maybe you already know it, but latest version of customizegoogle extension is working again with newer gmail interface.
1 2007-11-13 10:54:31
Re: ! No, the new version of gmail dosen't work with FireGPG ! (4 replies, posted in General)
2 2007-08-28 07:50:56
Re: https://addons.mozilla.org/ (2 replies, posted in Misc)
It has some issue to be sorted out, I think that asap they can make an addon that strictly apply to mozilla policies you'll find it there.
3 2007-07-25 11:02:08
Re: Sent Messages Not Decrypting (4 replies, posted in Bugs & problems)
mhunter8 wrote:
I've used PGP encryption with Outlook and the Horde Project's IMP and both of them show you the sent messages unencrypted.
PGP probably save the unencrypted message or use the encrypt to self by default. The first behaviour is risky, the second one more viable.
4 2007-07-24 09:53:07
Re: Sent Messages Not Decrypting (4 replies, posted in Bugs & problems)
Get a good manual on public key encryption mechanisms.
If you encrypt a message to me I can read it, you (and everybody else) can't.
5 2007-07-02 08:57:35
Re: Do temporary files store sensitive data? (11 replies, posted in Bugs & problems)
unfortunately, IPC is the only way to go: both using a temp file and --passphrase is insecure, as password can be easily read through the file or with "ps -aux | grep gpg"
6 2007-06-29 08:52:35
Re: Don't reinvent the wheel: use Enigmail (4 replies, posted in Requests)
there were already request from the userbase (well, me and blivengood :-P ) to secure and standardize the gpg interface:
+ here: http://firegpg.tuxfamily.org/forum/viewtopic.php?id=143
+ and there: http://firegpg.tuxfamily.org/forum/viewtopic.php?id=139
so, I hope you really take that direction.
7 2007-06-26 14:12:20
Topic: gpgAuth section (1 replies, posted in Bugs & problems)
is it just me or the gpgAuth section doesn't allow posting new topics?
8 2007-06-22 16:05:33
Re: Update : 0.4.2 (9 replies, posted in New versions)
the_glu wrote:
FireGPG is in developpment. There can have security issue, and we need to update as fast as possible. Wee WANT to haven't any users with a old version, so we will make all for this.
I understand all of your concerns but, right now, firegpg is behaving really badly about security. Even if not so, I too dislike this autoupdate feature: firefox updates really well all of his extensions and, if you're going to package it as a deb this feature will cause you lots of headaches (I talk by experience: I did install enigmail.xpi over enigmail.deb and it was a mess).
So, please, consider removing it or providing a checkbox option.
9 2007-06-20 16:13:59
Re: Can FireGPG be made a portable app?? (19 replies, posted in Requests)
there already is thunderbird + enigmail + gpg ( http://portableapps.com/apps/internet/t … d_portable ), so I think it will be possible in the near future ;-)
10 2007-06-20 08:38:17
Re: Do temporary files store sensitive data? (11 replies, posted in Bugs & problems)
regarding this and hidden start post: what about using enigmail inter process communication javascript?
from the source:
// ipc.js: Run environment for Javascript CGI
// Global functions available to Javascript CGI:
// write(arg1, arg2, ...) : writes to "stdout"
// writeln(arg1, arg2, ...) : writes to "stdout" with newline
// getEnv(name) : return value of environment variable or null string
// execSh(command) : executes command and returns its stdout (requires ipcserv)this will be a lot more secure than current implementation.
(btw: is ipc.xpt in your svn repository somehow related?)
11 2007-06-19 10:28:24
Topic: About hidden start (1 replies, posted in Bugs & problems)
Poking around with the extension I've noticed that version 0.4.1 uses hidden start ( http://www.ntwind.com/software/utilities/hstart.html ) to invoke gpg.exe on windows without spawning those ugly cmd.exe boxes.
I was wondering if this applications is really needed: surely FireGPG looks better with it, but there's no source code avalaible around and when it comes down to privacy it really hurts. Could you stop using it? I think it surely has no sort of malware but it's not correct using such applications with sensitive passwords.
ciao
12 2007-06-18 23:29:37
Re: Problems with cygwin gpg nad/or multiple subkeys (9 replies, posted in Bugs & problems)
13 2007-06-14 09:57:39
Re: Problems with cygwin gpg nad/or multiple subkeys (9 replies, posted in Bugs & problems)
a clean profile with FireGPG 0.4.1 still doesn't work (same error), while "gpg --quiet --no-verbose --status-fd 1 --armor --clearsign afile" works like a charm :-/
14 2007-06-13 20:25:03
Re: Problems with cygwin gpg nad/or multiple subkeys (9 replies, posted in Bugs & problems)
well, between 0.4.0 and 0.4.1 I just remove a couple of no longer used extensions.
I did try uninstalling firegpg, cleaning entries in global preferences file and reinstalling it again. same results.
Tomorrow I can try running it inside another profile (luckily, no ms windows at home :-P ).
ciao
15 2007-06-13 11:18:43
Re: Problems with cygwin gpg nad/or multiple subkeys (9 replies, posted in Bugs & problems)
id looks ok
ciao
16 2007-06-12 15:10:38
Topic: Problems with cygwin gpg nad/or multiple subkeys (9 replies, posted in Bugs & problems)
hi all!
I'm having problems with Firefox 2.0.0.4, FireGPG 0.4.1 and Cygwin gpg 1.4.5 with multiple subkeys on Windows XP.
I've followed the (in)famous tutorial at: http://fortytwo.ch/gpg/subkeys and looks like gpg is functioning ok, at least I can sign a file with something like "gpg -a -s test.txt".
Latest FireGPG update broke something and I can no longer sign portion of text with it, I only get an alert with (sorry, no copy/paste):
"Signing failed because of an uknown error... [GNUPG:] USERID_HINT....(my id here)... [GNUPG:] NEED PASSPHRASE .... [GNUPG:] GOOD PASSPHRASE ...".
FYI previous version was working ok, it just had those ugly cmd.exe screens ;-)
ciao