Encrypt Everything: GPGTools for OS X

Yesterday I gave a high level overview of OpenPGP. Today I want to dive into the practical portion of OpenPGP by explaining how to use GPGTools on OS X to encrypt e-mail communications. The first thing you will want to do is get the latest version of GPGTools from here (versions prior to 2013.05.20 will not work with Apple’s Mail application in 10.8). Installing GPGTools is a straight forward affair, just click Continue, Install, and Close (for this tutorial it is assume that you performed the default installation, if you customized the installation all bets are off).

After installation has completed GPG Keychain Access will automatically open and, if this is your first installing it, ask you to generate a new key pair (click to embiggen):

For the duration of this tutorial I will be using the e-mail address openpgptest@christopherburg.com (it’s a junk address, don’t both spamming it). Besides your e-mail address I would recommend changing the Length field to 4096. When it comes to encryption keys you need to go big or go home. Since openpgptest@christopherburg.com is a junk address I set the key to expire but you may want to uncheck the Key expires box if you plan to use your key pair with your e-mail address on a permanent basis (reissuing keys to everybody you e-mail can be a pain in the butt so setting them to expire can be a notable inconvenience). The only other field you need worry yourself with is the Upload key after generation check box. If checked the key will automatically be uploaded to the keys.gnupg.net key server (whether you want to do this is an entirely personal matter).

Once you’ve entered your key pair information click the Generate key button, which will result in the following dialog appearing:

Feel free to muck about with your computer for a bit to increase randomness. While the application is waiting around on randomness a dialog asking you to enter a passphrase will appear:

The entered passphrase will be used to encrypt your private key. Even if somebody manages to steal a copy of your private key file it will remain useless to them unless they also have your passphrase or can brute force it. To prevent the latter it is recommended that you enter a long, complex passphrase that won’t be easily guessed or likely found in a dictionary file (which is a table of words and common phrases used to brute force passphrases quickly).[1] Remember this passphrase because you will need it to decrypt your private key in order to use it to decrypt e-mails. After clicking the OK button you will be asked to re-enter the passphrase:

It should be pretty obvious but you need to enter the passphrase again and click the OK button. If you left the Upload key after generation checkbox checked you will see this dialog box:

Once the file is uploaded you will see your key pair added to the GPG keychain and it will be displayed in GPG Keychain Access:

You are now able to decrypt messages encrypted with your public key however you don’t have any public keys for other users. Encrypted e-mail isn’t much fun when you don’t have anybody to talk to so you’ll want to import the public keys of the people you converse with via e-mail. For this tutorial I will be adding the public key for blog [at] christopherburg [dot] com to my GPG keychain. To do this click the Import button in the GPG Keychain Access toolbar. A dialog box will appear asking you to select an .asc file to import into your GPG keychain:

.asc files are simple text files with a different extension. As I explained in yesterday’s installment of Encrypt Everything, OpenPGP public keys are blocks of text. To create an .asc file from a copied public key you simply need to past the text into a new text file and save it as a name ending in .asc. After you click the Open button you will be notified that the public key was imported:

The public key will not appear in your GPG keychain in the GPG Keychain Access application:

Now you can encrypt e-mails with the blog [at] christopherburg [dot] com public key. E-mails encrypted with that public key can only be decrypted by the holder of the corresponding private key (which, in the case of blog [at] christopherburg [dot] com, is me).

Now you are ready to communicate over e-mail securely. Let’s send an encrypted e-mail to blog [at] christopherburg [dot] com. Open up the Mail application and start a new e-mail. When composing your e-mail you will notice two buttons sitting below the subject field on the right-hand side:

Clicking the left button will encrypt the e-mail and clicking the right button will sign the e-mail. Signing your e-mail allows the recipient to verify you sent it (so long as they have your public key). I always sign my e-mails so authenticity can be ensured by the recipient. For this test we will click both buttons so the e-mail will be encrypted and signed:

You’ve probably noticed the new button in the upper right-hand corner of the form. This button allows you to select whether you want to encrypt and/or sign the e-mail using OpenPGP or S/MIME. By default it’s set to OpenPGP, which is what we want. Upon click either the encrypt or sign button the OpenPGP button will turn green. When you click the send button you will be asked to enter the passphrase for your private key:

Unless you check the Save in keychain checkbox this dialog will appear every time you send a signed e-mail (since you use the recipient’s public key to encrypt the e-mail you won’t have to enter your private key passphrase when you encrypt but don’t sign an e-mail). I recommend not checking the Save in keychain checkbox because doing so will store the passphrase for your private key in OS X’s login keychain, which means anybody who obtains your login password will be able to decrypt your private key, which will allow them to decrypt encrypted e-mails send to you.

That’s it, you’ve just sent your first OpenPGP encrypted e-mail. Any e-mails sent to your account that have been encrypted with your public key will be automatically decrypted and their contents displayed in Mail. That wasn’t too bad, was it?

[1] For example, the passphrase “passphrase” is very poor. It’s not only short, but it’s also easily guessed and commonly found in dictionary files. The passphrase “This is a random phrase that says nothing but probably isn’t easily guessed nor commonly found in most dictionary files.” is notably better since it’s not easily guessable or a commonly used phrase (although, now that it’s publicly published to the Internet, it’s worthless so don’t use it). Mixing in numbers and special characters will improve the passphrase even more.

Rules are for Thee not for Me

Being above the law must be nice. While you and I are prohibited from breaking the state’s decrees the state, in its continuing mission to enforce its decrees, is free to break them. The Federal Bureau of Investigations (FBI) has decided arming violent Mexican drug cartels and creating terrorists wasn’t bad enough so they moved to hosting child pornography:

Following a lengthy investigation, Nebraska-based agents raided the large child pornography service in November hoping to catch users who shared thousands of images showing children being raped, displayed and abused.

The Bureau ran the service for two weeks while attempting to identify more than 5,000 customers, according to a Seattle FBI agent’s statements to the court. Court records indicate the site continued to distribute child pornography online while under FBI control; the Seattle-based special agent, a specialist in online crimes against children, detailed the investigation earlier this month in a statement to the court.

If the FBI raided the service why did they need to continuing hosting the material? The raid should have resulted in the acquisition of financial records and log files which could have been used to pursue the service’s customers. Instead the FBI opted to break the very law it claims to uphold. What people often forget is that laws are for you and me not for the state. When the state breaks its own laws it’s for the great good, when you or I break its laws we’re monsters that must be put into a cage or murdered.

Encrypt Everything: OpenPGP

I firmly believe that all communications should be encrypted. Even if you have nothing to hide you can contribute to the greater good by encrypting your communications. How so? Simple, encrypted communications appear as garbage data to prying eyes that lack the keys necessary to decrypt them. The more encrypted communications flying across the wires the more garbage data prying eyes have to dig through. If all communications were encrypted spies in organizations such as the National Security Agency (NSA) would entirely ineffective.

Tools that enable users to encrypt e-mails have been around for ages but, sadly, few people take advantage of them. In the hopes of alleviating this problem I am going to provide guides to help people get this stuff encrypted. For the first entry in my Encrypt Everything series I’m going to discuss a tool that will allow you to communicate securely over e-mail, OpenPGP.

OpenPGP can be briefly summarized as a software package that allows users to generate public/private key pairs that can be used to securely communicate with other OpenPGP users.

The first question most people are likely to ask is, what the heck is a public/private key pair? Don’t worry, it’s not complicated. Public/private key pairs are used for asymmetric cryptography. Asymmetric cryptography is a fancy way of noting an encryption method that uses two keys, one public and one private. Data encrypted with the private key can only be decrypted with the public key and data encrypted with the public key can only be decrypted with the private key. After generating a public/private key pair you provide your public key to those who want to communicate securely with you. In turn they will provide you with their public key. When they want to send you a secure communication they will encrypt the message with your public key. That message can only be decrypted with your private key, which, as the name implies, is held by only yourself. When you want to reply to the secure communication you encrypt your response with their public key, which can only be decrypted by their private key.

OpenPGP allows you to generate a public/private key pair, encrypt messages with either your private key or another person’s public key, and decrypt messages sent by people who have provided their public key.

An OpenPGP keys looks something like this (which is the public key to blog [at] christopherburg [dot] com):

Version: GnuPG/MacGPG2 v2.0.19 (Darwin)


OpenPGP users can use that gobbledygook to encrypt messages that can only be decrypted by me. Generally people also post their public keys to key servers such as the one provided by the Massachusettes Institute of Technology (MIT) or Canonical, the creators of Ubuntu Linux. If you go to either of those key servers and enter my e-mail address into the search box you will be provided with my published public key.

Many OpenPGP applications can be configured to automatically check key servers for public keys. Later in this series, when I cover specific implementations of OpenPGP, I will explain who an e-mail client can automatically search OpenPGP key servers for public keys associated with e-mail addresses that have send OpenPGP encrypted e-mails. Suffice it to say publishing your public key to a key server makes life easier for other OpenPGP users but there is no requirement to do so (OpenPGP is a decentralized system).

OpenPGP public keys can also be signed by other OpenPGP users. When you sign a public key you are verifying that the person who holds the corresponding private key is who he claims to be. This establishes, what is referred to as, a web of trust. What is a web of trust? A web of trust is a decentralized alternative to the chain of trust system most of us use every day.

When you access this site through its secure connection you receive a public key that has been signed by StartCom. StartCom is a certificate authority, which is an organization that signs Secure Socket Layer (SSL) certificates (certificates used to provide secure connections to websites). StartCom’s public signing key is included in most major web browsers and operating systems so whenever you access a site secured by a certificate signed by StartCom your browser will trust it. By signing the certificate StartCom is verifying that your website is who it claims to be (in my case, blog.christopherburg.com). This system is highly centralized since it relies on a handful of certificate authorities.

Returning to the original question, what is a web of trust, the answer is that a web of trust is a system where individuals sign public keys instead of centralized authorities. If I sign your public key anybody who trusts my public key will see that I trust your public key. A person who trusts my judgement of character will then be more inclined to trust that your public key corresponds to a private key in your possession. This system becomes more effective as more people sign your public key, which is why key signing parties exist (yes, us geeks know how to party). When somebody sees your public key has been signed by several people they personally trust they can be reasonably sure that it is your key.

Now you have a general overview of OpenPGP. In the next installment of my Encrypt Everything series I am going to explain how to use GPGTools to encrypt your e-mails with OpenPGP on OS X (Why am I starting with OS X? Because that’s the operating system I generally use for e-mail. Don’t worry, I will cover other tools as the series progresses).

On Vacation

Today marked the beginning of a short vacation. Since I will be occupied with other matters I won’t be attending to this blog until the conclusion of my vacation. But have no fear, I wrote material for your enjoyment already!

Anyhow, enjoy yourselves.

What Michele Bachmann’s Retirement Means

Since the BBC is covering the story I must assume that everybody in the world is now aware that Michele Bachmann announced that she won’t be seeking reelection to Congress:

“The law limits anyone from serving as president of the United States for more than eight years,” Mrs Bachmann said in an eight-and-a-half minute video posted to her website on Wednesday morning.

“And in my opinion, well, eight years is also long enough for any individual to serve as a representative for a specific congressional district.”

Many members of the Minnesota Democratic Farmer Labor Party (DFL) are jumping for joy because they believe Bachmann’s retirement removes a powerful Republican player from the field. I believe they are incorrect. Bachmann simply said she wasn’t seeking reelection in the 6th congressional district, which means she could still pursue a run for the Senate. I’m doubtful that Bachmann will seek another office simply because I’m guessing her recent announcement has something to do with the recent ethics investigation of her campaign. If her announcement was influenced by dirt dug up by the investigation I can’t see it not also preventing her from making a Senate or governor run.

Even if she doesn’t run for another political office the field has been changed greatly. I’m guessing Bachmann will seek a job as a lobbyist, adviser, or consultant with a major politically connected corporation. What’s worrisome about such a move is that she would actually gain the ability to change things politically. While Bachmann was insane she was also politically impotent, which is a fact seldom considered by political types that hate her. Personally I would rather have Bachmann in a position where should could loudly express her opinions but remained unable to act on them then being in a position where she will likely be quieter but gain the power to influence politicians. The real political power doesn’t lie within Congress, it lies within the lobbyists who buy congressmen.

Most of what I wrote above was speculation but what I’m going to write now is hard fact. The DFL are stoked because they think Bachmann’s exit is a guaranteed victory for Jim Graves, the person who ran against her last election cycle. It’s not. In fact the chances of Graves winning are probably lower now than they were when Bachmann was his leading opponent. To quote Sun Tzu, “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” The DFL knew Bachmann and therefore had a better chance of fighting her. Now they don’t know their enemy. Republicans in the 6th district may elect one of the most charismatic individuals in the area to run against Graves. Instead of having years of Bachmann’s statements to use against her in a campaign the DFL will have to wait until a candidate is elected and dig up dirt on him or her and hope they find something good (especially when you consider the 6th district’s habit of leaning Republican). A powerful player was removed from the field but it is not know if another, potentially more, powerful player will be replace her.

It could be an interesting race if you’re into politics.

The Importance of Anonymity

If you have nothing to hide you have nothing to worry about… until you do. Remaining anonymous, especially in the lawyer loving police state that is America, is crucial if you’re taking direct action to challenge the state. Last Friday the federal government begun its arrests of people involved with the Liberty Reserve:

On Tuesday, federal prosecutors unsealed the indictment of seven men alleged to be involved with Liberty Reserve, one of the world’s most notorious digital currencies. (Liberty Reserve was the preferred payment choice of a booter site used to attack Ars in March of 2013.)

Federal authorities seized LibertyReserve.com and four other related domain names, effectively shutting down the site. The site’s founder, Arthur Budovsky Belanchuk (who apparently renounced his US citizenship in 2011 to become a Costa Rican citizen), was arrested last Friday in Costa Rica.

In a 27-page indictment (PDF), the defendants are charged with money laundering and conspiracy to operate unlicensed money transmitting business. They are ordered to surrender “all property, real and personal” including: “at least $6 billion” and tens of millions of dollars more allegedly contained within bank accounts across Costa Rica, Cyprus, Russia, Hong Kong, Morocco, China, Spain, Latvia, and Australia.

The federal government has a long history of attacking anybody who attempts to challenge the Federal Reserve’s monopoly on currency. The Washington Post asks if Bitcon may be the next target of the state’s aggression. Bitcoin, however, will be much harder to strike against. Why? Because the creator of Bitcoin, Satoshi Nakamoto, isn’t a real person. Satoshi Nakamoto was a pseudonym for the real developer(s). Since the person or persons responsible for Bitcoin can’t be identified the state has nobody to lash out against.

Many people believe they have nothing to hide. I’m sure Mr. Belanchuk believed he had nothing to worry about when he founded Liberty Reserve. There are not statue of limitations when one has affronted the state. While your actions may not be illegal today there is no guarantee that the state won’t move against you tomorrow. Yet the state is not omnipotent, it can only strike against those it can identify. So long as you remain anonymous, as the real person(s) behind the screen name Satoshi Nakamoto did, you are safe from the state’s wrath.

A Marvelous Engineer Mistake

Humans have been building submarines for many decades now. You would think after designing so many functional submarines most manufacturers would be able to get the basics right. As it turns out, not so much:

According to El Pais, the S-81 Isaac Peral — the first of four state-of-the-art new submarines commissioned for the Spanish Navy — is 75 to 100 tons overweight. That may not seem like a lot, considering the submarine’s full weight when submerged is 2,430 tons, but according to engineers at Navantia, the Spanish shipbuilding company responsible for its design, that excess bulk is enough to prevent the Isaac Peral from successfully resurfacing once submerged.

Emphasis mine. On the upside it does 50 percent of what is expected of a submarine!

Air Gaps Offer Better Security

If you have top secret designs for weapons of war perhaps it would be prudent not to place them on remotely accessible servers:

Designs for many of the nation’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared for the Pentagon and to officials from government and the defense industry.

Among more than two dozen major weapons systems whose designs were breached were programs critical to U.S. missile defenses and combat aircraft and ships, according to a previously undisclosed section of a confidential report prepared for Pentagon leaders by the Defense Science Board.

I do hope this information gets made publicly accessible so we can all find out what those secretive defense contractors and the military are up to.

The Police Won’t Protect You, They’ll Use You as a Political Pawn

It’s no secret that the police are under no obligation to protect you but it’s probably not common knowledge that the police use people as political pawns. A police department in Oregon allowed a woman to be sexually assaulted because they were pissy about recent budget cuts:

“Uh, I don’t have anybody to send out there,” the 911 dispatcher told the woman. “You know, obviously, if he comes inside the residence and assaults you, can you ask him to go away? Do you know if he’s intoxicated or anything?”

The woman told the dispatcher that Bellah previously attacked her and left her hospitalized a few weeks prior to the latest incident. The dispatcher stayed on the phone with the woman for more than 10 minutes before the sexual assault took place.

“Once again it’s unfortunate you guys don’t have any law enforcement out there,” the dispatcher said, according to Oregon Public Radio.

The woman responded: “Yeah, it doesn’t matter, if he gets in the house I’m done.”

Police say Bellah choked the woman and sexually assaulted her. He was arrested by Oregon State Police following the incident.

This situation is an example of Washington Monument syndrome. If you haven’t heard of Washington Monument syndrome it’s the name given to the phenomenon where government agencies cut the most visible programs whenever their budgets are cut. This strategy is meant to directly make the lives of people more miserable in the hopes that they protest and demand more funding for whatever agency is cutting the visible program. It appears that the police department in question was pulling such a move when they told her no units could respond.

This story demonstrates another thing, the dangers of centralized security. I’ve discussed the advantages of decentralized security before but the most important point in regards to this story is that decentralized security doesn’t suffer complete failure due to any single component failing. Police not responding may not have resulting in the woman being sexually assault if she had access to a firearm or some of her neighbors had access to a firearm and the legal ability to respond to phone calls for help.

Relying on the state for security results in a complete lack of security, especially when a state agency is pissed off because of budget cuts and decides to throw a temper tantrum instead of coming to the aid of a person in need.

The Next Chapter in the State’s War Against the Homeless

The next chapter in the state’s continuing war against people who have nothing to steal began in Redbridge, London:

Adam Jaskowiak was one of the men targeted and said he pleaded with police to be able to keep his things but was ignored.

He was sleeping with eight other people finding shelter for the night in the former Ilford Baths in High Road, Ilford.

All of their belongings were bundled into a police car leaving the men, one in his 60s, stunned.

A police chief told the Recorder the operation was carried out to “reduce the negative impact of rough sleepers”.

But Mr Jaskowiak, 34, said: “They were just taking the sleeping bags and chucking out everything. I asked to keep it and the food, but they said ‘no’.

Let it be known that the state will not tolerate anybody who provides food to those that are hungry or seeks warmth in a sleeping bag when the have no shelter. One thing is for certain, the state will take whatever you have even if you have nothing more than a little food and a sleeping bag.