Category Archives: GnuPG

One step forward, two steps back

According to the powers that be end-to-end encryption as we know it might be one of those things like the prosperity of the 1990’s that we can only reminisce about in the near future. Now as, always the most secure way to transit messages over a secure channel (i.e. any sort of online service, even one which implements end-to-end encryption is to handle encryption yourself.) For those of you that use Mac OS X, there’s not a better, simpler way to do it than NouveauPG.

NouveauPG is a mature product that has been out for many years and is compatible with virtually all other PGP software on the market the one caveat (and I cannot stress this enough) you can not import private keys from another PGP program. There are really good reasons for doing so, not to get technical but PGP has been around since 1993. I’m not even young and I was in grade school back then. AES, the gold standard for symmetric encryption was not even invented back then! The patent for RSA didn’t expire until 1991. Most existing implementations are still under coded under the assumption that memory is far, far more expensive than it is now.

I’m planning a promotion in honor of this current attention given to crypto (I remember this came up in the Bill Clinton administration!) Stay tuned!

DSA keys deprecating/ELIMINATING DSA keys in in openssl 7.0

You don’t have to take my word for it, but when I was begin developing NouveauPG years ago I found that, 1.) DSA is just hours of testing debugging, etc. with little return on invest. Don’t get this twisted, this was never designed to make me a millionaire but I thought is was something that should exist. We’re only here for a short time and we really have to think beyond the fleeting riches which so many in the current tech industry base their self worth. Just sort of proud that I saw that coming years ago. ­čÖé

Compiling and Installing GnuPG Classic v1.4.20 on Mac OS X

xcode-select For older versions of Mac OS X, the procedure outlined here may work. 2.) Download the source code archive for GnuPG v1.4.20 here and the signature here. The signature is a text file that we will use to verify the source code archive. 3.) Decompress and extract the source code archive.

bzip2 -d gnupg-1.4.20.tar.bz2 tar -xvf gnupg-1.4.20.tar
4.) From the source code directory, run the configure script to make sure your command line tools are installed.
cd gnupg-1.4.20 ./configure
5.) Assuming there are no errors, from the same directory run make to compile gnupg. At this point, if everything went correctly, you should find the gpg executable in the g10 subfolder. 6.) If you wish to install GnuPG 1.4.20 as your default gpg:
sudo make install
You must uninstall other versions of gpg (including those installed by other software packages) before installing.]]>