Get Cryptography Average Joe Ready

Posted on 2009-11-16 11:15 UTC by Rüdiger Schiller. Status: Under consideration, Categories: Utilities, User Experience, System.

There is no GnuPG GPG PGP environment, no dm-crypt, no blowfish-button in file-context-menus and no GU interfaces ready to use for Joe Average!

There was already the question of securing private data.


What is the best way to get email/IM/file/addressbook de/encryption/signing to Joe and his friends.

Should it be part of all programs containing private data? Should there be a Privacy Manager Tool to manage keys keyrings, encrypted files, addressbooks and calendar entries?


Encrypting the whole filesystem is neither a solution for the private data nor for email. It slows down the system and drains the battery. On my Netbook its costs are about 1-2Watts, speed I dont realy recognize.




Solutions for this brainstorm


Solution #1: Privacy Manager and integration with programs

Posted on 2009-11-16 11:57 UTC by Rüdiger Schiller.

weapons GnuPG/PGP/LUKS/truecrypt

A program to manage all your crypting: Privacy Manager

  • Privacy Manager: delivers a frontend for Joe to enter/manage passwords, generate GPG keys, manage GPG keys, de/encrypt single files, de/encrypt his addressbook/local emails/calendar-db, mount/de/encrypt partitions/files... and of course to choose if he wants to encrypt his data at all (let the player choose his weapons)!
  • Privacy Manager Context Menu: Adding a direct de/encrypt entry to a folder/file's context menu
  • Privacy Lockdown: A shortcut on your desktop to have easy access to a (un)lock-your-device event, locks down opened crypts depending on a "lock with lockdown" setting in the Privacy Manager (default is lock all).
  • Send-via-Encryption will ask Joe for the contact to encrypt for
  • Encrypt Partition will ask Joe for 2 passwords, encryption algorithm (blowfish as default), filename and size. A mountpoint will be created and made ro while the crypt isnt mounted.

Integrating Privacy Manager with modest. (enable GnuPG support, PGP/mime, etc)

xmpp clients should be enhanced to support GnuPG and PGP


Solution #2: Port EasyCrypt and start from there

Posted on 2009-11-19 14:30 UTC by Rüdiger Schiller.

weapons truecrypt port EasyCrypt

Port the EasyCrypt stack and polish the GUI

Enhance EasyCrypt/System with:

  • GPG/PGP keymanagement
  • integrate with OS (boot, filemanager, modest, IM) to make cryptography available for single files, messaging and most important private data like all databases used for contacts, calendar, conversations etc.
  • private data crypting -> an automated process is needed to copy all data (contacts, calendar, IM and other DBs) to a cryptfile/partition and symlink to it
  • context menu -> send via $service crypted, crypt file, decrypt file...
  • device lockdown -> stop all services using files in crypted regions, umount all crypts, rewrite swap, clear all key caches, deny service on all ports but $SSH, and so on, delock the other way round, ask for password and so on
  • device lock -> prevent user from accessing secured data but keep it all running, lock input to password prompt, show names when calls are incoming but no numbers (could be configurable [noname,name,name+number but 3 digits], show new message on screen [noname,name,name+msg])
  • crypt red pill mode ->blue pill is preconfigured with known as good defaults, red pill gives you the power to change basic crypto settings

Solution #3: Solving from a different angle...

Posted on 2009-12-13 18:13 UTC by Dave Speednut.

While I really would like to have TruCrypt on my Maemo devices, your average Joe with their "there's a app for that" distorted mentality will probably be looking for an application to store encrypted data, typically passwords, but also sensitive notes.

A suggestion would be to port the open source version of NoteCase over to Maemo 5 (already works for older Maemo versions).  Source code and Binaries located at:

Joe user could then keep passwords and sensitive notes in a NoteCase file that can be opened on their N900, WinXP, Win7, OS X, and Linux box.

More info about NoteCase is in this post:

Latest activities to brainstorm Get Cryptography Average Joe Ready