Setting up PGP

Karl gmkarl at gmail.com
Mon Oct 12 08:55:33 PDT 2020 

I'm actually reading this a few times to try to force all the
interconnected meaning into my messed up short term memory, and I
think John is saying he can help us if I can translate.

On 10/12/20, Karl <gmkarl at gmail.com> wrote:
> On 10/12/20, Karl <gmkarl at gmail.com> wrote:
>> Received this reply late.
>>
>> On 10/12/20, John Young <jya at pipeline.com> wrote:
>>> Use of any online or digital programs and/or devices for
>>> comsec/infosec should be avoided unless completely enclosed and
>>> transmitted with non-online or non-digital means. There are a number
>>> of non-onlne and non-digital means available, the first and most
>>> reliable is your brain so long as it is not contaminated with belief
>>> in online and digital prejudice now over a century in promulgaton.
>>> The principal efforts for this promulgation is computers, coding,
>>> obfuscation, propaganda, arcanity, scientism, residual astrology,
>>> confidence gaming, spouting mantras, i.e., "cypherpunks write code."

John's saying that you need to shield your communication device and
write down or memorize anything you want to bring in or out of the
shielded enclosure.  Nothing with metal moves in or out of the
shielded enclosure.  He's also saying there may be minimal need for
digital cryptography, maybe to a smaller audience.

>>> https://www.google.com/search?q=cypherpunks+write+code&rlz=1C1AOHY_enUS708US708&oq=cypherpunks+write+code&aqs=chrome..69i57.5595j0j7&sourceid=chrome&ie=UTF-8
>>> This oh so cool mantra derives from the magicial, bewitching
>>> lodestone "national security," the abiding weapon of nations governed
>>> as royalty, heirarchical, the few overlording the many with force,
>>> elections, education, faith and trivializing deriviatives of
>>> entertainment, media, chat, parties, militants, rebels,
>>> revolutionaries, independents, intellectuals, geniuses, "democracies"
>>> ruled by  kingdoms of presidents, congresses, courts.

Here I think John is saying that the cypherpunks movement stems from
authority itself, which anybody who _isn't_ a cypherpunk and _doesn't_
understand computers well, would likely assume.

>>> Nonetheless, always a nonetheless apologia for top-down regimes, far
>>> more rewarding to cooperate with authorities than to defy them, more
>>> lucrative too. So backdoors in crypto, each and every version, must
>>> be inherent code, along with outpourings of assurances there are
>>> workarounds to escape the many and be one of the few. Today, that is
>>> marketed as "smart."

I think John here might be expressing frustration, it's hard to tell.

John, do you think the people putting backdoors in their cryptography
_want_ to?  Do you trust that all these unsigned messages are actually
from your friends hearts?  Ask any marketing worker with goonies like
us behind them: backdoors in consumer software and hardware are _bugs_
to be _squashed_: _stupid_ _errors_, not _smart_ _code_!

>>> At 06:23 AM 10/12/2020, Stefan Claas wrote:
>>>>Karl wrote:
>>>>
>>>>[...]
>>>>
>>>> > After finding a good candidate airgapped device, you'll want to be
>>>> > careful with how you use it.  Remember, whenever a new vulnerability
>>>> > is found, trojans cover the world taking advantage of it, and then
>>>> > try
>>>> > to find a way to hide inside the corners of all the systems they
>>>> > find.
>>>> > So, any drive you put in your new device, anything you plug into it,
>>>> > any update you apply, could be filled with computer-measles that
>>>> > would
>>>> > find a way to trick it into giving remote control to them.  Keep it
>>>> > isolated until you have things set up for use.
>>>> >
>>>> > The next step after getting a reasonable airgapped device, maybe a pi
>>>> > zero, and ideally keeping it isolated, would be to install gnupg on
>>>> > it.  Maybe in a forthcoming email!
>>>>
>>>>GnuPG should be already installed with Linux (Raspberian OS etc.). The
>>>>thing I would like ask you, how would you communicate securely with your
>>>>air-gapped device?
>>>>
>>>>What I did in the past was to install on the online device and offline
>>>>device the free (cross-platform) software CoolTerm and I connected both
>>>>devices with an FTDI USB to USB cable, so that I could do serial
>>>>communications
>>>>and was also able to see how many bytes (from a PGP message) was
>>>> transfered.
>>>>
>>>>Another approach I am currently playing with is to play with NFC tags
>>>> and
>>>>a reader/writer device, which can be used offline as well.
>>>>
>>>>Regards
>>>>Stefan
>>>>
>>>>
>>>>--
>>>>NaClbox:
>>>> cc5c5f846c661343745772156a7751a5eb34d3e83d84b7d6884e507e105fd675
>>>>   The computer helps us to solve problems, we did not have without him.
>>>
>>>
>>>
>>
>

More information about the cypherpunks mailing list