_ _____ ______ _____ _ _
(_) | __ \| ___ \ __ \ | | | |
_ _ ___ _ _ __ __ _ | | \/| |_/ / | \/ | |_ ___ ___ _ __ ___ _ __ _ _ _ __ | |_
| | | / __| | '_ \ / _` | | | __ | __/| | __ | __/ _ \ / _ \ '_ \ / __| '__| | | | '_ \| __|
| |_| \__ \ | | | | (_| | | |_\ \| | | |_\ \ | || (_) | | __/ | | | (__| | | |_| | |_) | |_
\__,_|___/_|_| |_|\__, | \____/\_| \____/ \__\___/ \___|_| |_|\___|_| \__, | .__/ \__|
__/ | __/ | |
|___/ |___/|_|
_ _ _
| | | | | |
_ __ ___ ___ ___ ___ __ _ __ _ ___ ___ _ __ _____ __ | |_| |__ __ _| |_
| '_ ` _ \ / _ \/ __/ __|/ _` |/ _` |/ _ \/ __| | '_ \ / _ \ \ /\ / / | __| '_ \ / _` | __|
| | | | | | __/\__ \__ \ (_| | (_| | __/\__ \ | | | | (_) \ V V / | |_| | | | (_| | |_
|_| |_| |_|\___||___/___/\__,_|\__, |\___||___/ |_| |_|\___/ \_/\_/ \__|_| |_|\__,_|\__|
__/ |
|___/
______ _ _ _____ _
| ___| (_) (_) |_ _| | |
| |_ _ _ __ _ __ _ ___ _ ___ _ _ ___ _ ___ | | ___ __ _ ___| |_
| _| | | |/ _` |/ _` |/ __| |/ _ \| | | / __| | / __| | |/ _ \ / _` / __| __|
| | | |_| | (_| | (_| | (__| | (_) | |_| \__ \ | \__ \ | | (_) | (_| \__ \ |_ _
\_| \__,_|\__, |\__,_|\___|_|\___/ \__,_|___/ |_|___/ \_/\___/ \__,_|___/\__(_)
__/ |
|___/
Now that November 1st has come and gone, Fugacious / Toaster are gone as well. Without this system, GSA IT has requested that we share all sensitive information in other ways such as:
- Using Google Docs, such as a spreadsheet or document.
- Reading the message out loud over the phone.
- Sharing screens with the person and having them read it off your screen and write it out on their machine.
None of these are great options compared to how easy it was to use Fugacious / Toaster to send self-destructing messages to folks via a web form. Some projects at 18F also relied on Fugacious such as the cloud.gov team for the first iteration of passing deployer account credentials.
_ _ _ _ _ _ _____ _____ _____
| | | | |_ ___| |_ |_|___ | __| _ | __|
| | | | | .'| _| | |_ -| | | | __| | |_
|_____|_|_|__,|_| |_|___| |_____|__| |_____| |
|_|
_____
_____ _____ _____ _____ _____ _____|___ |
| _ | __| _ | | __|_ _| | | _|
| __| | | __|_ | __| | | | --| |_|
|__| |_____|__| | | |_____| |_| |_____| |_|
|_|
GPG stands for GNU Privacy Guard which is an open-source software suite that is OpenPGP compliant. OpenPGP is the open standard built out of the Pretty Good Privacy (PGP) encryption program.
With PGP you create a set of keys. A private key which you keep safe somehow. And a public key which you share with others in a responsible way. You can create as many of these keys as you'd like. Each one with a different identity which may be helpful when sending data infrequently.
__ __ __ ______ ______ ______ __ __ __ __ __ ______ ______ ______ ______
/\ \ /\ "-.\ \ /\ ___\ /\__ _\/\ __ \ /\ \ /\ \ /\ \ /\ "-.\ \ /\ ___\ /\ ___\ /\ == \/\ ___\
\ \ \\ \ \-. \\ \___ \\/_/\ \/\ \ __ \\ \ \____\ \ \____\ \ \\ \ \-. \\ \ \__ \ \ \ \__ \\ \ _-/\ \ \__ \
\ \_\\ \_\\"\_\\/\_____\ \ \_\ \ \_\ \_\\ \_____\\ \_____\\ \_\\ \_\\"\_\\ \_____\ \ \_____\\ \_\ \ \_____\
______\/___\/___\/_______ ___/ ______/_/__/_____/________/ \/___\/_/__/_/________/______/_____/__/_/__ \_______ ______
/\ __ \ /\ "-.\ \ /\ \_\ \ /\ __ \ /\ \/\ \ /\ == \ /\ "-./ \ /\ __ \ /\ ___\ /\ \_\ \ /\ \ /\ "-.\ \ /\ ___\
\ \ \/\ \\ \ \-. \ \ \____ \\ \ \/\ \\ \ \_\ \\ \ __< \ \ \-./\ \\ \ __ \\ \ \____\ \ __ \\ \ \\ \ \-. \\ \ __\
\ \_____\\ \_\\"\_\ \/\_____\\ \_____\\ \_____\\ \_\ \_\ \ \_\ \ \_\\ \_\ \_\\ \_____\\ \_\ \_\\ \_\\ \_\\"\_\\ \_____\
\/_____/ \/_/ \/_/ \/_____/ \/_____/ \/_____/ \/_/ /_/ \/_/ \/_/ \/_/\/_/ \/_____/ \/_/\/_/ \/_/ \/_/ \/_/ \/_____/
brew install gpg
After that runs, you will have the GNU Privacy Guard application suite installed. Try running the following command to read through your options.
gpg --help | less
________ __ .__
/ _____/ ____ ____ ________________ _/ |_|__| ____ ____
/ \ ____/ __ \ / \_/ __ \_ __ \__ \\ __\ |/ \ / ___\
\ \_\ \ ___/| | \ ___/| | \// __ \| | | | | \/ /_/ >
\______ /\___ >___| /\___ >__| (____ /__| |__|___| /\___ /
\/ \/ \/ \/ \/ \//_____/
__ .__
_____ ____ ______ _ __ | | __ ____ ___.__. ___________ |__|______
\__ \ / \_/ __ \ \/ \/ / | |/ // __ < | | \____ \__ \ | \_ __ \
/ __ \_ | | \ ___/\ / | <\ ___/\___ | | |_> > __ \| || | \/
(____ / |___| /\___ >\/\_/ |__|_ \\___ > ____| | __(____ /__||__|
\/ \/ \/ \/ \/\/ |__| \/
--gen-key generate a new key pair
Running gpg --gen-key
will walk you through the prompts for creating a key
pair.
____ __ _
/ __/__ __________ _____ / /_(_)__ ___ _
/ _// _ \/ __/ __/ // / _ \/ __/ / _ \/ _ `/
/___/_//_/\__/_/ \_, / .__/\__/_/_//_/\_, /
___ _ __ _ ___/___/_/_ ___ ____ ___/___/
/ _ `/ / ' \/ -_|_-<(_-</ _ `/ _ `/ -_)
\_,_/ /_/_/_/\__/___/___/\_,_/\_, /\__/
_ ____/___/ _____
__ _____ (_)__ ___ _ / ___/ _ \/ ___/
/ // (_-</ / _ \/ _ `/ / (_ / ___/ (_ /
\_,_/___/_/_//_/\_, / \___/_/ \___/
/___/
-e, --encrypt encrypt data
Using the -e
flag we can encrypt a message using our newly created PGP key.
gpg --armor --encrypt --recipient roger@rogeruiz.com --output encrypted.txt.lock decrypted.txt
___ __ _
/ _ \___ __________ _____ / /_(_)__ ___ _
/ // / -_) __/ __/ // / _ \/ __/ / _ \/ _ `/
/____/\__/\__/_/ \_, / .__/\__/_/_//_/\_, /
___ _ __ _ ___/___/_/_ ___ ____ ___/___/
/ _ `/ / ' \/ -_|_-<(_-</ _ `/ _ `/ -_)
\_,_/ /_/_/_/\__/___/___/\_,_/\_, /\__/
_ ____/___/ _____
__ _____ (_)__ ___ _ / ___/ _ \/ ___/
/ // (_-</ / _ \/ _ `/ / (_ / ___/ (_ /
\_,_/___/_/_//_/\_, / \___/_/ \___/
/___/
-d, --decrypt decrypt data (default)
Using the -d
flag we can decrypt a message using our newly created PGP key
from our previous encrypted file.
gpg --decrypt --output decrypted2.txt encrypted.txt.lock
While you can set expiration dates on keys, You cannot on messages. This means that folks with your old private key can still decrypt those encrypted messages for as long as they have your old keys lying around. This is why it's important generate single-use keys if you'd like to recreate the ephemeral nature of Fugacious.
Another caveat is how long-term PGP keys are a real hassle with not very little benefit. Read more about it here.
So far we've only been doing this locally on our machine. That's not super useful for replacing Fugacious. But we can leverage what we know about public and private keys and the previous commands to come up with interesting solutions. For this section, let's discuss and do some live coding to figure out how to best to tackle this problem.
Let's begin by sharing our public key with folks and then encrypt and decrypt messages we share with one another.
Here's some useful documentation for this exercise:
These slides still need to be fleshed out a bit, but the talk was a success to get fellow engineers working on how to support their post-Fugacious world. And I'm thinking it might be good to share this at an All-Hands as an alternative to using Google Docs for sharing sensitive information. Some cohorts brought up some great points about how both PGP is hard to work with for non-technical folks and how GPG tools have a GUI that makes it easier to use. Though, I'm not sure if we can use the latter. For now GPG can be installed via
Homebrew
so we're good on installing that. Will need to research things a bit more.