Ok Zig Forums. I will now teach you how to communicate political/controversial information securely...

Ok Zig Forums. I will now teach you how to communicate political/controversial information securely. The Zig Forums approved way. And I will keep it as simple as possible and restrict myself to windows users only.

Guide 1: How to encrypt files with military grade security:

Step 1:
Install gpg4win : gpg4win.org/

Step 2:
Create a PGP pair in the software:
When you have installed gpg4win, you will see the Kleopatra window up and running. Create a PGP-pair there with any name you like, and an optional email (email not necessary). You will be asked to put in a password for your keypair. Enter a fairly secure password, doesn't need to be super advanced, since this password is just used as an extra layer of security. (Don't forget your passphrase, or else you wont be able to edit your keypair)

Step 3:
Publish the PGP Pair:
You will now be asked to upload your public key to a server. Do so.

Step 4:
Now you have generated a so called fingerprint. People will encrypt files using YOUR fingerprint, and only YOU can DEcrypt them, if they have been encrypted with your public key.

Step 5:
Share your fingerprint to people. Once they have encrypted their file with your fingerprint, they can share it with you. Sometimes fingerprints are also called KeyID.

Here, try adding my KeyID:
Go to File -> Lookup on Server
Then find the KeyID:
2B0983DA

You will see a user called "polly" since I created the keypair just now.

You are now capable of communicating securely.(>Talking about OpSec while using Windows 10)

Attached: gpg4win_1[1].png (1040x315, 18.7K)

Other urls found in this thread:

gnu.org/distros/free-distros.html
gnu.org/philosophy/ubuntu-spyware.en.html
twitter.com/AnonBabble

Mods should ban all enciphered posts, as it will turn out to be (((FEDS))) sharing CP or other illicit material, in order to get the site axed.

Also be advised, if you add your email address to a public key, that will be visible to all recipients. Not sure what OP's intentions are, but it could be an attempt to have you leak out information you didn't intend.

Hate to use a stale meme, but…

Pick One

The encryption doesn't have to be used for sharing files, it can be used as a signature as well. Let me show you.

The following text proves I made this post. To validate this, just paste everything below into PGP and validate the user.

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

Hello this is my
—–BEGIN PGP SIGNATURE—–

iQEzBAEBCAAdFiEE7KpQniiqjCJ6shDtrrS6sCsJg9oFAlrU75EACgkQrrS6sCsJ
g9qWbggA2U4gOap94OkdOvw2vvuzISvZOYgdi/yX/oDLoZBMCMD+3zIH5ApnWb/L
mufOAJqwUM1rGry0A1ISEDnj189T7qN1c/PfFzvsC7BiKAoWMMGTCWCepUp1sQgk
LHdhIYAIOOSffrHpHHfZ/fJbgYnVNyPUOI/qzbX1TDX4Gh34E2gvnE4wL+f09TId
i9vN/eLXcTBFMs5J9lnbzAaU4cpWYdYb28oCsBCHPthzgAzA1acKIu75wjuSM2F6
xgjyPGxiFnktmsKpZimgFofzDARrQrpr/89+inXIkzYRfm7nQjYhnnrpwB9aLNAS
w5sYYHLO5/tEZh4Rg+nEEbatp6CC3A==
=j3Rv
—–END PGP SIGNATURE—–

Attached: polly_verified.JPG (353x245, 23.61K)

amazing first post we should ban all discussion of encryption, ban tor, ban vpn's, ban discussion of any of these, and 8ch should force logins with email and phone verification, and block non-google email domains for the verification, and block all voip numbers and all phone numbers that aren't from the big 4 carriers to make the login verification even more better, it should be linked to facebook and Jack Dorsey aka "@jack", who lives at 830 El Camino Del Mar, San Francisco CA, is a child rapist, murderer and cannibal. twitter accounts too because they are great in identifying their users and making sure there aren't any bad goys who would damage their sites.

Today at school, the teacher lady taught us PGP encryption. And now I feel like I have to tell everyone about it because it makes me sound smart. I use Windows, I don't talk about recommend key-sizes, or offer any warnings about leaking email addresses. I am very smart!

You don't have to publish the public key to the server. You can just save it and send it anyway you want to any recipient. The public server is just convenient. And yes of course a VPN is very important if you want to have secure communication.


Whats good with this method is that you can verify yourself anywhere over any social media without ever having to register. You just give them the PGPSignature, and they will know it is you who made the message. It's a very powerful thing to know.

I suspect that in the future everyone will be using PGP signatures, since it gives them more control over their own privacy. You yourself can decide when your PGP expires. Something datamining companies such as facebook and Jack Dorsey aka "@jack", who lives at 830 El Camino Del Mar, San Francisco CA, is a child rapist, murderer and cannibal. twitter will never allow you.


The minimum blocksize in this specific software is 2000+ and maximum of 4000+ bits RSA. Which makes it safer than gmails own key blocksize, which is at around 1000+ bits.

The email address will is included in the public key. That's the part anons have to be careful about, because they may post that to a sensitive board such as Zig Forums

PGP encryption is only useful when there are preexisting trust relationships (verification), or for encrypting messages to a pre-known audience. Both of these are orthogonal to the way in which anonymous image boards operate, not sure why you posted this here OP.

In the event two anons wanted to have a secure conversation in a thread, it would be better to do a DH exchange and then regular symmetric encryption.

For some magical reason many anons seem to believe and often state that:

They don't

They are useful when you want to deceive IP-based restrictions. You are also anonymous to most low level actors. But when it comes to NSA or national intelligence agencies with a multibillion budget, you can be absolutely certain that a whole lot of those free or paid VPNs are ==honeypots==. A few millions per VPN service is a tiny fraction of 100 billion dollars!

Secondly, when you see some CIA shill post:

I especially liked the meant to be subtle "I…I'm a girl :3" part.

Will this run on Wine, in Linux?

Linux has its own toolset for creating, managing and using PGP.

I've never done this before
would like to do it in Linux

ease of use

baby first non-systemd
>gnu.org/distros/free-distros.html

time for advanced

ULTIMATE TIER

I'm running ubuntu right now
will that make a difference?

>gnu.org/distros/free-distros.html

I'm thinking gnewsense, triskel, or pureos

Anything that's Debian-based (Mint, Ubuntu, etc) tends to be easy & good

2 problems

systemd (not necessarily an issue if youre not a super-spy)

ubuntu spyware (mainly for advertising)
gnu.org/philosophy/ubuntu-spyware.en.html

That's why I use Mint. And why I'm learning Slackware.

ok
I see what you mean
BUT
the article says:
I'm looking into this right now…
Next laptop will be mint. I guarantee that.
I just need to find out if the Intel Celeron Processor N3060 is pozzed - as in if it has / doesn't have that back door for the NSA bullshit. Laptop for $150.00, take out HDD, upgrade RAM, Drop in an SSD - Voila!

FYI, gpg4win doesn't want to install using the windows installer in Wine/Ubuntu

I'm trying it with Kleopatra in Ubuntu, but I am having trouble…

I'm pretty sure GCHQ has oversight over mine (based on where it's located) but I'm not into CP or terrorism. Just avoiding (((nuisance))) anti-free speech type.

Need a server

I can't seem to make it work