JavaScript is required to use Bungie.net

OffTopic

Surf a Flood of random discussion.
6/17/2014 4:48:11 AM
58

Today I'm going to teach you something useful

Let's say you want to send a message to someone which has to go through a public place. How can you make sure only your recipient can read it? This is the inherent problem with the web. If you're reading a web page which has to be transmitted across cables owned or controlled by the government, for example, how can you stop them from reading what you have to say? How can you store a file on your hard drive without it being read by others, even if you "delete" it? Encrypt it. What I'm going to teach you today is asymmetric public key encryption. Sounds complicated, right? Don't worry, it's simple: there's a private key and a public key. That's it. The public key is deliberately made public and can be used by anyone. The private key stays with you. When someone wants to send a message to you, they encrypt it using [i]your[/i] public key, which creates a whole mess of gibberish text that nobody can read except for you. Which is great because then you can leave it anywhere you want. When you want to read it, you just decrypt it using your private key. Easy. Let's begin. [b][u]OpenPGP[/u][/b] OpenPGP is a standard for encryption, and is the one we'll be using here. It is implemented in [url=http://www.gpg4win.org/]GPG4Win[/url], which is a port of [url=https://www.gnupg.org/]GnuPG[/url] on *nix. There is also a package available for [url=http://gpgtools.org/]Macs[/url] too. Grab the right one; I'll assume you're using Windows, though. When you're up to choosing the components to install (you don't have to install all of them), choose GPA and/or Kleopatra. Also choose GpgEX if you want the extra right-click context menu options to encrypt/decrypt files, etc... GpgOL will add an add-on to Outlook if you use it so you can encrypt, decrypt, and sign emails. When it's done, open up GPA under Gpg4win in your start menu and go to Keys > Preferences. Make sure "Use advanced mode" and "Show advanced options" are both checked. Next, go to Keys > New Key. Choose RSA as the algorithm, and the largest key size (currently GPA lets you choose 3072, but Kleopatra lets you go up to 4096 bits). Put in your name (for the purposes of this demo, use your bungie.net username), email address (just put in [i][your bungie.net username][/i]@bungie.net), a comment if you want to leave one, and whether your key should expire after a certain date (or that it should be valid forever). Then enter a passphrase to protect your private key. After your keys have been created, they're only going to exist locally on your computer, so you need to distribute your [i]public key[/i] for others to use. If you want to change where your key will be uploaded to (they get shared anyway), go back to the preferences popup, and change the Default keyserver. I use hkp://pgp.mit.edu. A key server is a place where you can store your public keys and retrieve others'. When you're ready, right click on your new key in the Key Manager and hit "Send Keys" to send your public key to a key server. Once your key has been sent, you should be able to search for it. If you sent it to MIT's server, you can look it up [url=http://pgp.mit.edu/]here[/url]. In fact, [url=http://pgp.mit.edu/pks/lookup?op=get&search=0xC96CB05502122932]here's mine[/url]. [b][u]Encrypt[/u][/b] Now for the fun stuff. Since I've given you my public key, try encrypting something and post it as a reply. Only I will be able to read it. First, go to the link above where my key is and select all of the "key block" text, including the hyphens, and copy it. Go back to GPA and go to Edit > Paste. You should now have my key there in your key manager. Go to Windows > Clipboard and type out your message. When you're finished, hit encrypt and then choose my key from the list of public keys. Ignore signing for now - you can read up on it later if you want. When you're ready to encrypt, hit OK. You should get a message asking if you know the key you're about to use really is mine. If you've made it this far, you should know the answer, but consider the possibility if you accidentally used someone else's key to encrypt something confidential and they managed to get a hold of the encrypted text - they could decrypt it. When you're done, you should get a block of text between a set of hyphens (BEGIN and END PGP message). This is the "gibberish" I referred to earlier (technically called ciphertext). Just as before, copy everything between and including the begin and end lines and paste it as a reply. Again, only the recipient - me - will be able to read it, which is why it's safe to post the ciphertext publicly. Next up, decryption. [b][u]Decrypt[/u][/b] Hopefully by now you've created your keys, distributed the public key, and posted a link to it. When someone has encrypted a message for you to read, you need to decrypt it to get it back to normal. Copy the encrypted message (again, everything between and including the begin and end PGP message lines), and paste it into GPA's Clipboard through Windows > Clipboard. Click the Decrypt button and, assuming you have your private key set up properly, you'll get a prompt for your passphrase you entered earlier when you created your keys. Enter it, and that's it! The message will be decrypted for you to read. [b][u]etc...[/u][/b] This is a really, [i]really[/i] simple way for people to make sure their messages are secure, and it can be used by anyone ([url=https://play.google.com/store/apps/details?id=org.thialfihar.android.apg]even on your phone![/url]). If you have a private email address or send private emails (or at least [i]want[/i] to send private emails), this should be very appealing to you. Don't hesitate to create another pair of keys for yourself and to get others to do the same. If you still have your keys in the key manager from this demo, you can delete them locally (which will also delete your private key), but your public key will remain on the key server(s). To void it (eg. if your keys are compromised), you need to publish a revocation certificate, but I'll let you investigate further for how to do that and [url=https://www.google.com/search?q=gpg4win+faq]other things[/url]. Don't think this is limited just to forums and email though, because you can use it for anything, including to encrypt files on your computer using your own public key. This is great because it can help where you might want to keep something on your hard drive (or USB!) secret and secure - even from computer forensics. Now you might be wondering what happens if your computer is seized as evidence. As far as the law is concerned, using encryption is absolutely legal, but [url=https://en.wikipedia.org/wiki/Key_disclosure_law]there are laws[/url] in a number of countries which compels you to disclose your keys (who knows what happens if you say you forgot...), but that should give you a good idea of just how strong this is.

Posting in language:

 

Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

  • [b]BLACK MAGIC! WITCHCRAFT! SORCERY! DARK ARTS![/b] Cool post, skimmed through it however as it doesn't really interest me personally. Cool info, but c'mon... What do you have yo hide? Anyone who does this is just nerdy and feels boss for no reason. [spoiler]A friend of mine is computer savvy. And all he has encrypted was a his ratings/reviews of weed strains he had smoked. And the info behind them. Maybe even 420 documentaries. Pot is illegal here, but if they wanted him.. You REALY think this is going to do anything? What do you to encrypt? Porn? Lol. [/spoiler]

    Posting in language:

     

    Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

    2 Replies
    • 10112011 103110 11101120 20111011 11201110 20111011 112021 11101120 10112011 103110 2031

      Posting in language:

       

      Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

    • Very helpful indeed

      Posting in language:

       

      Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

    • I love this.

      Posting in language:

       

      Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

    • I got tired just reading this, thanks for the tip though. Can you decrypt this? Cu#t

      Posting in language:

       

      Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

    • Edited by qy: 6/22/2014 1:28:11 AM
      0
      Reading hurts my brain stuffs

      Posting in language:

       

      Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

    • Sorry I tried to read it but my ADHD just didn't want me to.

      Posting in language:

       

      Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

      1 Reply
      • If you wanna teach the flood something useful you should be posting a "how to talk to girls" walkthrough.

        Posting in language:

         

        Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

      • I actually enjoyed reading the entire thing, and maybe I can even try using it sometime. But isn't this particular type of encryption based off the use of prime numbers and stuff? Because I would like to see what would happen if we [i]ever[/i] find a formula that can, at last, give off every single prime number, or even if the Riemann Hypothesis is solved, because I'm pretty certain it is related to prime numbers as well. We would probably have to invent an entirely new type of encryption.

        Posting in language:

         

        Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

        1 Reply
        • Thank you Could a method like this be used to encrypt a wifi signal from only been seen by certain machines?

          Posting in language:

           

          Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

          2 Replies
          • -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) hQIMA8lssFUCEikyAQ//cFCe/0RwjVW4DRhUiDqH0DR8d7tAU4FCDzNyIoZ0h0bT RfrEP+s3KKDWEZaS45EyoJv+5uEsrxEvSBjWCJKJhTenCSzpo2I2Iei8fTlK6Oj3 b+XmD5CPC3xrOSwXLelqhKbYK4UQECuHpJ5WC82JKbm6TWLfbLmgGwkev4m4TY5X okAmeyy3yDM3EzwE8yIDP7NaXUuBm1hC4QXErylkJj3R4Yi6cgzpdxfmUG/lAPUL 77YxAKaerhotFFO7aFDza4O9YCZsEDEwnzKCrthlwxjsD/SxBQbCMEKe4eY9ghln I/BVXG2Q3wnaai67JCMXDLKg9+ZCs3Otyb203ZCnT89OsMaUhiPBJ1aDjeRSjU1x YsRMFJPotH6bgt+HDiSZRNtTe/qOum3/5uZSJyn7djC4cy/k/uXfopMwZixSNN46 a4dSEuMGfUFalAI5994/GqZ3KD3HoKiaJ2uIS1OMpKBWA9jq1wtnAjI/jgty3T2P ReGxeMnYSt68Viqjpe6uFJlayo4yALSV3T9wuuZOB4zRTY1Wx1sQu8UUbekLb1JU R39tO8zJrMxpb3LbCI3d5OcLnhkrECQTMcZevW2zxqn2QWOrZYntA0rf4hmBAf+w OkX3Nh2xOwpZfbne9xAbEs1ZSlKAYzkoa5MnbxVlUvaY3ja+pIu7dfPPoOqc/HfS dQGNpGsxdE4n6/j5jrDVwOp3LIG3PLKjJCR89QPXDQFA7Xe4nb5vc0+ojZn5rnua cbXD70Bhx/ocixFX9AaVmsujabNQVIh98uJF+GubsmWN34k96YoEJSs6ABrT1Hmr Rd8SS2ioX8BxGDmYp7kR+Kn4NBE56w== =u7j9 -----END PGP MESSAGE----- [spoiler]Did I do good?[/spoiler]

            Posting in language:

             

            Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

            3 Replies
            • [i]That's what the government wants you to think.[/i]

              Posting in language:

               

              Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

              1 Reply
              • Edited by dazarobbo: 6/18/2014 7:59:01 AM
                Sorry, I get bored while reading your article.

                Posting in language:

                 

                Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

              • madest thou look

                Posting in language:

                 

                Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

              • Aaaah TL; DR

                Posting in language:

                 

                Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

              • what i learned from this thread: i don't like to read

                Posting in language:

                 

                Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

              • [quote]I understand you better when you are spouting anti gun rhetoric[/quote] This^ But OT: Why would I want to go through all this BS just to make sure people don't see my message? What could I possibly be saying in my message?

                Posting in language:

                 

                Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                5 Replies
                • Edited by SI19: 6/17/2014 11:55:24 PM
                  While this is great for someone who takes secrecy and privacy very seriously, it seems like an awful lot of hassle for something that isn't guaranteed to work if the government/some intelligence agency tried hard enough (which, if you were gathering interest from such parties I'd say you'd be doing something illegal). I mean if I wanted to converse with someone secretly, it's probably better to do it in person at a secluded place if you just want privacy. Then again, there's always the more... conspiracious?... theories that float around such as governments already have access to said encryption software (which kinda makes sense; a program that promises absolute secrecy is bound to attract those of a malicious nature, essentially a honey-pot for criminal activity), or that general propaganda is making me think encryption software is useless making me remain insecure in regards to my communication devices. [spoiler]Or... it's 1am and I'm becoming sleep deprived, making my answers more ludicrous and incoherent. Take your pick.[/spoiler] Anywho, I'll keep this stuff in mind, so thanks for exposing me to this, seriously. Might need it to plan a coup or incite riots or something of that nature. You know, revolutionary take-over-the-government sorta thing.

                  Posting in language:

                   

                  Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                • Mind. Blown.

                  Posting in language:

                   

                  Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                • [quote]theres a private key and a public key. That's it.[/quote] Was expecting "thats the [i]key[/i]" Ninja OP disappoint

                  Posting in language:

                   

                  Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                • Too long. I didn't read it.

                  Posting in language:

                   

                  Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                • I WILL DO THIS LATER... MAYBE.

                  Posting in language:

                   

                  Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                • Instructions unclear, my dick is now encrypted.

                  Posting in language:

                   

                  Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                • I understand you better when you are spouting anti gun rhetoric

                  Posting in language:

                   

                  Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                  5 Replies
                  • Do you think that the government has or even wants to use the time to spy on you because they don't.

                    Posting in language:

                     

                    Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                    12 Replies
                    • Not bad...

                      Posting in language:

                       

                      Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

                    You are not allowed to view this content.
                    ;
                    preload icon
                    preload icon
                    preload icon