canon] There should be no assumption of privacy using any internet-based communicatoin system (instant message, email, forums, etc) unless you have previously encrypted your message in such a way that only the intended receiving party could decrypt it. If you believe otherwise, well, I feel sorry for you.

That unless isn't really an "unless". You can take *some* comfort in the fact that you've encrypted your data... but that sure as hell doesn't mean that it will 100% stop some errant individual who wants it.

If I encrypt something using GPG, my private key, and Spurty's public key, there is no way in hell you, Canon, or anyone else is going to be able to read my message. Period.

A special message for Canon:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.4 (Darwin)

hQIOA7rFuisbGjuSEAf/YS6K7aJ7YAWPQ21GcioCpsEdBRvHwTdZdHJ+5907bqmC
aWLSxTQg0LDfv1ZB/5w6Bca3n8qv15iATruaYKI8oOMehck14LJd0pqopd3Hf0vA
5zkvU0sKA7dk+fj+LTrsGKb1ukxrAQMksBn4riMss1Eths77a4 M/wv+dh7cGiPxF
M8KY7nkxaLC9uAEnJlDTjb1+NrMuWceoEy+TupVKMyicS3hRZM apFrtZEc3C5oM8
FbPlQIRgJXwx2LQFwLAA2ntYRCLW/CZyYsoDzs4v6td65f/4bs5temRgqoUBJLpw
TX1MJNYV37kFV2KAvkeMIvkFVEUXlTNZh4g3qnS8YAf9E10EH3 idF8uOgX3Mcc8W
ltd/My5Z0LsIOiaaAktb26T08HLKQGU3RhWTas3s4I9cb1x2Vt5AsQ Cm+iz5iUT4
sGmnPQYOpnAXpsPqapuFtr/lva1fSRSz9WdxkaeiF9vJy56rjF2yRdS9MUJxuFyU
GllfR21B/5bgBfo0LdduWdbzB5Rw64aAQwpZj6xxLEk2fYUG+Wv9EQIRrkZ Bkr56
++VyE4+3jgHv8bprWGgBsUQlU2hwQEaNJhZVC1ZwOY5JzrlFIN HkOxC/oBeunn6d
FdqdFgv3scQ/QxZr/bmBhKAekqc66sSrWXN8N9v5eemvSO4iw0FXOFyA+iWbRvAu
HtJlAVfEaMD426ilJAF3jhfnTnKoNPYaaPMbeUM2NchD27Lsg3 BOhy0JNZlS3Ac1
IXhTEmb/i4/UHRDHKSVccGJNeceTMdFXgqSKP33qTmLFEvE92o4iW0X7fsAL8 +U0
+5KHt/nRdUM=
=ZHXz
-----END PGP MESSAGE-----

A special message for Canon:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.4 (Darwin)

stfu canon or i'll pwn joo.

-----END PGP MESSAGE-----

thats a bit harsh.
lol

:o

A special message for Canon:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.4 (Darwin)

hQIOA7rFuisbGjuSEAf/YS6K7aJ7YAWPQ21GcioCpsEdBRvHwTdZdHJ+5907bqmC
aWLSxTQg0LDfv1ZB/5w6Bca3n8qv15iATruaYKI8oOMehck14LJd0pqopd3Hf0vA
5zkvU0sKA7dk+fj+LTrsGKb1ukxrAQMksBn4riMss1Eths77a4 M/wv+dh7cGiPxF
M8KY7nkxaLC9uAEnJlDTjb1+NrMuWceoEy+TupVKMyicS3hRZM apFrtZEc3C5oM8
FbPlQIRgJXwx2LQFwLAA2ntYRCLW/CZyYsoDzs4v6td65f/4bs5temRgqoUBJLpw
TX1MJNYV37kFV2KAvkeMIvkFVEUXlTNZh4g3qnS8YAf9E10EH3 idF8uOgX3Mcc8W
ltd/My5Z0LsIOiaaAktb26T08HLKQGU3RhWTas3s4I9cb1x2Vt5AsQ Cm+iz5iUT4
sGmnPQYOpnAXpsPqapuFtr/lva1fSRSz9WdxkaeiF9vJy56rjF2yRdS9MUJxuFyU
GllfR21B/5bgBfo0LdduWdbzB5Rw64aAQwpZj6xxLEk2fYUG+Wv9EQIRrkZ Bkr56
++VyE4+3jgHv8bprWGgBsUQlU2hwQEaNJhZVC1ZwOY5JzrlFIN HkOxC/oBeunn6d
FdqdFgv3scQ/QxZr/bmBhKAekqc66sSrWXN8N9v5eemvSO4iw0FXOFyA+iWbRvAu
HtJlAVfEaMD426ilJAF3jhfnTnKoNPYaaPMbeUM2NchD27Lsg3 BOhy0JNZlS3Ac1
IXhTEmb/i4/UHRDHKSVccGJNeceTMdFXgqSKP33qTmLFEvE92o4iW0X7fsAL8 +U0
+5KHt/nRdUM=
=ZHXz
-----END PGP MESSAGE-----

How did you send them the key in the first place? Did you write it down for them or send it digitally? Did you use a common encryption method?

ok... if its like SSH there is a public and private half to each key...

then id send you my public half, and youd send me your public half. id encrypt the message with my PRIVATE half and your PUBLIC half...

Do i understand this right?

ok, we are digressing here (quell surprise) and I really am happy to have found that some of you who have gone before giving me real feedback so I can steer clear of some bad obstacles.

I'll take this advice to with me (thanks Darien/Kamie). Kamie, I agree with the idea of keeping the kids off the net till they are over 10 and I see little to make them want to go there.

I do however wonder what the future holds with regards to adictions .. they might be going there (Internet) to watch their favorite cartoons (Stong Bad for example) so I want to know what rules I should lay down for them (for their safety and my mental health).

I think I'll just make sure the atmosphere is ripe for them to ask me questions by answering them as fully as acceptable for their ages.

Must find a good way to let them know they can confide in me. I love my wife, but I wonder how she'll deal with news (/me looks to Mother in law and whinces) in 10/15 years time from our kids? Hopefully, better than her mother (We're all doooooomed) does ...

PGP is alright but requires more fuss than SSH (every e-mail client has its own quirks).

what about many of those programs "net nanny" and others? can they be defeated with proxys still?

Split-tastic .. ok, we enter as we introduce cryptography ....

Right,

- PGP - not bad, fiddly for the uninitiated
- Netnanny - ? Is this like a Firewall ?
- Firewalls - Dumbest way to stop intrusion but highly effective. Also, it affects those who want to do good things
- VPNs - Nicer and clever but overheads
- SSL and SSH - My fav, but to do these Properly (Server + Client having key credentials) still requires hand holding ...

- Proxies will not stop products that scan the pages for content they consider unsuitable, they will however speed up visits to frequently visited sites if you have a large organization and a small connection to the web (Requires the proxy server to cache pages at the same time, which is what it SHOULD be doing else its a pointlessly complex way of grabbing the pages yourself!).

Things to remember .. There are various types of security for various tasks and levels of security desired.
- Finger prints (MD5 sums and one way hashes. Message is cleartext, but any modification is shown) - Equivalent to a tamper resistent seal
- Symmetric cryptography (Same key to encrypt and decrypt) - equivalent to a house key / lock
- Asymmetric cryptography (Different key to encrypt and decrypt. Like SSH where you have a Key pair. One is public the other private) - equivalent to .. well nothing much but itself. Unless you can buy keys that ONLY lock doors and need a different key to unlock the doors
- Fairly much everything inbetween like ticketing services of Kerberos and cookies - equivalent to being told to meet a friend in a particular place and time
The higher the level of security, the slower the process
Not all security is helpful and some is damned right bad if used wrongly (Cookies)
Not all security is as secure as the designers of it will want you to believe (Security Alerts and software updates are real life examples of when it all goes pear shapped).

Should we have a thread in the technical forum where a working example of various secure comms technologies are demystified ?

I think its an awesome idea. I'll write the SSH one, Darien or Wang could do the PGP one.

I think many people overlook how simple security can be to implement and implement correctly (thats the beauty of it) and this would be a great way to learn some stuff you probably didn't have a clue even existed.

Netnanny = WebSense type deal

websense (http://maddox.xmission.com/c.cgi?u=websense)

gogo maddox.

How did you send them the key in the first place? Did you write it down for them or send it digitally? Did you use a common encryption method?

You can email it -- or simply post it to a public key server. It acts like a phone book -- except when you look up someone's name, you don't get their phone number, you get their public key.

http://pgp.mit.edu/
http://keyserver.veridis.com/en/


ok... if its like SSH there is a public and private half to each key...

then id send you my public half, and youd send me your public half. id encrypt the message with my PRIVATE half and your PUBLIC half...

Do i understand this right?

SSH is just one use of the public/private key encryption method. So, yes, if you've established an ssh session using keys instead of typing passwords -- you've experienced a similar starting process (key generation) through which you could also encrypt Email, Instant Messages, Files, Newsgroup Posts, anything.

canon]websense (http://maddox.xmission.com/c.cgi?u=websense)

omg that made me laugh somthing hard...
http://maddox.xmission.com/c.cgi?u=websense_banned

hahahahaa