HOWTO: Keysigning parties

Cory Doctorow 8:55 pm Mon Jul 7, 2003

The further mainstreaming of geekdom: who needs Tupperware parties when you can have a keysigning party? This HOWTO has the compleat formula for throwing an event that's both educational and privacy-enhancing!

3.3 What Participants Should Not Bring to the Party

1. A Computer

3.4 Why you should not bring a computer to the party

You should not bring a computer to the party because binary replacement or system modifications are very easy ways to compromise PGP systems.

If someone where to bring a portable computer and everyone used that computer to sign the other keys at the party, no one would know if the machine had been running a key stroke logging utility, a modified version of GPG,a modified version of the Linux kernel, or a specially modified keyboard, any of which could be used to capture the secret keys of those who used the computer.

The use of a computer at the party would also leave you open to more simple attacks like shoulder-surfing, or more complex attacks like weak secret key generation, secret key modification, or even infection with virii that modify your GPG binaries to leak future secret keys discretely.

(Thanks, John!)

The E Ink device that keeps you on schedule without the rabbit hole

Ask anyone who knows me: I've got the memory of a frigging goldfish and not in that happy Ted Lasso kinda way. Being able to pretend that I'm a functional… READ THE REST
Would you spend $650,000 to ride a transforming mecha?

Hey! Do you have $650,000 to spend? Not interested in pissing away that cash on feeding a school full of kids lunch for a few years or helping a couple… READ THE REST
Upcycle your old smart speaker with a new brain

The world is absolutely filthy with Google Home Minis. The wee smart speakers made their debut back in 2017 and were inexpensive enough to be given away by telecoms, banks… READ THE REST
Download videos from any streaming service and keep them forever with Keeprix for $95.99

Disclosure: Boing Boing earns a commission on purchases made through links in this post. TL;DR: Save videos from Netflix, Disney Plus, YouTube, TikTok, and more to watch anytime you want with… READ THE REST
If you're paying a la carte for AI models, this $60 lifetime pass gets you ChatGPT, Claude & more

Disclosure: Boing Boing earns a commission on purchases made through links in this post. TL;DR: ChatPlayground AI lets you compare GPT, Claude, Gemini, and more side-by-side in one tab—and lifetime access is… READ THE REST
Imagine never seeing a website hosting renewal email again after paying $149.99 once

Disclosure: Boing Boing earns a commission on purchases made through links in this post. TL;DR: Most web hosts treat your website like a subscription. PawnHoster's King Plan would rather take your money once… READ THE REST