’s 31 December 1983!

At the next KWLUG meeting on Monday, 2 December 2013 I’ll be demonstrating how to do e-mail encryption with Thunderbird and Enigmail. If you’ve never used e-mail encryption before then bring a laptop, and we’ll create keys and learn how to use them. We’ll save the lesson with pointy sticks for another day.

For those people who already have GnuPG/PGP keys I’m also hosting a Formal Keysigning. Participants will introduce themselves, read their GnuPG key fingerprint, then anyone else is invited to vouch for that person:

Bob: “I’m Bob Jonkman, and my GnuPG fingerprint is 04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA”

Andrew: “I’ve known Bob since the early days, and that’s really him”

This is a great way to expand your Web Of Trust to include people whose keys you might not otherwise sign (because you don’t know them very well, or they only have ID issued by an authority you don’t like). With all these introductions and vouchings the chance of someone misrepresenting their identity is vanishingly small, so you can trust that the key fingerprint they read is really associated with that person.

To make this process go smoothly I’d like to have a printout of all the participants’ keyIDs, UserIDs, and key fingerprints, which I’ll distribute at the keysigning. That way you can just check off each name/keyID/fingerprint as people read them, and then sign their keys later at your leisure. But to get that printout I’ll need the public key of anyone who would like to participate in the keysigning.

If you’re using Thunderbird and Enigmail then open the Key Management window, right-click on your key and select “Send Public Keys by E-mail”, and send it to me ( bjonkman@sobac.com )

If you’re a command-line weenie then use

gpg --export 0xYOURKEYID > 0xYOURKEYID-public-key-for-YOURNAME.pgp

and send that file 0xYOURKEYID-public-key-for-YOURNAME.pgp to me (substitute your actual keyID and actual name as needed).

Of course, I’d prefer signed, encrypted e-mail, but public keys are public (so encryption isn’t necessary), and public keys should already be self-signed anyway.

Unfortunately, if you’re creating your keys for the first time at the meeting you won’t be able to send me anything now. You can still participate in the vouching process, and we’ll have an informal keysigning after the formal keysigning, where all you need to do is read your fingerprint straight from your computer and those people who already know you can sign your key.

I’m still working on the procedures for the formal keysigning; you can see the work in progress (and contribute!) on the Formal Keysigning page on the Wiki.

Thanx, and hope to see you on Monday, 2 December 2013!

–Bob, who is the Keymaster. Who will be the Gatekeeper?

The Cryptoparty keypair logo from the Cryptoparty Artwork repository on GitHub is available in the CC0Public Domain.

Tags: , , , , , , , , , , , , , , , , , ,
Posted in Crypto, email, KWLUG, PGP/GPG, privacy | Comments Off on Preparing for the Keysigning Cryptoparty, 2 Dec 2013

Cryptography and Security Events in Kitchener-Waterloo

Posted by Bob Jonkman on 9th October 2013

The months of October and November are shaping up to have some great lectures and presentations on cryptography, security and privacy.

Sheet of paper, strips of paper

Keysigning materials

Yesterday started off with an informal keysigning at the KWLUG meeting. The presentation was on the Scratch programming environment, nothing to do with GnuPG/PGP or cryptography. But a few of us exchanged little slips of paper with our key fingerprints, verified that the name with the fingerprint matched the person we knew, signed the keys, and so improved our standing in the Web of Trust. I hope that this becomes a regular part of all KWLUG meetings. The more people that participate, the more confident we can be about the validity of keys we may not have verified ourselves.

Today I attended the first UofW CSClub lecture on Security and Privacy by Sarah Harvey. If you’ve been following the news about the Snowden revelations you’ll know why security and privacy is important. The room was full of computer science, math and cryptography students, so the discussions were deep and technical.

Sarah Harvey shows a slide of Edward Snowden

Sarah Harvey shows a slide of Edward Snowden

There was a vacancy in the November KWLUG meeting so I asked Sarah if she would repeat her lecture. Let’s see what the KWLUG bosses have to say

There are more CSClub lectures scheduled, check the schedule on the CSClub site.


M-209 cipher machine

KWCrypto logo, the M-209 cipher machine

I’ve volunteered to do a presentation on Encrypting E-mail with GnuPG, Thunderbird and Enigmail, followed by a formal keysigning. I’m developing the presentation notes and keysigning procedure on the KWCrypto Interest Group Wiki that was set up after the Kwartzlab keysigning party last year. Please join me on the Wiki and the mailing list — I’d appreciate the help.

–Bob.

Keysigning Materials picture taken by Bob Jonkman and released under a CC BYCreative Commons — Attribution — CC BY license.

M-209 cipher machine by Greg Goebel used under CC BY-SACreative Commons – Attribution-ShareAlike 2.0 Generic – CC BY-SA 2.0

Picture of Sarah Harvey taken by Laurel L. Russwurm and used under a CC BYCreative Commons — Attribution — CC BY license.

Tags: , , , , , , , , , , , , , , , , , , , , , ,
Posted in Crypto, KWLUG, PGP/GPG, privacy, security | Comments Off on Cryptography and Security Events in Kitchener-Waterloo

 
Better Tag Cloud