 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 6 Oct 2001, dan moylan wrote: > John Abreau wrote: > >>> I'm also curious how many of us actually use PGP or GnuPG. > > dan moylan wrote: > >> i for one have never had occasion to use either, and only vaguely > >> understand what would occasion its necessity. Do you lock the door to your house or your car? Electronic security measures have the same purpose as physical security measures: to control access. Using such tools does not imply you are hatching evil plans any more than locking the door to your house does. I change the root password to a server, and want to inform my coworkers. I can let them know via encrypted email. I have a bazillion passwords, credit card numbers, etc. that I need ready access to. I store them encrypted on disk. Etc. If you have electronic information that you'd like to keep private, you use tools such as GPG. That's all. I run crontab scripts several times daily to keep data syncronized between my primary work and home computers. I don't want my life's work transmitted over the Internet in plain text. I don't want my authentication credentials travelling over the Internet in plain text. Because my data is syncronized, I can easily recover from disaster. rsync+ssh has saved my ass more than once. Pretty mundane stuff. But important. I am more than a little concerned that if enough people say "I don't get it, it seems like only terrorist would care about such things", that the utility of these important tools will be severly compromised by a government over-eager to placate the fearful masses. I'm going to sign this message using GPG. If you trust the authenticity of my public key, you can do things like verify that it was, in fact, me who wrote this email. Perhaps not so significant in this instance, but very significant in the case of contract documents. Considering that congress has recently passed legislation validating the use of electronic signature, this proves very useful indeed. The purpose of a keysigning party is to establish trust in people's public keys. I can have a lot more confidence that a key belongs to you if you tell me so in person, and prove your identity w/ a driver's license and/or passport than if you simply, say, email it to me. One place to turn if you'd like more information is the GPG manual: http://www.gnupg.org/gph/en/manual.html. People who use GPG are generally neither stupid nor terrorists. - -- - -Ron- https://www.yellowbank.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7v1w7NcnDl7bTZaERAviWAJ9GxbLbUocwgUzSn9Rz0hj8fimj5gCeM+ZT iOeHZzWWYUKd3TXfCnqmuqc= =KeSv -----END PGP SIGNATURE----- - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
