Pgp Mac

Part 0 – Introduction

Here’s my basic guide for PGP on OS X. The OS in question is OS X 10.9 Mavericks, but it should still work for other versions. As for the tool itself, we’ll be using GPG Suite Beta 5. This is my first time using OS X in… years. If you see anything I’m doing wrong, or could be done easier, feel free to correct me in the comments.

If you’ve done your research, you’ll see it’s not recommended to do anything darknet related on OS X, but I’m not going to go over the details here. You’ve obviously made your decision.

Open PGP Keychain Access, click Import, select the file with the vendor's key. Now that you have the vendor's key, click GPG Keychain Acess on the app menu bar (not sure how that's called, it's the top bar that changes accordingly to the app you're in), select 'Services' and then 'Services Preferences' from the menu. MacGPG is the underlying encryption engine of GPG Suite. If you are familiar with the command line, you can use its raw powers. Based on the latest version of GnuPG. OpenPGP is available for all major platforms, such as Windows, Mac OS, GNU/Linux, Android, and iOS.

Part 1 – Installing the software

Like I said above, we’ll be using GPG Suite Beta 5. If you’re curious and want to see the source code, you can do so here.

  1. Head on over to https://gpgtools.org, and download ‘GPG Suite Beta 5′
  2. Open the file you downloaded, you should see this screen. Double click on ‘Install’
  3. Follow the installation process. If successful, you should see this screen. You can now close the window

Part 2 – Creating your keypair

Mail

GPG Suite actually makes this a super simple process. Just like the Linux guide, we’ll be using 4096 bit length for encryption.

  1. Open up GPG Keychain, you should be greeted by this beautiful window
  2. Click ‘New’ at the top left of the window
  3. You should see a small popup. Click the arrow beside ‘Advanced options’, make sure the key length is 4096. For our purposes, we’ll uncheck ‘key expires’. Put your username where it says ‘full name’, fill out what you want for email, and create a secure passphrase. Check the picture for an example on how to fill it out. When complete, click ‘Generate key’
  4. GPG Keychain will begin generating your key. Move the mouse around, mash keys in a text editor, have something downloading. Do random stuff to create entropy for a secure key.
  5. annndddddd we’re done!

Part 3 – Setting up the environment

Pgp Macon

This is where OS X differs from other platforms. The suite itself doesn’t provide a window to encrypt/decrypt messages, so we need to enable some options.

  1. Go into system preferences, open up ‘Keyboard’
  2. You should see this window. Click the ‘Keyboard Shortcuts’ tab at the top, then ‘Services’ in the left pane. Scroll down in the right pane to the subsection labeled ‘Text’, and to the OpenPGP options. Here you can create keyboard shortcuts. We’ll uncheck everything OpenPGP that’s under ‘Text’, and delete their shortcuts. Now we’ll enable ‘Decrypt’, ‘Encrypt’, and ‘Import key’. Create keyboard shortcuts for these if you wish. Check the picture to make sure you’re doing everything correctly. You can now close the window.

Part 4 – Obtaining your public key

This part is super simple.

Pgp mac
  1. Open up GPG Keychain, select your key
  2. At the top of the window, click ‘Export’
  3. Give it a name, make sure ‘include secret key in exported file’ is unchecked, and click ‘save’
  4. Open your text editor of choice, browse to where you saved the key, open it
  5. There it is. Copy and paste this on your market profile to make it easier for people to contact you

Part 5 – Obtaining your private key

Again, super simple.

  1. Open up GPG Keychain, select your key
  2. At the top of the window, click ‘Export’
  3. Keep the file name it gives you, check ‘Include secret key in exported file’, then click save

Keep this file in a safe place, and don’t forget your passphrase. You’re fucked without it!

Part 6 – Importing a public key

This is really easy.

  1. Find the key you want to import.
  2. Copy everything from ‘—–BEGIN PGP PUBLIC KEY BLOCK—–‘ to ‘—–END PGP PUBLIC KEY BLOCK—–‘
  3. Paste it into your favourite text editor, highlight everything, right click, go to ‘Services’, then ‘OpenPGP: Import key’
  4. You’ll see this window pop up confirming the key has been imported, click ‘Ok’
  5. Open up GPG Keychain just to confirm the key is there

Part 7 – Importing a private key

Again, really easy.

  1. Open GPG Keychain, click ‘Import’ at the top
  2. Browse to where your key is, click it, then click ‘Open’. It should have a .asc file extension
  3. You’ll see this pop up confirming your key has been imported. Click ‘Close’

Part 8 – Encrypting a message

  1. Open your text editor of choice, write your message
  2. Highlight the message, right click, ‘Services’, ‘OpenPGP: Encrypt’
  3. A window should appear. Select who you’re sending it to, sign it with your key if you wish, click ‘Ok’
  4. Copy everything, and send it to the recipient

Part 9 – Decrypting a message

Pretty much the same process as encrypting

  1. Open your text editor of choice, paste the message
  2. Highlight everything, right click, ‘Services’, ‘OpenPGP: Decrypt’
  3. A window should pop up. Enter your passphrase, then click ‘Ok’
  4. aannnddddd there’s your message

Part 10 – Conclusion

That wasn’t too hard, was it? Like I said in the intro, you shouldn’t be using OS X for DNM activities due to privacy issues, but I won’t go into it. This took forever to complete because OS X is a bitch to get running properly in a virtual machine. A guide for Windows will be coming next week!

Shortlink: drk.li/472

Enterprises seeking a way to encrypt their growing number of Macintosh devices now have a new option from PGP. The company has unveiled a Mac OS X version of its Whole Disk Encryption 9.9 security software.

Pgp Mac Mail

As with its Windows counterpart, the Macintosh version has been validated for use by the U.S. government to protect data on laptops, desktops and portable media devices.

Unlike other encryption solutions, both versions come with a preboot authentication check.

'This lets IT manage those Macs that are now side by side with PCs,' John Dasher, PGP's director of product management, told InternetNews.com.

Macintosh platform security is a growing concern as the Mac OS X gains traction in enterprise infrastructure. Dasher said Macintosh products are often overlooked when it comes to security, as Windows has been dominant in most businesses.

He recounted an incident this past February at the National Institute of Health (NIH) in which a laptop theft exposed confidential clinical information on 2,500 patients.

The data was housed on both Windows and Mac devices, but the Macintosh computers were not encrypted, he explained. In response the NIH now prohibits Mac laptops for use when dealing with sensitive data, Dasher said.

Enterprise adoption of Macintosh products tripled last year to 4.2 percent, according to a Forrester Research (NASDAQ: FORR) report this past March.

The Yankee Group reported that 87 percent of companies now have some Macintosh computers plugged in -- a spike of 48 percent over two years.

Those numbers will continue to rise given the popularity of new laptops such as the MacBook Air. IDC (NYSE: IDC) reported that laptops will constitute 68 percent of all computers by 2011 as they increasingly replace desktops.

Security risks will increase in tandem given research indicates many data breaches involve portable devices and malware writers are now aiming for the platform as well. According to Ponemon Institute, 56 percent of mobile data breaches are due to lost devices including laptops and removable media.

In February security vendor Sophos reported that financially motivated hackers had targeted Apple Mac computers with malware for the first time.

The average cost of a breach is $197, an increase of 43 percent since 2005, according to Ponemon.

Pgp Mac Command Line

'Macs are slowly gaining ground, but since management vendors have focused on Windows, there is a security and an operations gap,' Jon Oltsik, senior analyst for information security at Enterprise Strategy Group, told InternetNews.com. 'PGP recognizes this and is responding with product support. I expect lots of others [security vendors] to follow,' Oltsik said.

Whole Disk Encryption secures all the contents of a laptop, desktop, external drive and flash drive, from boot sectors to system files. When tech teams use the software with the PGP Universal Server, they can manage policies, users, keys and configurations from a single console.

'This is a very transparent full-disk encryption approach that goes from the hard drive to the thumb device for complete protection,' said Dasher, adding that it's 'defense in depth as the best security is achieved with layers.'

The product will be available in July. Pricing is $119 per user for the stand-alone version, and when the software is used with the PGP Universal Management Server, the annual subscription for 1,000 seats is $42,000. A perpetual license is $104,000.