Initial commit: HPR Knowledge Base MCP Server
- MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Lee Hanken
185
hpr_transcripts/hpr1481.txt
Normal file
185
hpr_transcripts/hpr1481.txt
Normal file
@@ -0,0 +1,185 @@
|
||||
Episode: 1481
|
||||
Title: HPR1481: Encryption and Gmail
|
||||
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1481/hpr1481.mp3
|
||||
Transcribed: 2025-10-18 03:53:35
|
||||
|
||||
---
|
||||
|
||||
Until next time, Pagan.
|
||||
Hello, this is Ahuka and welcome to Hacker Public Radio and another in our ongoing series
|
||||
on security and privacy.
|
||||
And what I want to do this time is pick up from what we did last time.
|
||||
Last time we took a look at how to do encryption with email in Thunderbird using an add-on called
|
||||
Enigmail.
|
||||
What I want to do this time is take on the task of showing how we can also use encryption
|
||||
with web-based mail.
|
||||
And for this one I'm going to select Gmail because I have to have a Gmail account so that
|
||||
makes it easy.
|
||||
I think that there are probably similar ways to do this with Yahoo or with Outlook.com or
|
||||
what have you.
|
||||
I'm going to use a particular example that I happen to be familiar with.
|
||||
Now people use web-based mail a lot.
|
||||
Gmail is certainly one of the more popular ones.
|
||||
The thing that you have to keep in mind is that this is all about encrypting the message
|
||||
with your keys that you control before it leaves the computer.
|
||||
Steve Gibson calls this pre-internet encryption or PIE.
|
||||
Now last time we mentioned LavaBit, LaDar Levison and all of that.
|
||||
And the flaw in what they did was that they had keys that the mail provider controlled.
|
||||
And these keys could be and were demanded by the government.
|
||||
So if you use your own GPG keys that you control, no provider, in this case Google, is
|
||||
even capable of giving anything to the government other than a blob of random nonsense.
|
||||
Now that I'm not going to get into metadata, that's another discussion and Lord knows
|
||||
we will probably get to that one too at some point.
|
||||
But what I want to do here is talk about an extension that you can install.
|
||||
It's available for both Chrome and Firefox.
|
||||
And I'm going to do it with Chrome because that's what I use to access my Gmail account.
|
||||
And the extension is called MailVillope, M-A-I-L-V-E-L-O-P-E.
|
||||
So it's mail and envelope kind of mashed together.
|
||||
And as a Chrome extension, basically you just do what you do with any other Chrome extension.
|
||||
You go to the Chrome store, you do a search for MailVillope and you install it.
|
||||
Now once you have MailVillope installed, you need to give it your keys.
|
||||
We talked about creating keys over a couple of different episodes, how to do it with
|
||||
a command line, how to do it with a GUI client.
|
||||
Then last time we talked about using your keys with Enigmail in Thunderbird.
|
||||
Now one of the things about Enigmail that was really nice was that Enigmail knew where
|
||||
to look and would just go grab your keys.
|
||||
MailVillope is not quite as user friendly in this respect.
|
||||
But it's going to give us a chance to learn something that we're going to need to know.
|
||||
And that's all about exporting keys.
|
||||
So when you have MailVillope installed, you then in the extensions window in Google Chrome,
|
||||
you will see that there's something there that says options.
|
||||
It's a link that you click and that opens up the options window for MailVillope.
|
||||
And when you take a look at that, you're going to see you've got a number of things you
|
||||
can do and one of them sits down a couple on the left.
|
||||
You're going to see something that says import keys.
|
||||
Now you can import your keys or other people's keys depending on what you have available
|
||||
to you.
|
||||
But the thing is that it has to be pure ASCII text files.
|
||||
Now chances are when GPG created all of this on your hard drive, it was not pure ASCII.
|
||||
It was probably a binary file.
|
||||
So what you need to do is you need to do an export.
|
||||
You can do this in several ways.
|
||||
You could do it at the command line, for instance.
|
||||
And there's two different commands, one for the private key and one for the public key.
|
||||
So for the private key, the command would be GPGspace-export-secret-key-space-a-space-space-a-space.
|
||||
And then your username.
|
||||
This would be your username, in this case I'm not a Linux box.
|
||||
So it would be my Linux username, the name of my home directory, in other words.
|
||||
Now this will display your key as ASCII text in the terminal window.
|
||||
You can paste it in the mail the loop and away you go.
|
||||
Now to get your public key, the public key is the one that's used by other people to
|
||||
encrypt messages to you.
|
||||
So the command slightly different, GPGspace-Armer, ARMOR, space-export-space, and then the
|
||||
email address.
|
||||
Remember that when you created your GPG key that the email address was a part of that
|
||||
and it's linked to your email address.
|
||||
So that's going to get your public key exported.
|
||||
And again, this will show up in the window and you can copy and paste what have you.
|
||||
Now if you've already set up Thunderbird, we can make this even a little bit simpler.
|
||||
Because you can export them both at once.
|
||||
In Thunderbird, go to that OpenPGP menu that we talked about last time and this time
|
||||
select key management.
|
||||
And click on your own key to select it and then go to the file menu and select export
|
||||
keys to file.
|
||||
You'll then be asked if you wish to include the secret key.
|
||||
Say yes and you'll be asked to approve a file name and a location for the exported file.
|
||||
Now this will be a dot ASC file.
|
||||
In other words, ASCII text.
|
||||
And then in MailVolope on the import screen, you can click the import from file, find
|
||||
that file.
|
||||
So put it in your home directory somewhere where you know how to find it.
|
||||
And if all goes well, you're going to see two green lines.
|
||||
The first one says success, public key was imported blah, blah, blah and the second one
|
||||
to be success private key was imported blah, blah, blah.
|
||||
And you know in each case saying that's been added to your key ring.
|
||||
And then you can take a look at your key ring in MailVolope and you should see your name
|
||||
and the ID of your key and you'll actually see two keys, two keys in the icon on the left
|
||||
because that's going to indicate that it got both the public and the private.
|
||||
Now if you then later on import the public key of some other people, people that you might
|
||||
want to correspond with, when you look, you would see their name and their key identifier,
|
||||
but you'd only see a single key on the left because you obviously would not have their
|
||||
private key.
|
||||
Now I said it was worth learning this import export business with keys because it's really
|
||||
the best way to move your keys to other computers.
|
||||
Now I've seen stuff that says, oh just copy your .gpg directory and if you're going to
|
||||
another Linux machine, that'll probably work, but what if you're a cross-platform person?
|
||||
What if you're like our friend night-wise who makes a whole big fetish out of being cross-platform?
|
||||
And let me just face a lot of people, there are times they want to use Linux, other times
|
||||
I have to use Windows when I'm at work, some people may have a Macintosh around that they
|
||||
want to use.
|
||||
So understanding how you can export your key files and then in any other computer you just
|
||||
use the import like we just did with MailVolo and that's going to be a good way to get your
|
||||
keys moved around.
|
||||
Now that you've imported this, let's say you wanted to send a message in Gmail, if the
|
||||
only key you have is your own you have to send something to yourself, you can actually
|
||||
do that.
|
||||
But what you're going to see now because of MailVolope is that when you click the compose and in
|
||||
Gmail, I'm going to assume you all know how this works.
|
||||
When you click the compose button, a window opens up in the lower right and it's got a black
|
||||
bar across the top and you start typing your message.
|
||||
What you're going to see now is something has changed and what has changed is that there
|
||||
is an additional icon that is on that window and the icon is an edit icon and it's got the
|
||||
yellow pencil on top of a sheet of paper.
|
||||
And if you click that, another window opens for you to create your encrypted message.
|
||||
So you just type your message in that window.
|
||||
So it's going to say at the very top Chrome extension and a bunch of blah, blah, blah,
|
||||
yes, because the extension is MailVolope that you installed that's taking over this process.
|
||||
And then you compose your mail and now what?
|
||||
If you simply click the transfer button, you get to pop up warning you, you're trying
|
||||
to send unencrypted data, right?
|
||||
So just because you've composed it in this window, you haven't finished the process yet.
|
||||
But if you take a look, there's an icon of a padlock, ah, the lock icon.
|
||||
So you click that and what happens.
|
||||
Now another window is going to open, remember that when you send encrypted mail, you encrypt
|
||||
it using the public key of the recipient.
|
||||
Now right now you may only have your own public key in there because we just imported it
|
||||
a moment ago.
|
||||
But at some point you're going to start accumulating public keys of other people.
|
||||
And so what you need to do is select the recipient for whom you have a public key.
|
||||
Now I think I mentioned last time, I'm setting up something with Tony Beaness from the Sunday
|
||||
Morning Linux review that I think the two of us are going to do a little program talking
|
||||
about how you do all of the obtaining keys of other people and things like that.
|
||||
So you know, that should be fun.
|
||||
We're going to get there.
|
||||
It's like everything else you got to take it one step at a time.
|
||||
So anyway, at this point, you know, you click that maybe the only name you see up there
|
||||
is your own.
|
||||
So highlight that and click the add button.
|
||||
And when you do that, everything gets encrypted.
|
||||
Then when you click the transfer, what's going to get transferred is an encrypted message.
|
||||
And so in your Gmail window, your compose window now, it's just going to say begin PGP message
|
||||
and then all sorts of gobbledygook and then at the end, it's going to say end PGP message.
|
||||
So you have a completely encrypted message, but so far not a thing has left your computer.
|
||||
And that's the important part.
|
||||
So if you now click the send button, your message will be sent, but Google will have no idea
|
||||
what it says and neither will anyone else if they do not have the private key of the recipient.
|
||||
Ideally, they wouldn't.
|
||||
Now, suppose you receive a message that has been encrypted and that means that you have a correspondent
|
||||
out there who has your public key and they use that to encrypt a message to send to you.
|
||||
Well, when that comes in, mail the loop is going to notice, oh, wait a minute, this is encrypted.
|
||||
Isn't it?
|
||||
I'm supposed to do something.
|
||||
So it'll throw an overlay on top of the message with the icon of an envelope and lock.
|
||||
Your cursor will turn into a key and if you click on the icon, you will be asked to provide your passphrase.
|
||||
And assuming you can do this successfully, the message will decrypt.
|
||||
Let's hope you know your passphrase.
|
||||
Now, the last thing, digital signing.
|
||||
And I'd have to tell you at this point, now I'm recording this now in towards the end of February of 2014,
|
||||
but I'm recording it ahead of time and it's going to go out later on this year.
|
||||
At the time I'm recording this, mail the loop does not support digital signing,
|
||||
but it's clear that they're working on it and I hope it will be added soon.
|
||||
Obviously, they put the priority on ensuring that you could securely encrypt messages
|
||||
and that's not really a terribly bad priority to have when you think about it.
|
||||
So with that, this is Huka signing off for Hacker Public Radio
|
||||
and reminding everyone, please support FreeSoftware.
|
||||
Bye.
|
||||
You have been listening to Hacker Public Radio, or is Hacker Public Radio does all right?
|
||||
We are a community podcast network that releases shows every weekday Monday through Friday.
|
||||
Today's show, like all our shows, was contributed by a HBR listener like yourself.
|
||||
If you ever consider recording a podcast, then visit our website to find out how easy it really is.
|
||||
Hacker Public Radio was founded by the digital dog pound and the infonomicum computer club.
|
||||
HBR is funded by the binary revolution at binref.com.
|
||||
All binref projects are proudly sponsored by Lina Pages.
|
||||
From shared hosting to custom private clouds, go to LinaPages.com for all your hosting needs.
|
||||
Unless otherwise stasis, today's show is released under a creative commons,
|
||||
attribution, share a life, free dose of life suits.
|
||||
Reference in New Issue
Block a user