====== OSS Crypto support ======

{{template>:project:infobox|
name=Open Source Crypto support group|
image=opensourcecrypto.png?200|
sw=open|
hw=open|
founder=[[user:ruza]]|
interested=[[user:kxt]]\\ [[user:overdrive]]|
status=active
}}

~~META:
status = active
&relation firstimage = :project:opensourcecrypto.png
~~

==== Aim of the project ====

  * privacy should be default not optional
  * to associate and motivate people to use cryptography proper way
  * fixing bugs that are preventing users use strong crypto, testing, bug reports
  * raise awareness on using Open Source software, cryptography solutions for everyday life
  * helping people communicate securely (user experience, compatibility)

====  How to save the world? ====

===  Common issues ===
  * make sure user is using proper **cipher, key length** and **configuration**, enable [[wp>Forward secrecy]] if possible
    * [[https://we.riseup.net/riseuplabs+paow/openpgp-best-practices|OpenPGP Best Practices ]]
  * found software/hardware with buggy implementation or missing support for proper setup

=== Call for specific help ===
  * gnupg2 - dirmngr is not able to use hkps (HKP over SSL/TLS properly) [[https://bugs.g10code.com/gnupg/issue1792|bug]]
  * OpenVPN - there is an ongoing support for ECC in OpenVPN 2.4 (with easy-rsa 3.0), learn people generate such certificates, use them, test them between different platforms
  * OpenVPN on Mikrotik - support for ECC, and remote Radius server (not funcioning properly according to tests)
  * Mailvelope - missing ECC support [[https://github.com/openpgpjs/openpgpjs/issues/26|Integrate fast ECC support (OpenPGP.js)]]
  * Mailvelope - missing PGP/MIME support (including all other GPG sw based on OpenPGP.js .. RainLoop)
  * according to some sources AES encryption in todays hard drives is very limited ([[wp>Hardware-based full disk encryption]])
  * K-9 (Android) mail missing [[https://code.google.com/p/k9mail/issues/detail?id=5864|support for PGP/MIME]]
  * GnuPrivacyGuard is falling on Android5 while is not compilled with PIE https://dev.guardianproject.info/issues/4126
  * TextSecure is dropping support for encrypted SMS, leaving "data transfers' as the only option [[https://github.com/WhisperSystems/TextSecure/issues/1762|TextSecure nuking encrypted SMS? WTF?!]], [[https://github.com/WhisperSystems/TextSecure/issues/2515|Encrypted SMS/MMS over GSM optional feature]] [[https://whispersystems.org/blog/goodbye-encrypted-sms/|Blog >> Saying goodbye to encrypted SMS/MMS]]
  * GParted is missing [[wp>LUKS]]
    * http://blog.vojtechtrefny.cz/new-ui-blivet-gui
  * Maildroid - passphrase dialog sometimes not started (in case network connectivity not available)
  * Chromium/Chrome browser is missing an MasterPassword functionality
  * its not possible to use LastPass without cloud synchronization
  * Hootsuite for Android is connecting to Linkedin even no such account configured (same with other social network possibly)
==== Events ====
  * Keysigning parties
  * Cryptoparty?
  * [[event:talknight|lightning talks]] on cryptography
    * GnuPG modern\\ {{youtube>4RKkoHWjcvk}}

==== Misc ====
=== Which Android mail client I should use? ===

^ Email client ^ Crypto provider ^ supported ^ not supported ^
| K-9 mail | APG, OpenKeychain | PGP/inline | PGP/MIME |
| Kaiten mail | APG | PGP/inline | PGP/MIME |
| Squeaky mail | APG / PGP Keyring | PGP/MIME | |
| Maildroid | Flipdog crypto plugin | PGP/MIME, PGP/inline, S/MIME | 
| r2mail2 | internal | PGP/MIME, PGP/inline, S/MIME | 

^ crypto provider ^ exportable ^
| APG | yes | 
| OpenKeychain | yes |
| Flipdog plugin | probably not |
| PGP Keyring | yes |
| GNU privacy guard | unable to do anything on Lollipop\\ (not compiled with PIE support) |

=== Related projects ==
[[..:crypto-anonymity_knowbase:start| Crypto-Anonymity Knowledgebase]]