@kaiengert@mastodon.social avatar

kaiengert

@kaiengert@mastodon.social

Security Software Developer.
Team Thunderbird https://mastodon.online/@thunderbird
Current focus on email security/encryption.
Contributed to Mozilla Firefox, NSS, NSPR.
He/him. Tootfinder ok.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

kaiengert, to random
@kaiengert@mastodon.social avatar

Just some OpenPGP key hygiene:

I've updated my key with key ID 0x1C27423725007724 fingerprint 0x21D16E67E18398C8DA9DDF2E1C27423725007724.

Changes:
Replaced old SHA1 self-signatures where possible.
Revoked old RSA encryption subkey (no compromise, just superseding it).
Generated new subkeys for RSA encryption, ECC encryption and ECC signing.

The updated key has been uploaded to WKD, keyservers and is also available for manual download from my home page.

kaiengert, to random
@kaiengert@mastodon.social avatar

Has anyone enabled mail.openpgp.passphrases.enabled in yet?

https://thunderbird.topicbox.com/groups/e2ee/Tdc427a8b0255b85a

kaiengert, to security
@kaiengert@mastodon.social avatar

I gave a talk at .

Video and slides are now available:
https://fosdem.org/2024/schedule/event/fosdem-2024-2849--security-thunderbird-email-security-plans-and-challenges-/

I'm interested in your feedback on these thoughts. Either here, or, if your feedback is longer, for a discussion it might be best to post to
https://thunderbird.topicbox.com/groups/e2ee

Thanks a lot to the organizers of @fosdem and the modern email developer room.
https://github.com/modern-email/FOSDEM-24?tab=readme-ov-file#contact

hko, to random
@hko@fosstodon.org avatar

Having decidedly too much fun playing with ancient artifacts.

Note the two version 2 public keys from 1992. They were created just over a year after Phil Zimmermann first released PGP (on 6 June 1991), deep in the crypto war era.

These keys predate the name by around half a decade.

At over 31 years old, nation-state actors can definitely factor John Gilmore's RSA 1024 key today.
However, I believe the cost still exceeds a hobbyist budget even now.

kaiengert,
@kaiengert@mastodon.social avatar

@hko I was a bit late to the party, compared to John.

Looks like version 3.

kaiengert, to random
@kaiengert@mastodon.social avatar

This image was the result of an experiment playing with an AI image generator. I had asked for a blue bird in the shape of a padlock, as a potential way to symbolize email encryption in our software. I brought some stickers with it to and many visitors of our booth took one, because we were already out of other stickers. I'd like to clarify, it is NOT an official image of our project, it was created just for fun.

kaiengert,
@kaiengert@mastodon.social avatar

@thunderbird agreed. This was the very first image given to me, and I was very impressed.

chillicampari, (edited ) to random
@chillicampari@layer8.space avatar

The to Brussels is stuck in Aachen (we may have to switch to a bus). We have already met someone going to so that part is really neat!

kaiengert,
@kaiengert@mastodon.social avatar

@chillicampari do you know the cause? Broken train?

usul, to random French
@usul@piaille.fr avatar

If I were to vote for the council I would vote for :

kaiengert,
@kaiengert@mastodon.social avatar

@usul @Standard8 @bogo

You are very kind, thank you. It looks like Standard8 isn't running.

kaiengert,
@kaiengert@mastodon.social avatar

@usul @Standard8 @bogo
which list did you see?

kaiengert,
@kaiengert@mastodon.social avatar

@usul @Standard8 @bogo
That's the list of people who are allowed to vote, in my understanding.

kaiengert, to random
@kaiengert@mastodon.social avatar

If you use #GnuPG #GPG, and you would like to ensure interoperability with Thunderbird, you might consider to disable the use of #LibrePGP features, by using option --rfc4880 in your configuration (e.g. by adding a line with the word "rfc4880" to your gpg.conf file.)
At this time it is undecided whether future Thunderbird versions will support LibrePGP or the upcoming refresh of the #IETF #OpenPGP specification, or both, or none of them. Hopefully we'll eventually see a new universal standard.

kaiengert, to random
@kaiengert@mastodon.social avatar

What's the most important feature of ?

@thunderbird

kaiengert, to random
@kaiengert@mastodon.social avatar

I posted thoughts on
"Privacy when refreshing or looking up keys" here:
https://lists.hostpoint.ch/hyperkitty/list/openpgp-email@enigmail.net/thread/3H3FZYYWUAARTDVORFUTJ2TFKKNWMK4G/

The very long post points to an experimental onion service.

Feedback welcome.

Motivation: We need to implement this ability in , and I'm trying to find an appropriate approach.

kaiengert, to random
@kaiengert@mastodon.social avatar

Just some random AI created image visualizing email encryption. needs some positive vibes these days...

kaiengert,
@kaiengert@mastodon.social avatar

one more attempt, and I'll stop it... Which one is better?

kaiengert, to random
@kaiengert@mastodon.social avatar

I would like to better understand how many users of use encrypted or signed email. I understand not everyone may be comfortable disclosing it, so even vague statements are interesting. Maybe use an anonymous Mastodon account and say "I know a group of (n) people in an NGO who uses OpenPGP encryption." or "We have (m) users in our business who use S/MIME signatures." or similar? Can you think of other ways I could learn more?

kaiengert,
@kaiengert@mastodon.social avatar

@xahteiwi Thanks. You say S/MIME, but Enigmail was OpenPGP. Are you using both?

tek_dmn, to random
@tek_dmn@mastodon.tekdmn.me avatar

People, this is why we need to stop writing everything in JS,

kaiengert,
@kaiengert@mastodon.social avatar

@tek_dmn you can simply copy your profile folder.
https://support.mozilla.org/en-US/kb/moving-thunderbird-data-to-a-new-computer

briankrebs, to random

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.

https://krebsonsecurity.com/2023/09/snatch-ransom-group-exposes-visitor-ip-addresses/

image/png

kaiengert,
@kaiengert@mastodon.social avatar

@briankrebs Is the malware more difficult to install than the real products? In other words, do users on Win/Mac have to override a warning that it's unsigned software?

kaiengert,
@kaiengert@mastodon.social avatar

https://blog.thunderbird.net/2023/10/ransomware-alert-are-you-using-a-trusted-version-of-thunderbird/
@thunderbird @briankrebs

kaiengert, to random
@kaiengert@mastodon.social avatar

For : Who's interested in convenient generation of Certificate Signing Requests (CSR), including key pair generation, for requesting an S/MIME email certificate? I have an experimental patch, and could provide an experimental test build. I didn't submit the resulting CSR to a real CA yet, I don't want to spend money for these tests. Does someone of you maybe have a subscription with a CA and is interested to test the CSR that are generated by the experimental patch?

kaiengert, to firefox
@kaiengert@mastodon.social avatar

Use for maximum happiness when surfing the World Wide Web.

kaiengert, to random
@kaiengert@mastodon.social avatar

Hello community of users. I'd like to know if some of you are still stuck at Thunderbird version 68 and the old Add-on. Is there any missing functionality in Thunderbird 115 that is still preventing you from migrating? @thunderbird

evacide, to random
@evacide@hachyderm.io avatar

If you don't have anything nice to say, take a walk around the block, eat a nice lunch, and run your reply email past several co-workers before you send it.

And by you, I mean me.

kaiengert,
@kaiengert@mastodon.social avatar

@evacide you're not alone.

thunderbird, to android
@thunderbird@mastodon.online avatar

Thunderbird for Android gets one step closer, as K-9 Mail integrates Thunderbird's Autoconfiguration feature for new accounts.

Read info on that, all the other important developments, and some awesome community contributions in the new progress report:
https://blog.thunderbird.net/2023/06/thunderbird-for-android-k-9-mail-may-2023-progress-report/

kaiengert,
@kaiengert@mastodon.social avatar

@codewiz @kkarhan @thunderbird @mozilla see
https://bugzilla.mozilla.org/show_bug.cgi?id=1627911
and
https://bugzilla.mozilla.org/show_bug.cgi?id=1833358
and
https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • slotface
  • ngwrru68w68
  • everett
  • mdbf
  • modclub
  • rosin
  • khanakhh
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • Youngstown
  • GTA5RPClips
  • InstantRegret
  • provamag3
  • kavyap
  • ethstaker
  • osvaldo12
  • normalnudes
  • tacticalgear
  • cisconetworking
  • cubers
  • Durango
  • Leos
  • anitta
  • tester
  • megavids
  • lostlight
  • All magazines
    •