Editing 1181: PGP
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 8: | Line 8: | ||
==Explanation== | ==Explanation== | ||
− | {{w|Pretty Good Privacy|PGP}} ( | + | {{w|Pretty Good Privacy|PGP}} (or {{w|GNU_Privacy_Guard|GnuPG}} for the free, open source version) is a program which can be used to encrypt and sign data, including messages sent as emails. It is often used in combination with email software extensions, such as [http://www.enigmail.net/home/index.php Enigmail] (for Thunderbird). Encrypting the message would prevent anybody from reading it if they didn't have the key to decrypt. Signing the message would mean that the message can be verified as unaltered, if the reader was to check the message against the signature. People who use such a program typically only use the feature to sign the message, since encrypting it (which would give you the privacy) requires that the recipient already be a PGP user. Hence the irony here is that nobody actually verifies the "signature" either, but feel secure that the message appears to be signed. |
− | + | PGP or {{w|Pretty Good Privacy}}, uses {{w|Public-key cryptography}}, which is defined in [https://tools.ietf.org/html/rfc4880 RFC4880]. The blob which makes the signature is a binary (clear sign) signature which is encoded into ASCII using {{w|ASCII armor}}. | |
− | The | + | The use of signing software for email is so rare that most people have never seen a signed message. The joke here lies within the approach of ignoring actual privacy guarantees PGP provides, therefore giving a false sense of security. |
+ | |||
+ | This irresponsible approach to security is unfortunately quite common with users and even more so for computer security related topics. When confronted with something strange (like the blob at the bottom) most people simply believe it: If it says it's secure it really has to be - even if it actually isn't. | ||
+ | |||
+ | BTW: You can annoy pretty good any security geek out there with such ignoring behaviour. | ||
==Transcript== | ==Transcript== | ||
Line 18: | Line 22: | ||
:Look for this text at the top | :Look for this text at the top | ||
:[In mail header, light grey.] Reply | :[In mail header, light grey.] Reply | ||
− | + | :-----BEGIN PGP ENCRYPTED MESSAGE----- | |
− | :-----BEGIN PGP | + | :[in mail message, light grey] |
− | :[ | ||
:HASH: SHA256 | :HASH: SHA256 | ||
:Hey, | :Hey, | ||
:First of all, thanks for taking care of | :First of all, thanks for taking care of | ||
− | |||
− | |||
:If it's there, the email is probably fine | :If it's there, the email is probably fine | ||
{{comic discussion}} | {{comic discussion}} | ||
[[Category:Comics with color]] | [[Category:Comics with color]] | ||
− | [[Category: | + | [[Category:Computers]] |
− |