Messenger: Delta Chat
Obwohl es mehr als genug Messenger gibt, überzeugt Delta Chat durch Benutzerfreundlichkeit und erprobte Technik.
Made a few updates and released a new version of #calliope , a #bash script based utility to write a journal using #LaTeX. Since it's #LaTeX based, you can pretty much add whatever you wish to your journal---images, other PDFs, beautiful maths, and of course, you can customise it as you wish to suit your needs. It's all managed by #Git and if you'd like you can encrypt your journal entries using #gpg
Check it out on #GitHub : https://github.com/sanjayankur31/calliope
For years now I’ve had a bit of a bee under my cap: would it be possible to unlock a Vault file with a GnuPG-compatible smart card? And what if the smart card were local and the unlocking had to be triggered remotely?
Forwarding GnuPG agent over SSH
https://jpmens.net/2025/04/04/forwarding-gnupg-agent-over-ssh/
Edit: I have amended the sentence regarding distinct machines. Works fine on two different Linux boxes.
@Xeniax Totally nerdsniped :D I'd love to be a part of the study.
I don't think that #KeyServers are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at https://keys.openpgp.org/about . More generally, I believe that #PGP / #GPG / #OpenPGP retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like #Matrix, #SignalMessenger) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the #KeyOxide project).
Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: https://crypto.stackexchange.com/questions/9268/is-asynchronous-perfect-forward-secrecy-possible).
To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with #PKI leaves me green with envy.
“Unless you are using #GPG, email is not end-to-end encrypted, & the contents of a message can be intercepted & read at many points, including on Google’s email servers,” said Eva Galperin, director of #cybersecurity at the Electronic Frontier Foundation.
#NationalSecurity experts have expressed alarm over the #Trump admin’s denial that the leaked #Signal chat contained #classified information.
#porkbun has #email with @protonprivacy, really affordably. So I switched my business mail to that, and I have it all setup in #emacs! :D @daviwil is a goddamned treasure. I would not be able to setup my workflow this well without Systems Crafters! I'm happy! I feel so #secure and #cozy, and I can do #gpg for a little extra. Just don't let crazy Christians on my e-mail chains. I don't want to pull a Hegseth.
#GitHub "enterprise" has some very weird properties:
* commits made with my email address not from the organization are not counted in statistics (oh how I despise these stats...)
* my #gpg signed commits are shown as unverified even though gh has my public key on my personal profile
* I can not add my public key nor my well known email address to my enterprise profile
All of this "enterprise"-junk just puts me off. No, #GitHub is not #git.
#Gwit est un protocole de publication de contenus textuels (sites, documentation, etc) simplissime, pensé pour fonctionner essentiellement hors-ligne. Il est basé sur #Git et #PGP. Il permet de repartager des sites (même hors ligne) sans risque que le contenu ait été modifié
Pour le moment, seuls deux sites existent à ma connaissance ^^. Mais n'importe quel site statique léger peut facilement être "hébergé" sur Gwit.
gwit : https://sr.ht/~ivilata/gwit/
1/2
07.03.2025: GnuPG announces release of 2.5.5 for public testing, finalized PQC algorithms are supported.
Source: https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html
11.03.2025: NIST selects HQC as fifth algorithm for post-quantum encryption.
Source: https://www.nist.gov/news-events/news/2025/03/nist-selects-hqc-fifth-algorithm-post-quantum-encryption
PQC: https://wikipedia.org/wiki/Post-quantum_cryptography
GnuPG: https://mastodon.online/@blueghost/111974048270035570
Harvest now, decrypt later: https://mastodon.online/@blueghost/111357939714657018
admin email public key #GPG
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZ9LrwxYJKwYBBAHaRw8BAQdAR0WzceV3yBHwzyj0bgA4HxO5GXFjawU0+pfC
bbT2fD60L0J5emFudGluZSBOZXh1cyBBZG1pbiA8YWRtaW5AYnl6YW50aW5lbmV4
dXMuaW8+iJkEExYKAEEWIQTgTgBQhrPwCwUm6F+1hI+KU0bXdAUCZ9LrwwIbAwUJ
BaUBPQULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRC1hI+KU0bXdIneAP0c
o0oLZOm61kn/CTdB2Yzq70oJbY8MGSBiBS2UiAwQ9QEA5L68kYOr+C2m9pxUhzCa
So+MO3NTBhai2hfDyrw2LQq4OARn0uvDEgorBgEEAZdVAQUBAQdAn0f8K1jCFlXj
G7q1dJ1gmjJbslyxROW5epwul+lUOx8DAQgHiH4EGBYKACYWIQTgTgBQhrPwCwUm
6F+1hI+KU0bXdAUCZ9LrwwIbDAUJBaUBPQAKCRC1hI+KU0bXdMwIAP94/es2lb+1
6SXryet+HOmpY+U41/v9o8aLF7KAhCIA6QD/cGDfdFBBg1mEWEZdI+7tCEieaAgS
0qrnFZJeDgt/7AA=
=y1x/
-----END PGP PUBLIC KEY BLOCK-----
The gender pay gap at the top: the role of networks https://d.repec.org/n?u=RePEc:ptu:wpaper:w202423&r=&r=soc
"…female top managers in Portugal earn 25% less than their male counterparts, even after controlling for factors such as age, education, and tenure.
… introducing new metrics for #network size and gender composition based on managers’ past interactions, … networks account for 20% of this pay gap, primarily through firm #sorting, as networks enable access to higher-paying firms. Focusing on episodes of transitions between firms, we estimate a pay gap of around 22%, indicating that most of the gender pay gap originates during the #hiring process.… one-third of the gap is explained by differences in networks. The #networkEffect works through two channels: by facilitating access to higher-paying firms (70% of the effect) and by enhancing #bargainingPower during salary negotiations in the new firm (30%).
#wages #gpg #LaborMarkets
Has anyone here on #fedi figured out the correct recipe for dealing with #OpenPGP, #DMARC and #mailman ?
The problem, by default mailman will modify messages and this will break the dkim signature.
https://gitlab.com/mailman/mailman/-/issues/1079
Mailman provides two DMARC mitigation options (other option is reject or discard which is not useful in this case).
1. Replace the from address with list address
2. Wrap original message in an envelope
thunderbird flags 1 and fails 2.
#askfedi #gnupg #gpg #thunderbird
Does the Gender Wage Gap Actually Reflect Taste Discrimination Against Women? https://d.repec.org/n?u=RePEc:nbr:nberwo:33405&r=&r=lab
"… misogyny is an economically meaningful and statistically significant predictor of the wage gap
… test more explicit implications of taste discrimination. The data are inconsistent with the Becker taste discrimination model
But the data are consistent with the effects of taste discrimination against women in search models, in which #discrimination on the part of even a small group of misogynists can result in a wage gap."
#gpg #wages
I made a guide, it's clumsy and sloppy but it's something.
This is for setting up GPG on Android for people who need secure communication that can't be shut down and doesn't rely on government services, especially trackable services.
foggyminds.com/extra/OpenKeyCh…
Tagging trans community because I think we need these networks for when things get worse.
Dringend nötig für die ganzen Telegram- und Insta-Fans in #Bremen 
IT-Sicherheit für #Aktivisti: Eine umfassende Einführung
Samstag, 01.03. 12:00-18:30, Infoladen Bremen
https://fomobremen.info/events/fffd9f3e-e864-4e5a-b7dc-d5487eed992a
To those still concerned with #Proton #ProtonMail: I've been trying out Lacre (https://lacre.io), which encrypts incoming #email with your #GPG key, on #Disroot. So far it has worked fairly well! If you have an account with them, see https://disroot.org/en/blog/disnews-24.11 for enrollment, though the admin had a backlog when I requested it... And if you don't, consider trying it out! (Custom domains are available: https://disroot.org/en/perks, which I have for my main email right now.)
@jbz what I'd like to know is if I can run #ArcaOS in a VM or get a container version. I tried installing #eComStation from CD's in #VirtualBox, based on someone's video, but utterly failed.
All I really want to do is run an old version of #PGP so I can extract my keys and use them as the basis for new #GPG keys. Apparently GPG's backward compatibility only goes so far 
#TIL
Man kann den #passwortmanager #pass von https://www.passwordstore.org/ tatsächlich in knapp einer Stunde auch auf Windows zum Laufen bekommen (KAF = kids acceptance factor). Man braucht nur noch #gpg und #git und dann kann es auch schon losgehen:
https://github.com/mbos/Pass4Win#readme + https://www.gpg4win.de/download-de.html
Das Kind ist total happy, dass es die Passworte nun nicht mehr nur auf dem #iphone #ios hat 
Das andere hat sich für die "Passwörter" #app auf #ios entschieden. Mal sehen wie lange noch 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Good afternoon, folks! Just a quick reminder: PGP isn't dead. Sign with pride!
Signed with my GPG key: 1BBD C23D 1853 255D 6415 D2EC 814E DF85 1AAB 370E
#OpenPGP #GPG #Cybersecurity #Tech #DigitalIdentity #SignYourCode
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQTHaQ+iFRwfaXx+TxhjUbpCCVDiNAUCZ7cd5gAKCRBjUbpCCVDi
NOZSAPoDPFoZXKuxya98iY6nAV6hzgOghpqF/OtOVSW4qtEdMQEA3x/jqaD4R9vo
qi89wA4Hsd4KeqwTSQxKDECesI+W8QU=
=3gty
-----END PGP SIGNATURE-----
| wörk 
