GNU Privacy Guard is a implementation of Pretty Good Privacy. A signature is a statement saying (with very good reliability) "the person who owns this private key (and knows the corresponding password) is the only person who could have generated this" (signature).
There are two keys - a private key and a public key. You can use Hotwheels' public key to verify that the signature on the file was signed by his private key.
Assuming you are on Windows, you want to go here.
Those of us in the Linux & BSD worlds have GPG already installed.
The most common uses for GPG signatures are email (where there are 4 keys involved) and signing of installation packages (so that you can tell if the file was altered)...but a statement saying "I wrote this, it's me" is not uncommon.
Kanske bättre att ha frågat på /r/swedents. Hur som helst!
Ladda först ned TOR browser bundle. Använd den webläsaren när du ska handla lördagsgodis. För att dölja dina virtuella spår.
Gå sen över till /r/DarkNetMarkets och ta en titt på länkarna i sidebaren. De har lite info för de som inte gjort detta tidigare samt en lista över olika markets. Läs riskerna de noterat vid vissa markets.
Silk Road 2 är nog den största: http://silkroad6ownowfk.onion/login
Notera att SR2 är lite shady. De blev hackade för ett tag sedan och förlorade användares bitcoin. De har betalat tillbaka det sedan dess, men hela grejen var lite... Sedan ska man vara försiktig med alla markets. SR2 har dock flest svenska säljare. Jag rekommenderar att du köper inrikes för säkerhets skull.
Alla betalningar sker med bitcoins. Så ifall du inte vet hur det fungerar har du ännu en sak att lära dig. Förvara inga bitcoin hos en market. Förvara dom i en privat wallet och skicka endast den mängd som behövs för varje beställning till din market.
Vid beställning krypterar du meddelandet med mottagaradressen, via teknik som kallas PGP. För Windows laddar du bara ned Gpg4win och använder programmet GPA. Tycker personligen det är enklast iaf. Du kan enkelt kolla upp guider för hur man använder det.
Kan kännas som mycket att lära sig till en början, men det är egentligen busenkelt.
oh yeah, now all idiots run and register account at ProtonMail because "Paypal is bad, Paypal against them, they must be good". Three nice photos of honest looking guys on the main page and sheep runs into the barn
Reminds me of hushmail.com that eventually sold everybody out.
Why on earth you just don't encrypt gmail yourself??? ~~Just install https://www.mailvelope.com extension for Chrome~~
Or even better - bitmessage
Update: apparently mailvelope private key can be easily requested by police via FISA request https://forensic4cast.com/2013/09/gmail-and-mailvelope-leakage/
A, B & C might be EZ, but they are not secure.
They are 3rd party sites that can collect and store your unencrypted messages.
Don't use them!
Download and install GPA from here: http://www.gpg4win.org/
Guide:
http://www.deepdotweb.com/2013/11/11/pgp-tutorial-for-newbs-gpg4win/
From a Linux or Mac shell (which I am more familiar with). Install gnupg, it's in all the major repositories on linux systems and should be in the macports or whatever repositories (if in doubt, google it) Fist make a key (if you don't have one):
gpg --gen-key
Enter your Name, Email address, Password (for the private key) and optional comment. To get the public key in ascii to send to your tutor:
gpg -a --export <your_email>
To sign your essay for posting in plain text (make sure you do this with text file)
gpg --clearsign <your_essay.txt>
probably when you submit your essay you want a detatched signature of the finished work, which you hand in. so do this:
gpg -b <your_finished_essay>
and also send the tutor the file <your_finished_essay>.sig
From a Windows PC go to http://www.gpg4win.org/, download and install.
Click Start > All Programs > Gpg4win > Kleopatra.
Click File > New Certificate... and select Create a personal OpenPGP key pair
To export the public key Right click on your now created key and click Export certificate.
To sign the file click File > Sign/Encrypt Files, select the file and choose sign (for submitting in plain text check the box Text output (ASCII armor)), uncheck Sign with S/MIME and slign Sign and the signature will be created as <filename>.sig (or <filename>.asc for ASCII armor)
Hope this helps :)
I'd be shocked if they could put a date on it like that. My understanding is that we are a loooong way off from quantum computing. These guys are helping us to understand how it could work, but I don't see human engineering advancing to the point where spinning electrons in an out of the various levels of an atom could be accomplished in a realistic capacity. At least not any time in the near future.
edit: I would love to be wrong - even if quantum computing may threaten modern cryptography. If we do manage to do this, I'm sure the crypto geniuses will figure out a way to use the technology itself to expand their field.
P.S. Check This out if the word "cryptography" interests you.
Thunderbird has nothing to do with google, so if that's his only reason he doesn't know what he's talking about. That said, it's more likely that outlook would still be required for IT reasons unless you are a very small company. gpg4win includes an outlook plugin, but I have never tried it.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Please install a PGP program. If you are using a Windows OS, install this:
If using Tails or other Linux, PGP is built in.
Create a PGP key and upload it to the keyserver system. Here is my key on one of the keyservers:
http://keyserver.stack.nl/pks/lookup?op=index&search=0x7209020A8E6FA58D
Start signing your messages so that we know it's you if your account gets banned or taken over by somebody else. Not joking.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJS0C7mAAoJEHIJAgqOb6WNFdgP/02eEFBkeHk61J5FQTC7YgPE oFN2ropEuE6cM4R+7jqKZOR35tVEYgatSq8/gdcx5rVYVRYJffa3R7bmVeSqi0yI 47Yz7lPCi6NawOGruA8Z3t75v86OaVxn8nQe6I/Mvfz3TNFiHgPQZUiExt7Y+hq4 jHsbwL3dAk66pjO20BPQAPzsjNB5xPPR53OMPLymT59DmUCsdKuPQgpEqzPPbddr wBuQoK3194IasGNV07rFjt6Sm7ifQuscs9Zyma6jVjJVgRqicCrQZ3zUhRtgmnC5 8gUx/GDpv9VbMBOQAm82hik8v2oblIdikTntdsBFUA65bexm7QhuL0fneq2sCi0C HqB3RSh6e8Nl3d1iI1h1+YmfKMU8c/kJMZiA2m+CE38STYIUAcYguGwopbtGW+d3 /CBRsqpkRbu1N3thj71iHgCqMCxpE16Bmej0Om+Z8M8maLUV2RtdNhHJbAnagrXZ dypHnRjK9rL1v/tJnuvrTQnyeB7yzzTQxxLzAyHTApQQFTfoxgdWXkrqU7SenKjh A0d3Yh2NQ/nHyH0FoVjFqid+HBIuMf2jG4N8bb07QHA1RicByLCUezbjF0AxTAeA DGWNm/2OeXJUGvf28U03uWp+4bN5hR4WfiPBtYiHmHjDlW1Ta2zAmu/bGaOj9lIl BfROsbRccK4oQqcCNM1E =8AJ3 -----END PGP SIGNATURE-----
Yup, every mail I get from Kraken looks like this:
http://i.imgur.com/rKlY65B.png (dialog popping up by gpg4win)
You can enter your PGP pub key on Kraken under Settings->Account.
>Oh, someone actually already does that?
PGP has been out since 1991. It is a damn shame that this is not offered everywhere already. We'll probably need another three to twenty Snowdens before people get it in their head that privacy is something worth protecting.
You need to import their key into a PGP program like GPG4Win and then encrypt your street address with their public key.
(When you install it, make sure that you check mark GPA for installation as well. It's not installed by default and I think it's the easiest one for new users. Also check mark all of the shortcut creation so that you end up with an icon for it on your desktop.)
Here's a guide that someone else wrote on PGP that looks good:
http://www.reddit.com/r/DarkNetMarkets/comments/1qdzl8/guide_pgp_4_n00bz/
See if your contact is willing to communicate with you via reddit messages if you use a gpg frontend. When you have more free time consider investing in switching over to a linux distro. Fedora was working on a version for activists but it didn't get approved for the October release. You could manually install most everything on that list. Also good luck with the activism.
For a more secure/technical oriented option, you could encrypt your documents before sending them to GMail/Dropbox/Google Docs etc. You can do this easily with GPG4Win, an open source tool.
No but do like 2 seconds of google research. If you're not under age ordering from your rents' house you should be able to learn it. It's so easy too. If I weren't lazy I would right said reasons.
That being said encrypt your shit. http://www.gpg4win.org/
most reputable vendors will cancel your order if you don't use PGP. it's for your own protection, so you should take the 10 minutes to learn how to do it.. Many good guides have been written on how to use pgp. Find one, read it, try it yourself. After that if you still have questions we'd be happy to help you! right now, though, you've gotta do some work on your own.
Some have noted that there are two kinds of encryption, but I’d like to clarify:
SSL encrypts the connection between the email client and the server. Both need to support this. Everything is reasonably save while transmitting the email to the server, but after that it’s clear text again, AFAIK. This is actually not so much regarded as encryption but as an assurance that the email doesn’t get sent to another (malicious) server.
The better way would be public key cryptography, which is more complex but as secure as it gets for free. (There is Gpg4win for example.) Emails get encrypted right on the client and stay entrypted until they arrive on the receiver machine. The server doesn’t have anything to do with it, but both clients have to support it. You have to exchange keys with everyone you want to exchange encrypted emails with, though, so its a bit more tedious. But there are efforts to make this as convenient as it can get, so once you’re used to it, it’s not that bad.
I’m not an expert, though, so I’m open for corrections.
Все правильно. И по возможности шифровать любую компрометирующую переписку с помощью GnuPG (или Gpg4win). Тогда даже вскрытый ящик не поможет "гэбульникам" добраться до содержания писем. К сожалению, для осуществления этой меры и на стороне респондента должен быть достаточно технически грамотный пользователь.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
You can try GnuPG for Windows -- http://www.gpg4win.org/
The UX probably isn't as clean as PGP Desktop, but it's free and actively developed. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBAgAGBQJU6o08AAoJEKtJwDCg2HMhW1oH/jHyaL+MlnqkHDT8yt45u7uy oztrp6MDevhJYeReKIsISR+qdqKjndkZ+s14GDqU/dx3by6uuXMqZzG0RveBpDdM cP4UcbMA8V5hVVEo2qr9OOaynf7SlPluM2tzNGeskKrHq1e8jHERJ6VHjdbgfC2Y ft7onFf4nCJaRdWg3q8zle5e76SgyWpaVj9H+iI7iwiY4Q2uld5uqGnk3hBikTud ZaQ+/ANGoX4Ne6OwDw7Zda0e/jChqqBb5wHIqVpQq1SROHC01V7xvLZWUbG+pkPu 6sHlP2g6uRixZbH/DEEuHY5GeiHIuJsWKd6B2863xuDzczDIxyIItfNj10+9IO0= =cYnh -----END PGP SIGNATURE-----
I don't recommend using a site like igolder. The reason why is because it doesn't prove that the message actually came from you.
See, PGP can do three things:
iGolder doesn't allow you to use a private key to sign the message.
Some email programs (including but not limited to Mozilla Thunderbird, and Claws Mail) have addons or plugins to automatically use PGP encryption.
As well, there's a site called http://keybase.io/ that allows you to store your private key (encrypted with a passphrase that is used to decrypt it in your web browser, so that the site itself cannot use your private key). It currently requires invitation, and it was specifically created to help tie the ownership of multiple social media accounts (including Reddit) together. If you want, I can give you an invitation.
However, I also don't particularly like the idea of web-based encryption, because there's no guarantee that the code they use won't silently change to something that will send your passphrase to them (and thus allow them to use your private key).
At this point, the best all-around PGP encryption software is GPG (GNU Privacy Guard), available at http://www.gnupg.org/. There is also a Windows version that includes Claws Mail available at http://www.gpg4win.org/.
For programmers, there are many libraries available (including my favorite, BouncyCastle C#) to manipulate PGP-encrypted messages, but nobody's actually used them to create easy-to-use encryption tools for Windows yet.
Download GPG4Win, then once that's on your computer you can right click a file and have the option of encrypting it with a password. Always make sure it's complex, I'm sure you already know that though. :)
Well, you could always put whatever you want in a zip file and then encrypt it with Gpg4win. You could even sign it so that you know for sure it is the same file you uploaded giving you even more protection than truecypt would have for such a task.
But really a better choice would to just set up your own file sharing setup. Like the other guy was saying is owncloud is good but I prefer just using something like sshfs which is far more secure.
I wouldn't know. Honestly, I've used one piece of software from the start, and it's worked perfectly fine for me. It's called gpg or something like that. I'll update in around 5 hours when I get home.
EDIT: It's Gpg4win
You might try installing GPA from the gpg4win and then importing your secret key from gpg4usb into GPA.
I just tested it and the keys are compatible between the two clients. I was able to successfully use a key with a password that I generated with gpg4win on GPA.
There's no way to strip or reset the password from a key. The private key is encrypted with the password.
Your only other option is to try cracking it using something like this software:
http://www.openwall.com/passwords/pgp-secret-keys-disks-archives
You just need a PGP implementation. For windows you have this: http://www.gpg4win.org/
You can probably find a website that lets you use PGP if you just want to play with it a little.
The wikipedia articles on these things are good:
https://en.wikipedia.org/wiki/Public-key_cryptography
https://en.wikipedia.org/wiki/Digital_signature
Digital signature is another use for public key cryptography. When you want to send an encrypted message, you encrypt with the receiver's public key and the receiver decrypts with his private key. When you want to send a signed message, you sign it with your private key and the receiver verifies it with your public key.
Desktop email clients normally have a feature to do these things automatically, this way once you have exchanged public keys with someone you both of you can send everything encrypted and/or signed, and the email client will take care of encrypting, signing, decrypting and verifying. I use it with Thunderbird + Enigmail.
> GPG4win
This one is your best option. Unfortunately it's interface is clunky and unintuitive.
Download and install from here: http://www.gpg4win.org
Follow these instructions to import the TAILS signing key: http://www.gpg4win.org/doc/en/gpg4win-compendium_15.html
Then follow these instructions to check the signed .ISO http://www.gpg4win.org/doc/en/gpg4win-compendium_24.html#sec_signFile
PM me if you need more help..
There is a replacement, GNU Privacy Guard (or GPG) that is licensed under GPL. It is fully compatible with PGP (and eventually OpenPGP because technically OpenPGP is more of an RFC/Standard).
It can be downloaded from the main website (source and binaries for Linux/Unix) here: http://www.gnupg.org or through most distro package repos.
The Windows port is GPG4Win (http://www.gpg4win.org).
On Linux, Claws Mail is either set up to use it right out of the box and Thunderbird has a plugin to enable use (Linux and Windows).
Most image sites have algorithms that check the uploaded images to see if there is a lot of naked skin visible. Moderators then get notified and they check the reported pictures if it's really someone naked or is just a bikini picture.
If you really want to securely send files (images, text, etc) that you don't want other people to see, both you and the receiver should start using http://www.gpg4win.org/ http://en.wikipedia.org/wiki/GNU_Privacy_Guard or something similar.
Less secure method would be just zipping and password protecting the files and sending them by email, and using some other way to send the password, like some other email provider, chat thingie or txt message.
This may be slightly different, since I'm on a different operating system, but it should be very similar on windows/osx...
Download and install PGP Client:
Generate a new key by clicking "New" or "New PGP Key"
Enter username you'd like associated with the key
(OPTIONAL) Enter an email address you'd like associated with this key)
IF USING THIS KEY FOR RC SOURCING, REMEMBER NOT TO USE ANY INFO THAT CAN LINK BACK TO YOUR RL IDENTITY
Create a strong password: - ideally this would be a password with a length of 20 characters (or more) which contains letters, numbers, symbols, capitalization, etc. - Do NOT reuse a password that you've used somewhere else, and do not use this password for other sites going forward.
RSA is fine to use as an encryption algorithm, and select the maximum key strength possible (4096 bits)
Congrats, you've generated your first key pair! I'll type up how to use a recepient's public key to encrypt a message to be sent, as well as decrypting a message you've received tomorrow, this should get you going for tonight. Let me know if there are any questions.
I use the following. Hopefully something here would work:
Gravity Forms for the Forms.
http://www.gravitatedesign.com/blog/wordpress-and-gravity-forms/ encrypts the data in the database.
https://wordpress.org/plugins/wp2pgpmail/ to send an encrypted notification to a user.
http://www.gpg4win.org/ to decrypt the email in the mail client.
PGP
The pgp file format is cross platform and can be understood by all implementations of pgp / gpg.
However SSD memory is one of the most error-prone, so I'd recommend having several backups or using another storage medium (e.g. encrypted seed written on paper)
> ...then how can this verification be explained so that anyone can do this?
I don't think it can be explained to someone trying to avoid learning new things. But I think it can be explained to someone trying to learn.
The process boils down to:
Unfortunately, step (1) is platform-specific, and steps (3/4) are application-specific.
Here are GPG/PGP applications that cover the three major platforms:
http://www.sandisk.com/products/software/secureaccess/
Only works with Windows & Mac.
Another less elegant solution: http://www.gpg4win.org/features.html
Works with all major operating systems.*
It's pretty standard nowadays to have to upload some form of identification. The easiest way is cash deposit via Localbitcoins.
As for PGP you have a lot of options, what I use personally is this program.
You're on Evo? What?
Here is the website to download Kleopatra, the easiest GUI you can use to use PGP: http://www.gpg4win.org/
Download the file, and install Kleopatra. From there, you can create a new PGP key pair.
fuck it im ending this post here and I will post a step-by-step guide on how to use PGP
Go to http://www.gpg4win.org/ and download Gpg4win.
1.Install only GPA.
2.Run program and Generate Key Now.
3.Enter your username as name and email you can type in whatever.
4.Make a strong password and DO NOT forget it.
5.Make a backup of your secret key and store it in your truecrypt drive/container if you have one, otherwise store it in a secure place. If you ever wipe your computer or it messes up you can use this to import your key pair.
6.If the program crashes while generating your key pair it is ok. It happens sometimes.
At this point you have successfully created your private and public key. Right click your key and hit copy. You now have your public key copied to clipboard and you can paste this into the pgp page of Evolution when becoming a vendor.
IMPORTING PUBLIC KEYS (other members pgp key)
Copy the whole public key info, create a text file on your desktop and paste this info into it and save it.
in GPA click import and select the text file you just created.
The key should have successfully been imported and be in the list with your others keys.
ENCRYPTING/DECRYPTING MESSAGES
So you want to encrypt a message to someone? I assume you have imported there public key already. It is very simple to do.
In the GPA program go ahead and click the Clipboard button. It open a new window where you will type the message you want to encrypt.
After you are done typing your message go ahead and click the encrypt button. Select the proper key from your list and done.
Copy the whole encrypted message and paste it where you want to send it.
That's it! Decrypting you copy the encrypted message you received, paste it into the Clipboard and hit decrypt. it will prompt you for your password and then show you the decrypted message.
Something ain't right. I even uninstalled Kleopatra and reinstalled. Now when I import certificates as a gpg file it shows
Total number processed- 0 Imported - 0
I've been referring to this source...
> Oh, sure; the address in question is surrounded by a PGP signature, but who has time for that level of assurance? Who has time to worry about whether or not the software from gpg4win.org is itself safe?
Is this a joke?
What would make trusting HTTPS and a browser implementation and their certificates ok and trusting Bitcoin and whatever Bitcoin client ok, but checking a PGP signature not worth the effort?
For an alternative to Gmail you will have to pay for the service or the server. If you are savvy enough, you could always use GPG (Gnu Privacy Guard). The link is for a Windows based OS. If you are running Linux like me it's already installed, you just need to set it up.
GPG is a encryption technique that has yet to be cracked by the NSA, according to many experts. The only problem with GPG is that you need to have others using the encryption method as well. Otherwise you're stuck sending encrypted messages to yourself.
I use GPG to send private emails to family, friends, and members of the Truth community in Phoenix. If you decide to use GPG remember to keep your private key hidden on a flash drive, or an external disc. Never give out your private key to ANYONE.
Weird. I tried the exact same test and it worked fine for me. I just tested it with a pdf document and it worked without problem.
There must be some option that we have set differently.
Do you have GPA installed from the Gpg4win package?
You should be able to decrypt the file and save it using GPA.
Make sure you select GPA during the installation. It's not selected by default.
nope sorry :( ill recommend some things tho.... Use a bitcoin tumbler (like bitcoin fog, or coin shared) local pgp just use http://www.gpg4win.org/index.html (DL their software) once u have it installed if u have questions just pm me, or if u want to send a test message or practice/whatever PM me and ill give u my public key and we can trade hellos
I was not aware of this service. It seems to me that you would be sending information through this third-party that could be stored on their servers (someone correct me if I am wrong). If so, it would not be a secure way of using PGP.
I use this and it is not very hard to use once you get the hang of it. There may be some guides for it out there as well.
Do not use Portable PGP. You can't seem to generate revocation certs with it and there are easier to use programs available.
Use Gpg4win on windows.
Here's a good guide that another redditor wrote on installing and using Gpg4win:
http://www.reddit.com/r/DarkNetMarkets/comments/1qdzl8/guide_pgp_4_n00bz/
Hmm, that's actually a bit of a catch 22 isn't it, it would obviously be preferable to check its pgp signature but you can't do that without installing it first.
The only way to somewhat verify it is to check out this page which is the official gpg4win page for installer verification.
On there you can find the sh1 and md5 checksums of the files which you can use to verify their integrity using a tool like this or some other sh1/md5 checker.
Verifying the file through sh1 or md5 won't be as secure as verifying its pgp signature but it's the second best option and the only one you can do before installing gpg4win or some other tool similar to it.
>It's Pretty Good Privacy. And it has a free twin GNU version, called GPG. If you run linux, tada.
>If you run windows, you can get some privacy here.
>Basically, you encrypt your email with a key, and it turns into gibbirish. You then send it, and the person who receives it has to know the key to decrypt it.
>You can learn about it here.
All you Anarcho-Capitalists should become Anarcho-Cryptographers!
It's Pretty Good Privacy. And it has a free twin GNU version, called GPG. If you run linux, tada.
If you run windows, you can get some privacy here.
Basically, you encrypt your email with a key, and it turns into gibbirish. You then send it, and the person who receives it has to know the key to decrypt it.
You can learn about it here.
GPG is a command line application. You can use it a it's bare form or you can download one of the many available front-end programs for it (graphic interface).
One of these front-ends for GPG is called GPG4win.
Cool it won't take long, I don't mind. It's kinda tricky at first but when you get the hang of it it's easy and pretty cool.
download here http://www.gpg4win.org/ then play around with it for yourself and see if you can figure it out. Read the compendium.
Pm me when you have downloaded it and looked over it and we'll sort out a key swap and do a practice message to each other.