|
Home > Archive > Anonymous Servers > September 2007 > Security and Encryption Faq - Revision 22.6.2 - links
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Security and Encryption Faq - Revision 22.6.2 - links
|
|
|
|
|
|
| Anonymous 2007-09-28, 7:13 am |
| Doctor Who wrote:
> https://www.panta-rhei.eu.org/panta...ndEncryptionFaq
>
> and here: http://birdsofafeather.bravehost.com/DrWho
>
> This is the HTML version.
>
> Also at: http://birdsofafeather.bravehost.com/DrWhoFAQ.txt
>
> This is the signed version in text format that should verify.
>
>
gpg: armor: BEGIN PGP SIGNATURE
gpg: armor header: Version: 6.5.8ckt http://www.ipgpp.com/
:signature packet: algo 1, keyid 64E8797114A606A7
version 3, created 1190421420, md5len 5, sigclass 0x01
digest algo 3, begin of digest 79 e1
data: [2047 bits]
gpg: Signature made Fri 21 Sep 2007 08:37:00 PM EDT using RSA key ID 14A606A7
gpg: using classic trust model
gpg: BAD signature from "Doctor Who <doctor_who@nym.alias.net>"
gpg: textmode signature, digest algorithm RIPEMD160
Apparently the problem has nothing at all to do with any news client.
| |
| Thomas J. Boschloo 2007-09-29, 7:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Anonymous Sender schreef:
> Doctor Who wrote:
[snip]
>
> Doesn't verify.
I tried very hard, but it doesn't verify for me either.
I wrote a little ugly program to count all the characters in the
DrWhoFAQ.txt file but it gives me no clue on why it doesn't work. It is
all 7 bit ascii as le troll suggested (until it made us puke). There are
as many CR as there are LF. No control characters that shouldn't be
there. It just looks good.
Here is my result for the FAQ:
000-> 001-> 002-> 003->
004-> 005-> 006-> 007->
008-> 009-> 18 010-> 2151 011->
012-> 013-> 2151 014-> 015->
016-> 017-> 018-> 019->
020-> 021-> 022-> 023->
024-> 025-> 026-> 027->
028-> 029-> 030-> 031->
032->14975 033-> 12 034-> 76 035-> 35
036-> 037-> 038-> 039-> 17
040-> 89 041-> 88 042-> 9 043-> 13
044-> 434 045-> 121 046-> 1369 047-> 336
048-> 77 049-> 99 050-> 87 051-> 61
052-> 42 053-> 82 054-> 64 055-> 26
056-> 35 057-> 43 058-> 243 059-> 10
060-> 2 061-> 36 062-> 82 063-> 64
064-> 4 065-> 141 066-> 69 067-> 171
068-> 117 069-> 109 070-> 138 071-> 86
072-> 80 073-> 322 074-> 30 075-> 23
076-> 54 077-> 164 078-> 100 079-> 80
080-> 287 081-> 38 082-> 62 083-> 234
084-> 445 085-> 80 086-> 97 087-> 215
088-> 12 089-> 81 090-> 17 091-> 8
092-> 6 093-> 8 094-> 095-> 13
096-> 097-> 4614 098-> 870 099-> 2276
100-> 2088 101-> 7762 102-> 1237 103-> 1038
104-> 2687 105-> 4736 106-> 77 107-> 536
108-> 2720 109-> 1559 110-> 4627 111-> 5668
112-> 1664 113-> 66 114-> 4582 115-> 4549
116-> 5875 117-> 2430 118-> 814 119-> 1346
120-> 289 121-> 1984 122-> 54 123->
124-> 125-> 126-> 6 127->
128-> 129-> 130-> 131->
132-> 133-> 134-> 135->
136-> 137-> 138-> 139->
140-> 141-> 142-> 143->
144-> 145-> 146-> 147->
148-> 149-> 150-> 151->
152-> 153-> 154-> 155->
156-> 157-> 158-> 159->
160-> 161-> 162-> 163->
164-> 165-> 166-> 167->
168-> 169-> 170-> 171->
172-> 173-> 174-> 175->
176-> 177-> 178-> 179->
180-> 181-> 182-> 183->
184-> 185-> 186-> 187->
188-> 189-> 190-> 191->
192-> 193-> 194-> 195->
196-> 197-> 198-> 199->
200-> 201-> 202-> 203->
204-> 205-> 206-> 207->
208-> 209-> 210-> 211->
212-> 213-> 214-> 215->
216-> 217-> 218-> 219->
220-> 221-> 222-> 223->
224-> 225-> 226-> 227->
228-> 229-> 230-> 231->
232-> 233-> 234-> 235->
236-> 237-> 238-> 239->
240-> 241-> 242-> 243->
244-> 245-> 246-> 247->
248-> 249-> 250-> 251->
252-> 253-> 254-> 255->
Downside is, if Doctor Who replaces the FAQ with a new one, the old one
is lost forever :-/ Way to go monsieur le troll ! We did everything you
said and we are further away from a solution than we ever were.
I will do a suggestion to Doctor Who now. Take a file like on your site,
download it and save it on your computer. Then strip off the PGP
signature. Sign it again and put it back up. That is what I did before I
had enigmail to fix things for me :-)
Thomas
- --
A society made of losers
Is a society in which noone will win
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRv6rZQEP2l8iXKAJAQEZngMgmGnHC2m9
FuUwpWbvVS0SgroK6gq2c+WG
zMml56sk1cosQ/B1tgY74Q7+KCLEPi3vJldhv/o4y1fi9jUepssMAYTQbuit6W23
U4NDlwxECuCraTvxaii1nDou/an1fV57IvFm3g==
=gt4b
-----END PGP SIGNATURE-----
| |
| Cyberiade.it Anonymous Remailer 2007-09-29, 7:12 pm |
| In article <46feab64$0$25335$e4fe514c@dreader30.news.xs4all.nl>
"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Anonymous Sender schreef:
> [snip]
>
> I tried very hard, but it doesn't verify for me either.
It verified fine for me, pgp 6.5.8ckt.
| |
| Thomas J. Boschloo 2007-09-29, 7:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Thomas J. Boschloo schreef:
[snip]
> Here is my result for the FAQ:
> 000-> 001-> 002-> 003->
> 004-> 005-> 006-> 007->
> 008-> 009-> 18 010-> 2151 011->
> 012-> 013-> 2151 014-> 015->
> 016-> 017-> 018-> 019->
> 020-> 021-> 022-> 023->
> 024-> 025-> 026-> 027->
> 028-> 029-> 030-> 031->
> 032->14975 033-> 12 034-> 76 035-> 35
I tracked down a bug in my program for a couple of hours, grabbing
manuals and such. To no avail.
The problem I had is that not all 92392 characters were accounted for
but only 26856 :-/
Then it occured to me that the old Turbo C compiler that I used to love
and worship only uses 16 bit integers <G>
Though I would share it ;-) I think it is hilarious <g>
The numbers in my previous post are still ok though. It is not like
there are over 60000 spaces in the document <G> And I did print them as
unsigned ints.
grin,
Thomas
- --
In the land of incompetent coders
Eelbash is king
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRv6/ dwEP2l8iXKAJAQG2rAMfc6VOAIGdKdtilL1QYWyJ
QcGlPxwxaPqQ
iE10/ AW17j5dclAEn0HW0354b9e7iwPzPLfKF9qpAmUuK
RNjfK5smxZ62FZmX/yx
37Xn6cW6Xya7l+g2X9Agyh+IGhsxCO0SBNtT3w==
=0iSq
-----END PGP SIGNATURE-----
| |
| George Orwell 2007-09-29, 7:12 pm |
| Thomas J. Boschloo wrote:
> I wrote a little ugly program to count all the characters in the
> DrWhoFAQ.txt file but it gives me no clue on why it doesn't work. It is
> all 7 bit ascii as le troll suggested (until it made us puke). There are
> as many CR as there are LF. No control characters that shouldn't be
> there. It just looks good.
If you're seeing CR/LF pairs that means you have a copy saved in "DOS
text" format. The ones showing up in Usenet are "Unix text", even when
copied directly from a local news server.
Someone already suggested this as one source of the problem. Who flatly
denied any possibility it could be. Twice. In insulting messages to
a person who *politely* suggested it.
How ironic that someone like you should point that out.
> Downside is, if Doctor Who replaces the FAQ with a new one, the old one
Who said replace, liar?
> is lost forever :-/ Way to go monsieur le troll ! We did everything you
> said and we are further away from a solution than we ever were.
Uh, "we"... "everything"??
YOU haven't done a damned thing but confirm Who is oblivious/lying
about text formats, and redo what someone else already did like you
believe it's some sort of accomplishment. The absence of odd ASCII
after the dash niggle had already been "machine verified" a week ago.
WHO has been given numerous suggestions regarding what might be wrong
with his FAQ text, and several possible solutions. All he's done is
change a single character and whine like a XXXXX about how it's someone
else's problem in messages where he kicks his own XXX with proof that
it isn't. And then nym hop a few times to punctuate that stupidity.
Fact is loon, neither one of you rejects have done a fukin' thing but
prove your immaturity and ignorance with practiced regularity.
> I will do a suggestion to Doctor Who now. Take a file like on your site,
> download it and save it on your computer. Then strip off the PGP
> signature. Sign it again and put it back up. That is what I did before I
Yeah, someone already suggested that one too Einstein.
Fell on deaf ears or empty heads, take your pick. Apparently there's
ample opportunities for that sort of thing in this group.
Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore |anonymous system
Per maggiori informazioni |For more info
https://www.mixmaster.it
| |
| Nomen Nescio 2007-09-29, 7:12 pm |
| Cyberiade.it Anonymous Remailer wrote:
> In article <46feab64$0$25335$e4fe514c@dreader30.news.xs4all.nl>
> "Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
>
> It verified fine for me, pgp 6.5.8ckt.
Did NOT verify for me... pgp 6.5.8ckt/Win98, GnuPG1.4.7/Win98, or
GnuPG1.4.7/Ubuntu7.0.4.
>
>
>
>
>
>
>
| |
| Nomen Nescio 2007-09-29, 7:12 pm |
| Nomen Nescio wrote:
> Cyberiade.it Anonymous Remailer wrote:
>
>
> Did NOT verify for me... pgp 6.5.8ckt/Win98, GnuPG1.4.7/Win98, or
> GnuPG1.4.7/Ubuntu7.0.4.
Just out of curiosity, what's your locale? What language and charset
does your copy of 98 use by default?
| |
| George Orwell 2007-09-30, 1:14 am |
| In article < d9007766b097f82af2294ae60c2fe02d@remaile
r.cyberiade.it>
Cyberiade.it Anonymous Remailer <anonymous@remailer.cyberiade.it> wrote:
>
>
> It verified fine for me, pgp 6.5.8ckt.
Some people can get it to verify with 6.5.8ckt as that
is the program he used to sign it, but no other version
of pgp seems to work and no version of gnupg can verify
it either. I can't even get pgp 6.5.8ckt to verify it.
In contrast, nobody has any problems verifying signatures
on any other post he makes, just the FAQs cause a problem.
The problem is most certainly at his end.
Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore |anonymous system
Per maggiori informazioni |For more info
https://www.mixmaster.it
| |
| Thomas J. Boschloo 2007-09-30, 7:14 am |
| -----BEGIN PGP SIGNED MESSAGE-----
George Orwell schreef:
[snip]
> If you're seeing CR/LF pairs that means you have a copy saved in "DOS
> text" format. The ones showing up in Usenet are "Unix text", even when
> copied directly from a local news server.
And yet again you are wasting our time with useless suggestions. From
the PGP 2 manual:
####
The configuration parameter TEXTMODE is equivalent to the -t command
line option. If enabled, it causes PGP to assume the plaintext is a
text file, not a binary file, and converts it to "canonical text"
before encrypting it. Canonical text has a carriage return and a
linefeed at the end of each line of text.
This mode will be automatically turned off if PGP detects that the
plaintext file contains what it thinks is non-text binary data. If
you intend to use PGP primarily for E-mail purposes, you should turn
TEXTMODE=ON.
####
Since clearsigning is always in textmode, the things you are suggesting
here can only be interpreted as trying to spread confusion in this
group, maybe even to the point of it being Fear, Uncertainty and Doubt.
But I will give you this one.
You ARE the group expert on newline characters. If only you used that
knowledge to sign your own post but I bet you would end up with
something like this:
http://www.cotse.net/users/bluejay/...27s-undoing.txt
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRv+KMwEP2l8iXKAJAQEiUQMeIy4Q7Vq+
lPHvAyvhm7NkLxvKQfu6UufN
CfGxHmscDd1f6CQEr7wDWLeWzF8SER99A+m0Xn+K
/xK1OjbCU4fJlmHny2FxCBiz
5fbOQRtEFbyWYHusJK7PFcizeWZCht34wU2N1Q==
=F9Op
-----END PGP SIGNATURE-----
| |
| Borked Pseudo Mailed 2007-09-30, 7:11 pm |
| Thomas J. Boschloo wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> George Orwell schreef:
> [snip]
>
> And yet again you are wasting our time with useless suggestions. From
> the PGP 2 manual:
Hardly a waste of time since you've now also pointed teh fact that
there's a discrepency in various copies of Doc's FAQ. As it's posted to
Usenet and most other places it doesn't contain CR/LF pairs, which
suggests he's NOT signing with the textmode option enabled as per your
cite.
Fact is, this is another one of those "common problems" people have
been telling you Doc about for weeks now. One more potential
point of failure Doc should be looking into rather than whining about
when people like you bring them up. 
> Since clearsigning is always in textmode, the things you are
No, clear signing is not always in textmode. Go back and read your own
cite again dummy.
Maybe you should Google "PGP textmode incompatability" too. You'll
find that textmode is an issue with all versions of PGP <8.0 I believe.
They're simply not OpenPGP compliant. Nonstandard and consequently
broken, as has been pointed out by several people in addition to the
specific possibility that this is a line ending problem.
> suggesting here can only be interpreted as trying to spread confusion
> in this group, maybe even to the point of it being Fear, Uncertainty
> and Doubt.
At least you got "FUD" right. More than Doc can manage, I'll give you
that. But of course there's really no FUD here, we're re-hashing old
ground and old documented problems. Things your friend the Doctor has
arrogantly dismissed already without a bit of intelligent
consideration. In stark contrast to his oft repeated rhetoric about
accuracy and being receptive to advice.
> But I will give you this one.
> You ARE the group expert on newline characters. If only you used that
> knowledge to sign your own post but I bet you would end up with
> something like this:
> http://www.cotse.net/users/bluejay/...27s-undoing.txt
Still seeing frogs everywhere?
How sad. 
|
|
|
|
|