FOSSwire

Keeping information safe and away from eyes that shouldn't see it can be pretty important. Here in the UK we've had several instances where the government has lost personal information. Since that information wasn't encrypted, it could be in anyone's hands by now.

One of the most popular ways to encrypt information is using the free GNU Privacy Guard software. In this short tutorial, I'll show you how to get up and running to use GPG to encrypt and decrypt some information. For now, I'm only going to cover encrypting information that only you want to get access to later, but I may follow up with how to transfer information securely to others in a future tutorial.

In this tutorial, I'll be trying to keep things as cross-platform as possible, so this guide should be easy to follow on Windows, Linux/Unix and Mac OS X. At FOSSwire we want to try and reach out and help users of non-Linux/BSD platforms to use free software too. Let us know how you think this tutorial works to achieve that and any thoughts on this issue in the comments of this post, or you can email me - peter@ this domain.

This will all be done on the command line, regardless of your operating system, but I'll show you more on how to get into that in a moment, once we are installed and ready.

Installation

First things first, install GNU Privacy Guard.

Linux/Unix

Most Linux users should already have this installed, if not then use Add/Remove Applications (or similar) and search for gpg or gnupg.

Each time you need to use GPG, open a Terminal program (it might also be called Konsole).

Mac OS X

Pre-built GPG packages are available from the Mac GNU Privacy Guard site. Download and install a package appropriate to your setup.

Each time you want to use GPG, you'll need to open Terminal, from /Applications/Utilities. Type the commands in this tutorial into Terminal to use the program.

Windows

A Windows version is available on the official download page. It is slightly difficult to spot, so here's a direct link to the current version at the time of writing.

Once you're installed, you'll need to open Command Prompt, from Accessories. Then type:

cd "C:\Program files\GNU\GnuPG"

That will allow you to follow the commands in this tutorial. Replace that path if you install GPG somewhere else, and remember that this will need to be typed in each time you load up Command Prompt afresh to use the program.

Setting up GPG

Once you have the software installed and your command line terminal open, let's get started.

The first thing you have to do in order to use the application is to create a set of keys. These keys are used to encrypt and decrypt information and they keep your data safe. Your keys are also protected by a passphrase that you must type in to use them (so that even if you lose your key and someone else gets a hold of it, it won't be any use without the passphrase as well).

gpg --gen-key

You'll see a load of weird messages, but you can just ignore most of them. The important question here is the kind of key you want. For now, we want to stick with choice 1.

Just type 1 and press Enter.

The next question you get asks you about key length. Just accept the default and press Enter here.

Next up, expiry. GPG keys are designed so that it is possible after a period of time to force your key to expire, for security reasons. For this tutorial, I'm not planning to distribute this key, so I'm going to choose 0, for key does not expire.

The penultimate set of questions ask you for some information to identify this key - your name and an optional comment. Once you've entered and are happy with that info, type O and press Enter to move on.

Finally, type a passphrase. This should be something secure and that isn't used elsewhere. The entire security of your encrypted data basically depends upon this being unguessable.

Note the emphasis on passphrase, this needn't and shouldn't be just a single word that is in the dictionary.

When typing in your passphrase, you won't be shown the typing in the terminal. This can be confusing if you haven't experienced this behaviour before. Don't worry - it is typing in properly, it just isn't letting you see it.

Once you've set the passphrase, GNU Privacy Guard goes off and creates your key. This will take some time, depending on how fast your machine is.

Once it's finished, you'll be sent back to the prompt. Now you have a key, let's encrypt and decrypt something!

Encrypting a File

So, how do we go about encrypting a file, so we can securely store it and decrypt it ourselves later?

Assuming you've still got that terminal window open from before, here's the command you need:

gpg --encrypt --recipient 'Name' "file"

Name - needs to be set to the name you gave in your key. This will allow you to decrypt it again later.

file - the path to the file you want to encrypt.

Once you've hit Enter to run that, your file will be encrypted. In the same folder as the original, there will be an encrypted copy with a .gpg extension.

Decrypting a File

OK, so now you need to get that same file back and read it. You securely erased the original, so you need to decrypt that version to get access to the data again.

The command you need is:

gpg --output "outputfile" --decrypt "file.gpg"

outputfile - the path to the file you want to put the decrypted contents in.

file - the path to the original, encrypted file you want to decrypt.

When you decrypt a file, you'll be asked to enter that passphrase. Type it in, and outputfile should now be the original file, just as it was.

Wrap Up

We have literally just scratched the surface here. GNU Privacy Guard is an incredibly powerful solution for all sorts of encryption and data security problems and this is just a limited scenario and light introduction into it.

This tutorial showed you how to use the command line program, however many of you may be more familiar and happier using a graphical program. There is a list of graphical frontends which does show you a few of these programs which might make using GPG a lot easier.

However, having an understanding on how to use the command line interface never hurts, and allows you to transfer those skills over to any platform.

Remember! Let us know how you think this tutorial works in branching FOSSwire out to support users of FOSS on other, non-Linux platforms.

Also, feel free to share any thoughts on the issue of cross-platform support. You can leave a comment below.

[image source]

OpenOffice.org 3.0 Beta is now out, and available to download. It has been a long time coming now, and one of the big new features being trumpeted is native Mac support.

I thought I would cross over to Mac OS X for this FOSSwire post, to compare the new native OpenOffice.org there to an unofficial fork called NeoOffice that has offered native support for a while now. I'll explain more about that later.

Whatever your views on the Mac platform, FOSS support on platforms other than Linux is undeniably important, so going over to view OOo from that perspective is something I think that is good to do. So let's get started!

What's NeoOffice?

For those who don't know, NeoOffice is a fork of the original OpenOffice.org code that started in 2003. Its aim was to bring the office suite natively over to the Mac platform.

The reason why this was necessary is that OpenOffice.org was written basically to run under two windowing environments - it ran under Windows natively, and used X11 for Unix systems. While it certainly is possible to run X11 on Mac OS X and therefore run OpenOffice.org, it hardly provided a good user experience, and made it a right pain to do.

For lots of different reasons, the official project wouldn't devote the time and resources to doing the Mac port, so a group of developers took the OOo source code and made their own derivative just for the Mac, called NeoOffice.

The differences between the two versions aren't just code and branding, however. The NeoOffice distribution is available only under the GPL, whereas OOo official has other licensing options available.

This meant that when the official team focused their attention on a Mac port, all the hard work that the NeoOffice guys had done on getting their Mac port going couldn't be introduced back into the core source code, due to the licence differences.

Differences Between OOo 3.0b and NeoOffice

Anyway, enough politics. Apart from the new features in OOo 3.0, what are the differences between the two native Mac implementations?

Speed

This might be just down to the official build's general speed improvements, but OOo is miles faster to cold start that NeoOffice.

The NeoOffice interface actually uses Java as a bridge to get to the Aqua user interface, as far as I'm aware, OOo doesn't. Taking Java out of the equation might be one of the elements speeding it up.

Once you're actually in the app, however, the speed of both apps is comparable, apart from in one area.

Using the mouse wheel to scroll through a document is relatively speedy in NeoOffice (albeit not as smooth as most apps), but right now is very sluggish and a bit disappointing in the OOo beta. Hopefully this should be addressed by the final release.

Interface

Branding differences aside, the two applications generally look and feel mostly the same. NeoOffice does have a custom icon set that looks more Aqua-ish, but OOo's one isn't bad either.

Dialogues and windows generally use the same layout across the two distributions. From a Mac user experience perspective, many of them still feel a bit 'Windows-like' and thus may put off the Mac user, but that is something largely unavoidable without rewriting a lot of the application.

Fonts on buttons and in interface elements do look better in OOo, in my opinion, but still look obviously out of place with other Mac applications. Again, this is pretty much something unavoidable without a completely separate app for Mac OS X - something quite infeasible and a bit unreasonable.

Functionality

Functionally, there is little difference between the two, apart, obviously, from the new features offered in the new version of OOo.

Which One Is Better?

If you're not bothered about being 'official' to OOo, I would recommend that Mac users wanting to use the Free office suite stick with NeoOffice (unless you want to run a beta).

The stability provided by NeoOffice is pretty good in my experience, and the beta credentials of the official build mean that for important stuff, it's probably worth sticking with 2.2.3 right now.

There is very little to choose between the two implementations. Once OOo3.0 has matured and the final release is made (and therefore stability can be guaranteed), it might have just enough in terms of speed and subtle improvements to sway you in that direction.

Provided that the laggy scrolling issue can be dealt with, of course.

Give It a Spin Yourself!

Anyone wanting to try the new OpenOffice.org 3.0 beta can download it and give it a try, while NeoOffice can be downloaded for Mac OS X only.

This one is probably aimed more at the geekier end of the market, but it is an application well worth covering.

There are many reasons why you might want to capture the raw network traffic that is entering and leaving your system. This can be for diagnostic purposes when something has gone wrong, finding out if there's a rogue program on your network, or if you're just curious about what communications are going on.

Wireshark (formerly Ethereal) is one of the most well known free software packet capturing and analysis tools available. It is cross platform, and runs on Windows, Linux, Mac OS X and many other Unix-like operating systems.

A basic capture can be started by clicking the leftmost button on the toolbar and then selecting your primary network interface and clicking Start.

From that point on, Wireshark will capture all of the packets that are entering and leaving that interface. You can now get to work as normal, or do some action and come back and analyse the results later.

The analysis interface allows you to filter the packets by many criteria, including protocol, source, destination and many more powerful filters. You can then deconstruct what is going on by looking at the hex view, or on supported protocols, by looking at the data (such as the HTTP conversation in the screenshot above).

Packet dumps can then be saved to disk in libpcap format, and reopened in Wireshark or another program that supports the format.

Packet analysis isn't for the faint of heart, or for those who don't have some understanding of TCP/IP and other networking concepts. If you do like to delve a little deeper into what's going on network-wise, however, Wireshark is an invaluable tool and one of the best programs in its class.