Re: Thor's Private Key

["Thor (Hammer of God)" <thor () hammerofgod com>]

You must not have read closely then :)

The GPG key structure is a collection of all keys in a single database.  If you want to use different keys, you have to 
move entire keyrings around.  Exportation of keys is in ascii, but you can't programmatically access any elements of 
the keys or the encrypted data itself with an open format.  By default, the encrypted data is all binary, and if you 
ascii armor the actual data, you've got multiple steps to decrypt it and can't identify key information from it. 

GPG must be "installed" on target systems, and you have to be an administrator to do so.  TGP runs as a single 
executable.  TGP has full access to the X.509 Windows Certificate Store and can validate PKI infrastructures based on 
these certificates.  GPG can't even access the cert store.  GPG has no provisions for key management at all.  TGP 
interfaces with my "Rainmaker" API to provide off-site key management and verification based on permissions and 
certificate trusts.   As such, the client never has to have the keys in their possession, and the keys never touch the 
file system.  You can't do that with GPG.   TGP encrypted data is "cloud ready" for SOAP/XML -based API structures.  
You can't do that with GPG.

TGP also is the only multi-platform encryption tool where you can encrypt the data on the PC, store it in the cloud, 
and then decrypt it on Win7Phone with even TGPMobile taking advantage of the Rainmaker API key management system.  So 
for mobile applications you also never have the key on the device.  

TGP is trivially easy to use.  Average computer people can use it (and do).  I've seen PGP/GPG deployments fail 
miserable because people couldn't figure out how to use GPG.  

Most importantly, I can make it do whatever I want it to do without having to parse through mounts of pieced together 
code authored by who knows who.  

Those are some of the differences - not that it matters, of course.  I've made no claims regarding any differences to 
GPG good or bad.  I comment about PGP on my site, but that's it.   So feel free to LOL all day, but I really don't see 
what your point is.
t

-----Original Message-----
From: Jason Hellenthal [mailto:jhellenthal () dataix net] 
Sent: Sunday, April 08, 2012 5:41 PM
To: Thor (Hammer of God)
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Thor's Private Key


LoL WuT!

Whats the difference between just encrypting your data with GnuPG... and yes I read your about TGP page lol.

On Sun, Apr 08, 2012 at 10:54:34PM +0000, Thor (Hammer of God) wrote:
> Please ignore (again).  I need this key here to parse some FD archives.
>
>
> <?xml version="1.0"?>
> <!--TGP - Thor's Godly Privacy: KeyFob XML Document--> <KeyFobs>
>   
> <KeyFobName>TGP<FobName>PrivateTest</FobName><PublicKey></PublicKey><E
> ncPrivateKey>193PM88EjC/C7DtVH/UWzI9ALhLyxr/vbeV95vGvVPlw5KKH3szdnzCMs
> 7cFWC7Hq2vqxIVwIDMrp9fG43mPnS1+Ya/96TmBk88gCcwdkkKlc4UDHDj73mEhvIra0P0
> /L2VZDxX9rFbv2rEKMTKLXnW6dMSdJbfCN1AOI+jCsv+9pm7bcbSCRMaOJZoXUHjZiW1gp
> unUqi0zgbXYo10WGZJhfYa1uL9x4NuUjZ9P6m9haum8T1YQiV7+EZwbRl+9wD4bZ97pbP0
> d7fikCJFw/0VaN2EJpgpzlxDEmTWpaAomKk/3gd4TAo+iM53XX3uwwL0g8yXWqgllZRLZS
> 9u5jS6ZPzNwhy8n4+FER7as4IpDZwOjg9vKNyBPYNN2xPOh6gOBKUZERRkuyp0zTyOZPTH
> 0D3/xlCqXlfhyqzntmxSpiCH2dzuhJR8Rj+LJcTTgzNsVNo2zSq9BfdTLZNsV5g2l/2PTe
> cA9DbDWrDQHBmMbSIbxqBLtxD+kVUm1XPf1C/5bhfbuZroCXGGgE6NykBpH5rThfRDV/7R
> cMqtd1d/2kIy0y5R0p9lsGKy3UHejuPP2x9KRWjb7en7GFnC9u3BE/92qOxJO1x98pdYn3
> HS6QkmJKM1cvHhoxrowT8T87YEjK6o3J6s36xKW6kzTVS6AQMS8CfAb2lodheqvccREFUo
> PB/3n7BXbGT1gk9udApaaCcu8nNCsjDVfVMfYMuDk2SsJzkZvhOylsJNYmLrd9TuGOh7XT
> Dqi5GjT9Bg2rPFImxuuB5Y1kSag9Po2FKAfHIfxmDzPQQDo7wyclN5yrGmVCJOZfRZuFOQ
> cRh1t9p+F2eoe/zJJcN3BuMaCNyoEHx4ePDEtrCmYvvrSwCn7MBZM2qI/fZnuQp6SsbwyC
> znDub2wtx+Yjz4hoYnmDd3B2uY11WZ8Fd3NOHV9vcNhEfr2gjCyJoaSK2chiz1BJGWlI85
> Gy1h9onf8wLxwNh6+S5HJ4PrDG8uF/SsDHIiODyWfwLtX/fVfdumNw1bINQMdSfJDw7ViH
> lmWuOlDaJHQY2soeI/mSB8Wem7551iS//jN4iCM8yJ0RDKay8d4HHRdGFyy4zGMVByzTOy
> AqH3k90eQjB+8DW8Jzo/Yi8mxYD1Z54aZycamhN2R9x3u08tf/AUdw0+nymbaksnQireZH
> 6YIGNd2WutE2R/2/fGmDR0YebA4dP7KJ0NzKnLzFYnCY/WR9oxdKRHCa8pY1xvs+V722+q
> LHmI97bKkxWEnY+FkuxhlZiMDMIEpFTifoXlQlqVUQoqFgV2HZO7KeUZMtm2yzUvcKUeOj
> 2gHs0Qw9z0QxcMqe0Pp1k8ZqoSBqO7T4j3LHDkwwvfe8kp6ve9QhksYLnqI/5Gegu7/lz1
> srwFo8+kbAMns/O55h5ISQOV5T7ElSgDEhQqDRFA3fdytgjZDFsB0JVkvb89dtJUU89qC9
> fX08hg1YZzAdoyDsefRu5dAwOfOeXKVmVkbIUcEASm5/8k1gvdDEDy6gBl0u1xLOGYK0i3
> liyLlOgWbPA3iEmYsGZyorRKn5q2sT/BVNQQTL9wdZiw3d8Zu0SiHpZyW98SfrOL3bHC0a
> xIK+VFd3sQXm98l6IV/hGoevr4zRFrWktiCnh5QG5viy4NcoqCcgkU514v4RUMjQMytEKQ
> hGgTOoJdAdutlD8B0nQ5pYExcecamlMhWwjujjw988b/GlQ9cnchGzLoSVxdgo2Xuvetxs
> FPnTzpl5kv4rLtnepAzfJbs4WQziLSUijK+BtnZVujpihFDkz2ZFMIcOiVaKLtl1kU2uBC
> ziw2WrBsq37CyzZZRhr9vNd4PWO6QBopPq4pPTM3llQ0nUrnGNDfmc05kSRxM4eiprKxGo
> BYdMJfOfcFPj49qbUb8TYtYz3Fgoc46cfwmVKGOQkJdSJzD8vVKj8BdguLGLf4s0IQrxnc
> LWGjOAic4nz7x
> </KeyFobs>
>
>
> [Description: Description: Description: Description: Description: 
> Description: Description: Description: TimSig]
>
> Timothy "Thor"  Mullen
> www.hammerofgod.com
>
> Security isn't about thinking outside the box.
> It's about not thinking yourself into it.
>
> Thor's Microsoft Security 
> Bible<http://www.amazon.com/Thors-Microsoft-Security-Bible-Collection/
> dp/1597495727>
> [Description: Description: Description: TMSB-Prod-small]




> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


--
;s =;

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/