gpg "simplified"?

[Faramir]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

El 22-08-2012 14:59, peter.segment at wronghead.com escribió:
> Thank you for your comprehensive comments,

  You are welcome, lets add more comments.

> On 22/08/12 03:16, Faramir - faramir.cl at gmail.com wrote:
>> I think you are wrong about that. All the user needs is a
>> properly configured portable install of GnuPG (and very likely,
>> an easy to use GUI, because if Allice can't understand WOT,
>> probably using CLI won't make her happy at all).
> 
> FWIW, this is not our assumption. Alice is far from a "computer 
> illiterate" and such simple CLI interaction is for her a trivial 
> exercise.

  Clicking a couple of buttons on a GUI usually is easier than
remembering a command with 1 or 2 options plus 2 or 3 parameters.
Selecting a recipient from a list is easier than remembering and typing
the ID of the recipient. I'm not computer illiterate too, but a lack of
GUI would make gpg usage very uncomfortable for me.

> GPG is on the other hand so tightly integrated with WOT that no
> matter what, it is unavoidable that any user will sooner or later
> stumble upon some of WOT anatomy or physiology minutia, and that
> will have at least one of two rather detrimental consequences:
> 
> a) with insufficient knowledge of the WOT model, Alice will take a
> "wrong turn" and therefore impact the overall security of the
> group;

  Yes and no. If the group manager configures the software, and Alice
doesn't modify config files, GPG should prevent her from taking wrong
turns. Getting people's public keys is easy, but making GPG to accept
them as "valid" keys is not that easy. You need to either sign them, or
to modify config file to skip GPG's decision. There are several WoT
models available, and if the Group Manager chose an strict one, and
Alice doesn't sign keys or modify the config file. It is possible to
remove Alice's primary key from her keyring, so she can't sign other
people's keys, even if she wants to.
  In other words, if the software is properly configured, taking a wrong
turn would require parking the car and using a wrench to remove the
guard rail. So Alice would not take a wrong turn by mistake.


> b) Forced to deal with things she doesn't fully understand, Alice
> will lose the confidence in the security the system provides.

  Since she is already going to use security software on unsecured
computers, I don't know how much confidence she should have on it, but
that is another matter.


> The second point is worth elaborating upon. Somewhere else you
> say:
> 
>> Allice doesn't need to know what it does...
> 
> and:
> 
>> Then the end user will never have to bother about what is a WoT.
>> GPG and the group manager will handle that part. End user just
>> need updated public keyring.
> 
> This thinking pretty well follows the contemporary computer
> security dogma: the user need not understand any of the underlaying
> concepts, the user just has to trust whoever has designed and
> implemented the system.

  Well, it was you the one that said Alice doesn't have the time to
learn about WoT and other stuff. I tried to say GPG can be configured to
don't let her make wrong decisions (she can't take wrong turns). But
that requires Alice won't attempt to disable safety measures, because if
she does so, then she will be in a road with a lot of possible turns
with banners she doesn't know how to read.


> In our case, that is simply wrong. Alice is no fool, Alice is
> (probably) a medical or technical professional, Alice is reaing the
> papers, Alice knows that computer security is full of holes, and
> unless she, herself, has a reasonable knowledge of the system upon
> which ~her~ security depends, if in doubt, she will respectfully
> decline to participate in the activities of the group this system
> is supposed to serve. What she doesn't understand *is a liability*.
> Not all liabilities can be avoided, but they certainly must be
> minimized. It's not to say that Alice must be proficient in the
> design of crypto algorithms, but she ~must~ understand and have the
> confidence in data formats and the protocols.

  Well, considering she will be using insecure computers which no amount
of encryption can make safe, maybe she should respectfully decline to
participate in the activities of the group.
  The configuration Robert suggested to you means the WoT is reduced to
"keys approved and provided by the Group Manager". Any other key Alice
might find would be considered as "invalid" and the software would
refuse to encrypt messages to those keys. In other words, there is no
WoT, there is a vertical single-link chain of trust, because the only
person that can add keys to the allowed recipients list is the group
manager.


> Alice (in the most common usage scenario) carries with her a USB
> stick that has no file on it that, unless it is broken
> cryptographically, is anything other than a stream of random bytes.
> The three (or a single)

  In other words, her USB stick must look like an unformatted storage
unit? If that is the case, no GPG based software can do that. Whatever
software you use to encrypt files will produce FILES as output. And
files can be seen when they are stored in a drive, even if you can't
know what is that file about.
  What you would need is an encrypted drive, that can make an USB stick
to look as empty, without even a filesystem on it. But that would be
suspicious by itself, because USB sticks come formatted from the
factory. If you want that USB stick to look like it is ready to receive
files, but otherwise empty, and filled with random bits (but full of
information if you enter the right password), then I don't know of
anything capable of providing that capability.

  Truecrypt can encrypt the whole USB drive, but as I said, each time
you plug it on a computer you will get the message "the drive doesn't
have format, do you want to format it now?". And also, you can't run
truecrypt portable on a computer if you don't have administrator rights.

> programs that we are considering here are either downloaded from a 
> public web site and jettison after the use, or are on a CD that is
> not in her possession when she is in any danger of being confronted
> by an adversary.

  There is also a risk in how you jettison those programs. Currently
even "secure wipe" is not guaranteed to work, maybe you can corrupt the
files, but some parts may remain. To make sure nothing can be recovered
from a drive, you need to encrypt it before adding files to it.

  If Alice will get a CD with the program files on it, then that CD
can have a "live CD" operating system on it, plus truecrypt (to mount
the encrypted USB drive), and GPG (you can place encrypted files
inside an encrypted drive, in case you later want to send them as
email attachments or whatever). But the USB drive will still look
suspicious, even if nobody can prove there is something inside it. If
you decide to use Truecrypt, you must also be aware you can have a
hidden (and also encrypted) partition inside the encrypted partition,
and if the adversary is also aware of that, he can request Alice to
show what does she have in the hidden partition, even if she has not
created one. Nobody can prove there is a hidden partition, but you
can't prove you don't have one, so beware of bamboo needles.

  So far, unless Alice doesn't care if she is caught carrying an USB
drive that mysteriously lost its file system, or that has mysterious
garbage files inside, I think the requirements of the software are not
feasible.

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJQNyVVAAoJEMV4f6PvczxANT0IAJSMI6ss6Bw7gOdf+aGPZDTF
R0U9jo59ZmFY/mZFJAhrqq9UyzBPCqGkyo9xSyL4Bh3vmhwk4dgMYpr4Pt0Sq2Rc
HPjHrUqYk7bMGbrGsfrKuX9mIYa+Pkz7EMogtbbt16b81j6Z7db1EPeWBtVG+XBU
+za0llqBLmDmcuA4xifUe459d5WPRNG0I1xl+UztPMMviGxD3G7ACFkeFC0gaRwQ
4Jc6eiKb4gLnzx4Kt+PRh30f++ZyWdqu8KDgOBG92/uZsxPMwqHjw6sUZ1BR4nln
CbSCck3CtD1b1P2Rlw+AHr9pWEu/IZ7nyxJOUgRnuehZaRXi3S9CswDuN91jA70=
=HZdF
-----END PGP SIGNATURE-----