wsenn1 at twu.edu
Mon Apr 10 00:09:03 CEST 2017
On 4/9/17 3:16 PM, Robert J. Hansen wrote:
>> I know of PGP-based WoT used in security-aware networks of sysadmins,
>> CERTs etc. I would have guessed that a significant part of the
>> audience of this list are professional/experienced/involved admins or
>> developers. But let me know why the majority of users are not.
> I've been in the PGP community for 25 years. I've been the official
> GnuPG FAQ maintainer for a few years, which has led to me getting a
> steady stream of questions from people who mistakenly (though
> understandably) think I'm GnuPG's helpdesk. I've been part of
> Enigmail's official help team for about a decade. For almost fifteen
> years I've been involved in training people in how to practice good
> communications security in hostile environments: journalists, NGO
> workers, and even union organizers. That's my background which is
> informing my answer. I'm not presenting it to argue that I'm right, but
> so you may have an estimate of how I may be biased.
> The average GnuPG user is not a technical expert. They come to GnuPG
> from somewhere else as the result of an awareness of how their
> communications may be at risk. When I addressed a crowd of United
> Electricalworkers employees, for instance, they were concerned employers
> might be snooping on private union communications.
> The average GnuPG user runs Windows.
> The average GnuPG user neither knows nor cares what MIME is.
> The average GnuPG user has a specific threat model in mind--"I'm worried
> my employer might be reading my union-related email which gets sent to
> my corporate account"--not diffuse, unfocused ideas about hypothetical
> malware that might be targeting certificates.
> The average GnuPG user understands the threat actor ("my employer", "the
> secret police", "a competing political party"), but has a poor
> understanding of the actor's capabilities or how to defend against them.
> The average GnuPG user uses GnuPG as a last, desperate, final resort.
> If they had a better avenue, they'd take it. (E.g., I pointed out to
> United Electricalworkers they could sign up for free webmail accounts
> and their union emails would no longer be on their employers' email
> The average GnuPG user is scared, and rightly so. This system is so
> eye-poppingly user-unfriendly that the userbase largely consists of two
> groups: people who have threats serious enough to warrant dealing with
> such a tool, and people who are paranoid and think they do.
> The average GnuPG user finds the system to be at the outer limit of
> their technical skill.
> The average GnuPG user is deeply interested in doing things right, but
> has no idea how to evaluate what's right. As a result they often get
> tied up in cryptographic technofetishism fed to them by others, and
> getting them to drop this technofetishism is *really really hard*.
> After all, their commitment to 16384-bit RSA keys has kept them safe, right?
> Two years ago there was a Spanish digital civil liberties convention
> called Circumvention. (They've since changed their name to the Internet
> Freedom Festival.) They thought I'd be a good resource for them, so
> they flew me to Valencia for a week. During that week I met up with
> literally dozens of technical trainers -- people who after the
> convention were going home to places like Syria, Iran, and Zimbabwe,
> where they'd be meeting with local journalists and teaching them how to
> safely communicate with the West.
> I had heartbreaking conversations with them. Without exception, every
> one of the trainers had firsthand knowledge of people who critically
> needed communications security, but who found GnuPG (and Enigmail) to be
> too difficult to use. Without exception, every one of the trainers
> wanted GnuPG (and Enigmail) to be made simpler.
> Simplicity is literally a matter of life and death.
> So when someone asks about smartcards, please, let's keep the discussion
> focused on whether they need a smartcard. Because the instant people
> think smartcards are universally necessary, we lose.
Robert et al.,
I have to admit the replies to this thread have been very informative in
ways that simple answers just never would be. Here I was trying to get
"it" "right" the first (thirty first) time, when it's clear that there's
no it or right. I am heartened by the dialog and as a result of my
reading, think that my approach will be fine for my threat vector :).
BTW, I got a yubikey4 and immediately sent it packing back to the
manufacturer after the tech support guy told me to reset the card and
try again for the second time without being able to explain why this
would help. I'm still waiting on my kernelconcepts card to arrive, no
telling if it'll work any better, but as somebody else on the thread
mentioned, it's fun trying out the cryptocandy. After reading this
thread and some other resources, I'm pretty sure having a smartcard
isn't going to make me much more secure than simply using gpg given my
apparent naivete over so much of the terrain.
On another note, while I am totally committed to better understand
gnupg, I find the bulk of available material in its domain to be
inconsistent, contradictory, sophmoric, written in faux cryptogeek, and
generally misleading. Gems are nearly impossible to find. I have read
at least a couple of dozen intro to gnupg articles that completely fail
to arrive at consensus on the fundamentals. What gets encrypted with
what keys? What is a detached signature and why might I want one?
Interestingly, I looked at the documentation in the hopes that this
might be canonical and informative:
the actual command's help:
--detach-sign [file] make a detached signature
kinda gathered... or from the user's manual:
Make a detached signature.
ok, so lemme guess, --detach-sign creates a detached signature... hmmm,
nothing about why you'd want one, or what one is good for. Let's take a
look at the uber helpful gnu privacy handbook:
A signed document has limited usefulness. Other users must recover the
original document from the signed
version, and even with clearsigned documents, the signed document must
be edited to recover the original.
Therefore, there is a third method for signing a document that creates a
detached signature, which is a separate
file. A detached signature is created using the --detach-sig option.
alice%gpg --output doc.sig --detach-sig doc
You need a passphrase to unlock the secret key for
user: "Alice (Judge)<alice at cyb.org>"
1024-bit DSA key, ID BB7576AC, created 1999-06-04
Both the document and detached signature are needed to verify the
signature. The--verifyoption can beto check the signature.
blake%gpg --verify doc.sig doc
gpg: Signature made Fri Jun 4 12:38:46 1999 CDT using DSA key ID BB7576AC
gpg: Good signature from "Alice (Judge)<alice at cyb.org>"
Better, but no mention of what keys are used in the process or why.
Also, it sounds like it's not even that useful "has limited usefulness"
and yet, detached signatures are all over the place.
Believe it or not, somebody trying to understand gpg just might like to
know that a detached signature is (or isn't, you tell me, I've seen all
kinds of descriptions) a derived hash (maybe sha512) of the plaintext of
the original document that is encrypted with the sender's private key
and which can only be decoded with the sender's public key
(theoretically publicly accessible) and therefore available to verify by
decrypting the hash and comparing it with an on-the-spot self generated
hash of the current contents. I'm not sure this is how it works, but by
reading dozens of descriptions, I think it's getting closer to reality
than "Other users must recover the original document from the signed
version, and even with clearsigned documents, the signed document must
be edited to recover the original," whatever this is supposed to mean.
I guess what I'm really trying to say is, this "system is so
eye-poppingly user-unfriendly" that it could use some good, clear,
accurate, reasonably comprehensive, accessible literature written by
folks who actually know how stuff works.
More information about the Gnupg-users