Search the Site

 

Top
Blog

My Social
Services
Meta
Powered by Squarespace

Entries in PGP (7)

Saturday
Feb052011

PGP Services Menu Integration

DateSaturday, February 5, 2011 at 17:57

During the clean-up of my personal data on my Mac's, I found several PGP encrypted containers, and encrypted files. To see what was stored in them, I needed to install PGP (again).

After installing the software I dug up my keyrings and everything worked fine, until I tried to encrypt an e-mail. In the old days you had a button for encrypting the body of an e-mail message, but today things have changed. PGP is using some sort of (local) proxy to encrypt, decrypt, sign and verify e-mail messages. BUT there's also the possibility to do this with text on the clipboard, or text you selected with your mouse/keyboard.

This is where I ran into some missing functionality; Normally the PGP actions are visible under the 'right-mouse' click -> Services, but no PGP actions available. Further investigation showed that no PGP actions were available on (plain) text in editors. PGP actions on entire files were no problem.

Click to read more ...

AuthorWillem | CommentPost a Comment |
tagged , in , , ,
Wednesday
Sep162009

Apple Snow Leopard and Filevault

DateWednesday, September 16, 2009 at 19:09

Ran into one of the most annoying bugs in OSX evah.... The earlier versions of OSX had a problem with Filevault and remembering certain default application preferences. This issue is resolved in Snow Leopard, but I ran into another (new) feature.

Whenever I put my MacBook to sleep it closes all running programs and documents (without any save option), and logs me off....
Waking the MacBook back up leaves me with the default log in screen. After the log in, it's like I rebooted the machine...

Need to remember to save before putting it to sleep, or to wander of for a couple of minutes.......

UPDATE: I fixed it. Yesterday I saw a flash of the error reporting tool of OSX while I opened the lid of my MacBook, and before it logged me out on the fly. This meant that there might be some info in the console application.
It turned out there were two applications generating lots of errors. Namely PGP and EyeConnect (some part of EyeTV). Somehow both had come over with the data migration.

After uninstalling PGP manually (because the regular interface didn't work any more) and removing all references to the EyeConnect application everything worked as it should (so far).

UPDATE 2: Never mind the previous cheerful update. LoginWindow keeps crashing. I even reinstalled the compleet OS on a seperate disk and with virtual no apps installed it keeps crashing. So the sleep mode is essentially unusable. I've been thinking of removing the Snow from the Leopard....

AuthorWillem | CommentPost a Comment |
tagged , , , , , , in ,
Monday
Aug312009

PGP and Snow Leopard

DateMonday, August 31, 2009 at 22:40

PGP-BrokenIt seems that the current versions of Pretty Good Privacy (PGP) are NOT compatible with Snow Leopard. Incompatibilty issues are are something that mostly occurs on mayor OS upgrades. The upgrades that overhauls the entire OS. But Snow Leopard is merely a fancy service/feature pack. So I have no idea why this would cripple PGP.

The blogposting is of August 27th. 1 (ONE) day before the release of Snow Leopard. And according to the post they are still in some sort of beta stage in the Snow Leopard compatibility development. This raises the following question(s);

  • Why aren't they further in the development?
  • Have they missed the news that Snow Leopard was on its way (announced somewhere last year)?
  • Don't they have access to the developer tools (and associated beta's of the OS)?
  • Were they asleep the last couple of months?

Instead of patching the 'old' v9.x of PGP they will release a new (commercial) version 10 which will be compatible with Snow Leopard. This shows the 'real' commitment of supporting the current customers. I'll try to make a list of applications which were incompatible with the release of Snow Leopard, but are pathed for FREE. Just to show that real service still exists.

I'll be keeping my eyes in the mean time on the MacGPG pages (the free implementation of the opensource part of PGP).
No more PGP for me. I'll be heading towards S/MIME and Truecrypt for the time being.

AuthorWillem | CommentPost a Comment |
tagged , , , , , , in ,
Monday
Jul272009

Apple Favors Own Products, or FileVaults Screws Up

DateMonday, July 27, 2009 at 22:40

Apple FileVault Apple FileVaultSomething everyone would do I guess (the favoring part at least :) ). But Apple is doing this in a very peculiar way. When you run OSX with a ton of third-party applications you won't notice things, since everything runs as it should. But when you're going to use FileVault, things change. A lot....

FileVault is the way Apple secures your data. When turned on the OS creates a sparse iage of your userdata. So everything stored within your user directory is encrypted using AES-128.

The use of FileVault screws up certain system files. One of those is (or several for that matter) is used to store the default applications. Like FireFox for Internet instead of Safari. Every time you reboot your system the default application settings are read.
This weekend I also found out that at least one handy program also disagrees with FileVault. Little Snitch won't properly save it's registration info when you're using FileVault.

You know what the worst thing is? This BUG is present since Panther (OSX 10.3). I wonder if this is going to be fixed in Snow Leopard. To be honest, I doubt it. If they can't figure it out in 4 years, they probably never will.

As a security savvy nerd I want to use FileVault on my MacBook, but the problems with FileVault made me decide to uninstall this feature. Too bad that there are no other real alternatives. Truecrypt (or PGP) is nice, but it can't encrypt your hard disk (from which you boot) or even your user directory. Check Point seems to have software, but there's no way of buying it easily. So it seems that's it's mainly reserved for corporate environments.

UPDATE: w00t... They solved this annoying 'feature' Apple OS X 10.6 a.k.a. Snow Leopard. Way to go Apple. Although it being several OS releases/years too late!!!!

AuthorWillem | CommentPost a Comment |
tagged , , , , , , , in , , ,
Thursday
Jul092009

Internet Data Retention Law is Live in the Netherlands

DateThursday, July 9, 2009 at 16:04

It's a fact. As of this Tuesday, the Dutch ISP's are required (by Dutch law) to log all Internet activity of their customers and store the data for 12 months (at the moment). Gitmo Nation has expanded a bit further to the east, according to the No Agenda podcast host Adam Curry (which is a great podcast by the way).

Anyway, the logging is no longer limited to the basic IP connection data, the new law requires the ISP's to log the following information:

General Internet Access:

  • Loginname
  • IP Address
  • Name and address details of of all the parties involved (when available)
  • Time and Date the communication took place
  • Used service(s)
  • The callers phone number in the case of dial-up Internet access
  • The number called for dial-up Internet access
  • DSL, phonenumbers, MAC address (when using public/ISP sponsored WiFi/Network access)

E-mail:

  • IP address used to access or send e-mail
  • User ID
  • E-mail address of the sender, recipients etc. (basically the FROM, TO, CC and BCC fields)
  • Registered e-mail alias addresses when available
  • Time and date of the communications
  • Name and address details of all the parties involved (when available).
  • Method used in sending/receiving the e-mail (webmail, POP, SMTP, IMAP, etc.)

Internet VoIP:

  • Phone numbers of both parties
  • IP addresses
  • Name and address details of all the parties involved (when available)
  • Time and date of the communication (start and finish)
  • Protocols used during the communication
  • Successful and failed attempts to communicate

The 'fun' part is that the Dutch government won't (or can't) give a real reason why this information is required..... Why can't they give the proper reasons for creating and passing this law. Theoretically we still live in a democracy.

My thought is that it's probably based on some vague report by some high-profile consulting company that scared the shit out of the politicians (accountability??). Especially the terms 'child pornography' and 'terrorism' are most likely THE keywords on which the decision is based. And no one wants be publicly not against those two.... And so the privacy of the Dutch citizens crumbles, and crumbles.

Time to start using more and more encryption in all of your communications if you ask me, and start running your own services on a server in your attic .

/me is removing the dust from his PGP keyrings....

AuthorWillem | Comment1 Comment |
tagged , , , in , ,
Wednesday
Jan072009

PGP Desktop Updates

DateWednesday, January 7, 2009 at 16:25

I've been a PGP user for quite a while now. A couple of years ago I bought the software (before that I used the free PGP versions). My original license was for version 8.x. Every once in a while that would be a message indicating that there was a new version available.

The last couple of months there were no new messages, and when I checked for updates from the application the default message was "you're running the latest version".

But according to the PGP website there were newer versions (9.8, 9.9). So I 'registered' for an evaluation version and installed that over my existing 9.7 version.
After the reboot everything worked. My (old existing) license is still valid. So why is PGP not telling that there's an upgrade available?

I guess the fun will end with the release of version 10.
B.t.w. I still find it frustrating that they removed the SIGN and ENCRYPT buttons/functionality from within Apple Mail.app. I don't want to sign all my outgoing mail (which happens when you configure the mail proxy settings). I want to be in total control :)

AuthorWillem | CommentPost a Comment |
tagged , , in ,
Tuesday
Jun032008

Full Disk Encryption for the Mac

DateTuesday, June 3, 2008 at 18:42

Checkpoint acquired a company called PointSec a while ago. This company made full hard disk encryption software for Windows. Now, Checkpoint has released a hard disk encryption version for the Mac. I guess they are taking OSX seriously.

Disk encryption is available today for the Mac (TrueCrypt, PGP), but these aren't able to encrypt the boot partition. Only partitions are by the use of containers. This type of software was available to Windows only primarily.

Now that the 'trick' has been done, I guess more will follow.

I do wonder if it's still possible to use SuperDuper for cloning a bootdisk....

AuthorWillem | CommentPost a Comment |
tagged , , , , , , in , , , ,