Gatekeeping has to come back…there will be a shift back from the infinite culture of the internet to something more finite – because that’s where value is created.
Since “gatekeeping” ie. PERSON-TO-PERSON (P2P) RELATIONSHIPS are de riguere again,i let’s revisit a timeless and only-too-relevantii Contravex article from 2014:
Please To PGP (Guide for Linux, OS X, Windows)
PGPiii is the Bitcoin standardiv in encrypted communication.
Why? Because, unlike basically everything else out there,v it uses cryptography that actually works and it lends itself naturally to a built-in reputation system called the Web of Trust (WoT). The authority on the matter, Mircea Popescu, has even gone so far as to say:
As long as you use PGP, you’re an individual, and can be interacted with as such. As long as you use anything else, including nothing at all, you’re not, and whatever you may like to think or claim, can never actually be interacted with as an individual, except if you live in a 1900s reenaction camp where the internet doesn’t exist.
Suffice to say that, more than just being incredibly fucking important, PGP is sine qua non for extracting oneself from the clutches of socialistoids.
PGP isn’t tamper-proof, but with a bit of due diligence, it’s a darned sight better than whatever else you’re currently using. PGP isn’t competing with perfect, no matter what the hatchetards say, it’s competing with everything else out there. PGP is simply the best thing going.
PGP’s strength is derived from its use of asymmetric cryptography to create public keys (pubkeys) and private keys (privkeys) to ensure that only the intended recipient can open your messages. Fundamentally, PGP works just like old fashioned postal mail.
Just as with snail mail, if I want to send you a message, I address it to your mailbox so that only you can open it, then drop it in the postbox for the mailman to deliver. Once you’ve received it in your mailbox, you open the box, and thence the message, with your key. If you want to send me a reply, you’ll address it to my mailbox, which I can then open with my key. And back and forth we go.
Now re-read the preceding paragraph with the following substitutions:
s/mailbox/pubkey
s/mailman/e-mailman
s/key/privkey
…and you’ve got a pretty good idea of where we’re going with PGP. This isn’t only powerful because it’s secure when used properly, it’s also powerful because it removes geography from the communication equation, and therefore perfectly complements Bitcoin’s removal of geography from the wealth equation.
So where do you start?
If you’re a Windows user, you don’t start. You stop. Now. Find something better, like, yesterday. Since you still maintain delusions of digital security, the rest of this PGP Guide will be directed at everyone else. Please to return when you’ve fixed your cranial haemorrhage.
___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___
Getting Started: Mac OS X ≥10.6 Users:
1. Download the GPGTools Suite from https://gpgtools.org.
2. Open the downloaded file.vi
3. During the installation, uncheck the GPGMail box.
4. Once installation is complete, open the new GPG Keychain app.
5. Create a new 4,096 bit keypair (under “Advanced Options”) tied to the e-mail address you intend to use for the next 5 years.
6. Enter a secure passphrase. It’s recommended that you use dice to generate this, as you would for a Bitcoin paper wallet.
7. Do some unrelated work while the key generates.
8. Voila! You now have a GPG keypair!
9. Click Key –> Send public key to Keyserver
10. Click Key –> Generate Revoke Certificatevii
For e-mail purposes, if you don’t want to use the command line functions in Terminal (on which more is found below) to sign, encrypt, and decrypt messages, you can download the Thunderbird e-mail client and install the add-on Enigmail (v1.6 or earlier).viii
___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___
Getting Started: Mac OS X 10.2-10.6/Linux/Command Line Users:ix
1. Download GnuPG 1.4 from https://www.gnupg.org/download/
2. Install using package manager.x
3. Install program.
4. Open command line application (Terminal for Mac)
5. Type “gpg –gen-key [enter]”
6. Follow the prompts to create a new 4,096 bit RSA keypair tied to the e-mail address you intend to use for the next 5 years.
7. Enter a secure passphrase. It’s recommended that you use dice to generate this, as you would for a Bitcoin paper wallet.
8. Do some unrelated work while the key generates.
9. Voila! You now have a GPG keypair!
10. Type “gpg –keyserver keys.gnupg.net –send-key your@email.com [enter]” to upload your key to the keyserver
11. Type “gpg –gen-revoke [enter]” to create a revocation certificate.
___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___
PGP In Praxis: Command Line Users:xi
1. To encrypt plaintext file “message.txt” as cyphertextxii file “message.txt.gpg” for recipient “your@friend.org” :
gpg –output [message.txt.gpg] –encrypt –recipient [your@friend.org] [message.txt]
2. To sign and encrypt plaintext file “message.txt” as .gpg cyphertext file “message.txt.gpg” for recipient “your@friend.org” :
gpg –output [message.txt.gpg] –encrypt –sign –recipient [your@friend.org]
3. To clearsign and encrypt plaintext file “message.txt” as .asc cyphertext file “message.txt.asc” for recipient “your@friend.org” :
gpg –output [message.txt.gpg] –encrypt –clearsign –recipient [your@friend.org]
4. To decrypt cyphertext file “message.txt.gpg” :
gpg –output [message.txt] –decrypt [message.txt.gpg]
5. To import someone else’s public key that you’ve downloaded:
gpg –import [keyfile.asc]
6. To verify a signature:
gpg –verify [message.sig]
7. To generate a short list of numbers that you can use as an alternative method to verify a public key:
gpg –fingerprint
8. To export your private key as private.key :xiii
gpg –export-secret-key -a [your privkey]
9. To import your private key:
gpg –allow-secret-key-import –import private.key
10. To add the public key of someone for whom you have a Key ID (fingerprint) but don’t have their public key block:
gpg –recv-keys [Key ID]
___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___
Well done, you’re that much closer to becoming an individual, which is to say, a gatekeeper.
- As if they ever went away but okay we’ll give W. David Marx (via Jiggy) the benefit of the doubt. Of course, CryptoArt is also still waiting for its Gagosian so he’s not wrong! ↩
- I know sometimes it’s like drinking from a firehose here, but you just gotta open your throat, rookie.
- OpenPGP is the standard and GPG is the GNU (a Unix-like OS) implementation built thereupon. For better or worse, I use these terms interchangeably.↩
- What gold standard?↩
- The default assumption is that everything else out there is NSA-sponsored or otherwise USG-vulnerable. This heuristic has served us very well thus far.↩
- After confirming the SHA256 checksum and verifying the GPG Signature, of course! For more on how and why you should verify signatures and checksums, see the Tor Project article on the subject.↩
- This is used to notify others that your key has been lost, stolen, or otherwise compromised. Save this file to a USB key and store it in a secure place.↩
- For other PGP uses, the GPGTools Suite also includes “GPG Services,” which allow you to right-click or use keyboard hotkeys to sign/encrypt/decrypt messages. This can be turned on under System Preferences –> Keyboard –> Services and checking the OpenPGP boxes. ↩
- N.B. All commands start with “gpg” and are followed by two dashes then the instructions. It just looks like one dash with this font…↩
- After confirming the checksums and checking the provided GPG Signature. See footnote iv.↩
- This should be all of you. It’s a muscle, this, and needs to be worked out as such.↩
- The gibberish-looking stuff that only your intended recipient can decode. Once you’ve encrypted a message with someone else’s pubkey, not even you can re-open it since you don’t have the privkey.↩
- Have a back-up in a secure location.↩