[ / / / / / / / / / / / / / ] [ dir / baphomet / caos / islam / leftpol / mai ]

/pol/ - Politically Incorrect

Politics, news, happenings, current events
Winner of the 62rd Attention-Hungry Games
/eris/ - Wherein Is Explained Absolutely Everything Worth Knowing About Absolutely Anything.

November 2018 - 8chan Transparency Report
Name
Email
Subject
Comment *
File
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Embed
(replaces files and can be used instead)
Oekaki
Show oekaki applet
(replaces files and can be used instead)
Options

Allowed file types:jpg, jpeg, gif, png, webm, mp4
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 5 per post.


Proudly judenfrei since 1933 & voted "best summer camp counselors" of judenrein '39

File: c6781f0214ea76f⋯.png (18.7 KB, 1040x315, 208:63, gpg4win_1[1].png)

2e9278 No.11497528

Ok /pol/. I will now teach you how to communicate political/controversial information securely. The /pol/ approved way. And I will keep it as simple as possible and restrict myself to windows users only.

Guide 1: How to encrypt files with military grade security:

Step 1:

Install gpg4win : https://www.gpg4win.org/

Step 2:

Create a PGP pair in the software:

When you have installed gpg4win, you will see the Kleopatra window up and running. Create a PGP-pair there with any name you like, and an optional email (email not necessary). You will be asked to put in a password for your keypair. Enter a fairly secure password, doesn't need to be super advanced, since this password is just used as an extra layer of security. (Don't forget your passphrase, or else you wont be able to edit your keypair)

Step 3:

Publish the PGP Pair:

You will now be asked to upload your public key to a server. Do so.

Step 4:

Now you have generated a so called fingerprint. People will encrypt files using YOUR fingerprint, and only YOU can DEcrypt them, if they have been encrypted with your public key.

Step 5:

Share your fingerprint to people. Once they have encrypted their file with your fingerprint, they can share it with you. Sometimes fingerprints are also called KeyID.

Here, try adding my KeyID:

Go to File -> Lookup on Server

Then find the KeyID:

2B0983DA

You will see a user called "polly" since I created the keypair just now.

You are now capable of communicating securely.

(>Talking about OpSec while using Windows 10)

224190 No.11497534

Mods should ban all enciphered posts, as it will turn out to be (((FEDS))) sharing CP or other illicit material, in order to get the site axed.


224190 No.11497537

Also be advised, if you add your email address to a public key, that will be visible to all recipients. Not sure what OP's intentions are, but it could be an attempt to have you leak out information you didn't intend.

>Use a VPN

>Scrub EXIF data on all images you upload


4e9355 No.11497550

>communicate securely

>use windows

Hate to use a stale meme, but…

Pick One


2e9278 No.11497553

File: f4302c0bc219a41⋯.jpg (23.61 KB, 353x245, 353:245, polly_verified.JPG)

>>11497534

The encryption doesn't have to be used for sharing files, it can be used as a signature as well. Let me show you.

The following text proves I made this post. To validate this, just paste everything below into PGP and validate the user.

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Hello this is my

—–BEGIN PGP SIGNATURE—–

iQEzBAEBCAAdFiEE7KpQniiqjCJ6shDtrrS6sCsJg9oFAlrU75EACgkQrrS6sCsJ

g9qWbggA2U4gOap94OkdOvw2vvuzISvZOYgdi/yX/oDLoZBMCMD+3zIH5ApnWb/L

mufOAJqwUM1rGry0A1ISEDnj189T7qN1c/PfFzvsC7BiKAoWMMGTCWCepUp1sQgk

LHdhIYAIOOSffrHpHHfZ/fJbgYnVNyPUOI/qzbX1TDX4Gh34E2gvnE4wL+f09TId

i9vN/eLXcTBFMs5J9lnbzAaU4cpWYdYb28oCsBCHPthzgAzA1acKIu75wjuSM2F6

xgjyPGxiFnktmsKpZimgFofzDARrQrpr/89+inXIkzYRfm7nQjYhnnrpwB9aLNAS

w5sYYHLO5/tEZh4Rg+nEEbatp6CC3A==

=j3Rv

—–END PGP SIGNATURE—–


4afc12 No.11497575

>>11497534

amazing first post we should ban all discussion of encryption, ban tor, ban vpn's, ban discussion of any of these, and 8ch should force logins with email and phone verification, and block non-google email domains for the verification, and block all voip numbers and all phone numbers that aren't from the big 4 carriers to make the login verification even more better, it should be linked to facebook and Jack Dorsey aka "@jack", who lives at 830 El Camino Del Mar, San Francisco CA, is a child rapist, murderer and cannibal. twitter accounts too because they are great in identifying their users and making sure there aren't any bad goys who would damage their sites.


fbeb1d No.11497581

>>11497553

Today at school, the teacher lady taught us PGP encryption. And now I feel like I have to tell everyone about it because it makes me sound smart. I use Windows, I don't talk about recommend key-sizes, or offer any warnings about leaking email addresses. I am very smart!


2e9278 No.11497603

>>11497537

You don't have to publish the public key to the server. You can just save it and send it anyway you want to any recipient. The public server is just convenient. And yes of course a VPN is very important if you want to have secure communication.

>>11497575

Whats good with this method is that you can verify yourself anywhere over any social media without ever having to register. You just give them the PGPSignature, and they will know it is you who made the message. It's a very powerful thing to know.

I suspect that in the future everyone will be using PGP signatures, since it gives them more control over their own privacy. You yourself can decide when your PGP expires. Something datamining companies such as facebook and Jack Dorsey aka "@jack", who lives at 830 El Camino Del Mar, San Francisco CA, is a child rapist, murderer and cannibal. twitter will never allow you.

>>11497581

The minimum blocksize in this specific software is 2000+ and maximum of 4000+ bits RSA. Which makes it safer than gmails own key blocksize, which is at around 1000+ bits.


fbeb1d No.11497638

>>11497603

The email address will is included in the public key. That's the part anons have to be careful about, because they may post that to a sensitive board such as /pol/


3e609b No.11497650

>>11497528

PGP encryption is only useful when there are preexisting trust relationships (verification), or for encrypting messages to a pre-known audience. Both of these are orthogonal to the way in which anonymous image boards operate, not sure why you posted this here OP.

In the event two anons wanted to have a secure conversation in a thread, it would be better to do a DH exchange and then regular symmetric encryption.


000000 No.11497696

For some magical reason many anons seem to believe and often state that:

>VPNs anonymize you.

They don't

They are useful when you want to deceive IP-based restrictions. You are also anonymous to most low level actors. But when it comes to NSA or national intelligence agencies with a multibillion budget, you can be absolutely certain that a whole lot of those free or paid VPNs are ==honeypots==. A few millions per VPN service is a tiny fraction of 100 billion dollars!

Secondly, when you see some CIA shill post:

<i is comit crime, fuck dat injustice!

be sure not to take the bait and mimic his behaviour. It's often used to jail anons or blackmail them into becoming a "informants".

(can someone post this as a new post?)


000000 No.11497850

>>11497581

I especially liked the meant to be subtle "I…I'm a girl :3" part.

>muh "polly".


bc4012 No.11497863

>>11497528

Will this run on Wine, in Linux?


000000 No.11497870

>>11497863

Linux has its own toolset for creating, managing and using PGP.


bc4012 No.11497876

>>11497870

I've never done this before

would like to do it in Linux


886eb4 No.11497901

>>11497876

ease of use

>Linux Mint

baby first non-systemd

>http://www.gnu.org/distros/free-distros.html

>cross-reference with distrowatch to see whichever on that list DO NOT have systemd

time for advanced

>Slackware

>or maybe Gentoo if you're feeling froggy

ULTIMATE TIER

>Linux From Scratch (LFS)


bc4012 No.11497909

>>11497901

I'm running ubuntu right now

will that make a difference?


886eb4 No.11497910

>>11497901

>baby first non-systemd

>http://www.gnu.org/distros/free-distros.html

>cross-reference with distrowatch to see whichever on that list DO NOT have systemd

I'm thinking gnewsense, triskel, or pureos

Anything that's Debian-based (Mint, Ubuntu, etc) tends to be easy & good


886eb4 No.11497919

>>11497909

2 problems

systemd (not necessarily an issue if youre not a super-spy)

ubuntu spyware (mainly for advertising)

https://www.gnu.org/philosophy/ubuntu-spyware.en.html

That's why I use Mint. And why I'm learning Slackware.


bc4012 No.11497950

>>11497919

ok

I see what you mean

BUT

the article says:

>Ubuntu allows users to switch the surveillance off. Clearly Canonical thinks that many Ubuntu users will leave this setting in the default state (on). And many may do so, because it doesn't occur to them to try to do anything about it. Thus, the existence of that switch does not make the surveillance feature ok.

I'm looking into this right now…

Next laptop will be mint. I guarantee that.

I just need to find out if the Intel Celeron Processor N3060 is pozzed - as in if it has / doesn't have that back door for the NSA bullshit. Laptop for $150.00, take out HDD, upgrade RAM, Drop in an SSD - Voila!


bc4012 No.11497973

>>11497553

>>11497528

FYI, gpg4win doesn't want to install using the windows installer in Wine/Ubuntu


bc4012 No.11498044

I'm trying it with Kleopatra in Ubuntu, but I am having trouble…


855e81 No.11498045

>>11497696

I'm pretty sure GCHQ has oversight over mine (based on where it's located) but I'm not into CP or terrorism. Just avoiding (((nuisance))) anti-free speech type.


bc4012 No.11498071

>>11497528

Need a server


bc4012 No.11499038

I can't seem to make it work




[Return][Go to top][Catalog][Nerve Center][Cancer][Post a Reply]
[]
[ / / / / / / / / / / / / / ] [ dir / baphomet / caos / islam / leftpol / mai ]