|
Title: CryptUP: Simple PGP for Gmail / Ethereum public key database / feedback Post by: geri on December 09, 2016, 08:35:38 PM Who am I
I co-founded BitOasis (https://bitoasis.net/en/) as a (former) CTO. As far as I know we were the first wallet to use multisig with keys distributed among different entities (us/co-signer/backup) without bothering the user to store a private key. Our open sourced multisig wallet: multisig-core (https://github.com/bit-oasis/multisig-core) and multisig-recovery (https://github.com/bit-oasis/multisig-recovery). See my PyCoin contributions here (https://github.com/richardkiss/pycoin/commits?author=tomholub). Why most PGP solutions suck We used PGP at BitOasis to encrypt sensitive email. For most people, PGP is a pain in the ass. Non-critical info would often go unencrypted because you don't want to bother the other guy by encrypting it. If we didn't use PGP for MOST email, it's no wonder others don't use PGP for ANY email. It's too cumbersome. What I've done about it I made PGP work just the same as normal email, so that non-technical people can use it. I released my child a few days ago as CryptUP (https://cryptup.org/). It's a Chrome plugin and works with Gmail, because that's what I (and a lot of people) use. It's compatible with any other PGP solution though. Where I need your feedback - improving decade old pains with PGP Public key management I'll use Ethereum as a pubkey database for CryptUP users, under the hood. Users' pubkey fingerprints will get submitted to Ethereum blockchain, instead of outdated systems like http://pgp.mit.edu/ (http://pgp.mit.edu/). Ethereum blockchain can then be queried with DNSChain (https://okturtles.com/) eliminating man-in-the-middle attacks on exchange of key fingerprints. The users don't need to know about the Ethereum stuff. It'll just work and I'll pay for the fees, it's a few cents per user. Public key fingerprint verification Security of PGP relies on this, but NOBODY does this. Without knowing you talk to the right person, PGP is a placebo. I'll implement fingerprint-to-image converter, where instead of comparing letters and numbers (which nobody will do), I will be displaying a set of icons for contact you talk to. Imagine 4-5 icons per fingerprint, eg: horse, frog, car, sun. It's much easier for humans to notice a discrepancy in icons then "0D5688EBF3102BE7". Let me know what you think As is, I think (and people tell me) CryptUP (https://cryptup.org/) is the easiest to use PGP plugin. Setup, conversations, attachments, it just does what you expect your standard email to do, plus encrypted. Let me know your thoughts, it's available here: https://chrome.google.com/webstore/detail/cryptup-encrypt-gmail-wit/bnjglocicdkmhmoohhfkfkbbkejdhdgc (https://chrome.google.com/webstore/detail/cryptup-encrypt-gmail-wit/bnjglocicdkmhmoohhfkfkbbkejdhdgc) And the source code is here: https://github.com/tomholub/cryptup-chrome (https://github.com/tomholub/cryptup-chrome) Title: Re: CryptUP: Simple PGP for Gmail / Ethereum public key database / feedback Post by: intover_Q on March 21, 2017, 10:32:26 PM Most useful chrome plugin ever ;D searching for something like that for years, let me know if I can help you to further develop the tool
Title: Re: CryptUP: Simple PGP for Gmail / Ethereum public key database / feedback Post by: geri on March 22, 2017, 02:03:26 AM You can chat me up at tom@cryptup.org
Title: Re: CryptUP: Simple PGP for Gmail / Ethereum public key database / feedback Post by: eduncan911 on March 24, 2017, 03:29:24 PM I just installed it and it is working ok.
Though, people who send me pgp emails as attachments doesn't seem to decrypt. Will reach out to Tom and find out more. :) |