Hello

On my Netbook (WinXP-Sp3,32bit) I use The Bat! 1.62r with PgP 6.5.1
int.

Which Components/Programs must I have to import my PgP-Keys for
Thunderbird 52.9.1 ?

THX

--
Man muß zwar nicht ausgesprochen dumm sein, um hier zu posten,
aber es erleichtert die Sache ungemein.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 21 Sep 2021 14:08:01 -0400, Martina <martina.nospam@chello.at> wrote:

Hello

On my Netbook (WinXP-Sp3,32bit) I use The Bat! 1.62r with PgP 6.5.1
int.

Which Components/Programs must I have to import my PgP-Keys for
Thunderbird 52.9.1 ?

Are you sure it's 52.9.1? That's a very old version missing many security fixes.

Versions prior to 78 (which switched to using openpgp instead of pgp) required a
separate addon called enigmail.

Based on https://addons.thunderbird.net/en-US/thunderbird/addon/enigmail/versions/
for 52.9.1, it requires https://addons.thunderbird.net/en-US/thunderbird/addon/enigmail/versions/2.0.8

Regards, Dave Hodgins

--
Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
email replies.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

David W. Hodgins wrote on 21.09.2021 :

Are you sure it's 52.9.1? That's a very old version missing many security fixes.

Yes, that's correct.
My version of Thunderbird can't update to a newer version.

Based on https://addons.thunderbird.net/en-US/thunderbird/addon/enigmail/versions/
for 52.9.1, it requires https://addons.thunderbird.net/en-US/thunderbird/addon/enigmail/versions/2.0.8

I've downloaded the 2.0.8 version yet and Thunderbird accepted it.
Thanks so much.

cu

--
Man muß zwar nicht ausgesprochen dumm sein, um hier zu posten,
aber es erleichtert die Sache ungemein.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/21/21 11:08 AM, Martina wrote:

Hello

On my Netbook (WinXP-Sp3,32bit) I use The Bat! 1.62r with PgP 6.5.1 int.

Which Components/Programs must I have to import my PgP-Keys for
Thunderbird 52.9.1 ?

THX

If you're using a 20+ year-old version of PGP then you don't give a shit
about your security.

Good God man... That's two fucking decades of missed improvements,
bug-fixes, and RNG refinement.

Old versions of PGP may not be publicly broken, but governments and bad
guys have had twenty years to figure out if there is something wrong
with those old implementations. They don't tell us when they find bad
crypto. They keep that information all to themselves.

Sheesh.....

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Johann Beretta wrote:

If you're using a 20+ year-old version of PGP then you don't give a shit about your security.

Thanks for being insulting.

Good God man... That's two fucking decades of missed improvements,
bug-fixes, and RNG refinement.

<unnecessary profanity filter applied>

Point taken, but...

Old versions of PGP may not be publicly broken, but governments and bad
guys have had twenty years to figure out if there is something wrong
with those old implementations. They don't tell us when they find bad crypto. They keep that information all to themselves.

So, what you're saying is that it doesn't matter, the bad guys (aka three-letter agencies) know everything and keep it all to themselves.

You *do* realize, don't you, that the latter statement completely
invalidates the former, right?

Sheesh, yourself. The fact remains, PGP is completely impervious to any
sort of meaningful attack unless you're a three-letter agency, in which
case it won't matter anyway, because they won't bother to even try to
decrypt your stuff, they'll just get it by other means. Despite the FBI
and DHS and all thise alphabet-soup agencies ballyhooing about "we can't
read terrorists messages", the fact remains that NOT ONE investigation
has been stymied by their lack of being able to decrypt some bad guys' messages.

Go look it up, you'll find out that it's true. The screaming and
hand-waving about "strong crypto being in the hands of terrorists" is
just a smoke screen.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/8/21 21:00, Crypto God wrote:

So, what you're saying is that it doesn't matter, the bad guys (aka three-letter agencies) know everything and keep it all to themselves.

No. That's not what I'm saying. I'm saying that it applies to OLD
software. Newer versions of PGP or GNUPG have had bug fixes, new ciphers
added, old ciphers removed. The code-base is constantly being examined,
if only to fix bugs and add/remove features. People have a much greater opportunity to find issues with code that is relatively modern and
actually being worked on. NOBODY is poking around Imad's old source
code. Why the hell would they?

You *do* realize, don't you, that the latter statement completely
invalidates the former, right?

Baloney.

Sheesh, yourself. The fact remains, PGP is completely impervious to any
sort of meaningful attack unless you're a three-letter agency, in which
case it won't matter anyway, because they won't bother to even try to
decrypt your stuff, they'll just get it by other means.

Bullcrap. Does Imad's version support RSA? You know RSA is breakable
by anyone with a couple hundred bucks and some Amazon VMs right? Maybe
not even a hundred bucks. What year was it that we learned RSA had been
in bed with the NSA the whole damn time?

Oh yeah.. 2014. TWELVE YEARS after Imad released his software. https://www.reuters.com/article/us-usa-security-nsa-rsa-idUSBREA2U0TY20140331

Who knows what he's talking about and who doesn't? Me and You and that
order.

PGP of THEN is breakable by ANYONE today if the software chooses (or is
told - via Key Preferences - Supported Ciphers) to use the RSA
algorithm. PGP doesn't have time travel capabilities. You know this
right? So while MODERN PGP may be perfectly secure, ANCIENT PGP is NOT.
It will happily encrypt your shit with encryption that's as flimsy as
toilet paper.

Despite the FBI
and DHS and all thise alphabet-soup agencies ballyhooing about "we can't
read terrorists messages", the fact remains that NOT ONE investigation
has been stymied by their lack of being able to decrypt some bad guys' messages.

Go look it up, you'll find out that it's true. The screaming and
hand-waving about "strong crypto being in the hands of terrorists" is
just a smoke screen.

You are so naive. Using the same tactics as the government, I could
decrypt anything you've ever encrypted and you'd fall all over yourself
to give me the key. I'd simply start beating or maybe castrating you
until you told me the password. Everyone has a limit.

You don't think maybe that's how they get that information? The
algorithms in -CURRENT- GNUPG and PGP are MATHEMATICALLY secure. Sure,
there might be some flaws that we don't know about.. But that's only a
guess. 100% speculation. We KNOW, as fact, that the government uses
torture. That all came out during the Abu Ghraib (spelling?) fiasco.
Oh, sure, they promised they'd stop and/or only use it on legitimate terrorists. And if you believe that, I've got a bridge to sell you.

Keep using your shitty software. You're not interested in learning
anything. You're too busy mocking someone who was slightly colorful when replying. I gave you the main points though. You simply discard them
and go off your moronic internal conspiracy theory monologue.

Awesome tactic.

So yeah man.. Keep using 20 year old software with an algorithm that was developed by a company that has SINCE ADMITTED it fucked with the code
at the request of the NSA.

How you manage to keep a straight face when claiming PGP has no known weaknesses is fucking mind-boggling.

If you're using a 20+ year-old version of PGP then you don't give a shit about your security.

My true statement. You cannot possibly give a shit about security if
you're willing to forego 20 years of bug fixes, refinements,
improvements, additions, removals, and enhancements to everything from
ciphers to the RNG.

Good God man... That's two fucking decades of missed improvements, bug-fixes, and RNG refinement.

My other true statement. I hope you're at least being consistent with
your love of ancient computing and running his old-ass software on a
Windows XP machine. Maybe you can then tell us how secure that OS is.....

If you look at both of those statements, neither is a personal attack. A statement.. An opinion.... An observation. Grow a thicker skin
snowflake. Not everyone is gonna talk to you like they want to be your
bestie.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)