EasyGPG 4.58 (2024-03-09)

Notice:
If the domain name in the address bar is anything other than
http://easygpg2.i2p/,
http://bwxry5alzx5ihgrd3glah4eotddblzhalvpheppnw4zcajzqoora.b32.i2p/, or
http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/,
you have an insecure connection to this site through a portal, and the portal probably added JavaScript scripts. If you can not use Tor or I2P, you would do better to use
https://codeberg.org/giXzkGsc/EasyGPG/ or
https://archive.org/details/easygpg

EasyGPG is an easy-to-use GUI for GPG (GNU Privacy Guard) that uses Zenity and Xclip.

EasyGPG is released under the GNU General Public License, version 3.0. Feel free to hack away at it. See the notice at the bottom of this page.

Here’s the help page for EasyGPG. This is written to be understood even by those who barely understand what encryption is.

Here’s a page with more technical details about EasyGPG.

EasyGPG will do something useful with any file or folder you drop onto its Desktop file. All files created by GPG are handled as you would hope except for detached signatures. EasyGPG properly handles all keys and messages appearing in text, even if there are several.


Installing EasyGPG for the First Time

When you click on the following link, you will be prompted either to save the file or open it with the appropriate software. If you save it, find where you saved it, and then double-click it.

In either case, extract the contents of the file, which will be a folder called EasyGPG-Installer. Open this folder, and double-click Install EasyGPG. The installer will download the latest version of EasyGPG, and then prompt for a location in which to save your new EasyGPG folder. By default, the new EasyGPG folder will be named easygpg, but you can use any name you like. You may have to refresh the folder to make the icons appear correctly.

When installation is complete, some windows will pop up. Read these, and you are on your way to using EasyGPG.

EasyGPG-Installer.tar.gz


Updating EasyGPG

Versions Earlier than 3.0

Follow the instructions above, but select your already-existing EasyGPG folder. If you do this correctly, you will be asked whether or not you want to replace the existing EasyGPG. Click “Replace” to replace your old version of EasyGPG with the latest version.

In the EasyGPG-Actions folder, double-click EasyGPG Help to read about this new version.

Versions 3.0 or Later

If your present version is 3.0 or later, but earlier than 4.0, select “Check for a new version of EasyGPG” in the main menu. Otherwise, double-click Check for a new version of EasyGPG in the EasyGPG-Actions folder.

If the version you just updated to is not EasyGPG 4.58, update again.

You may have to refresh the folder to make the icons appear correctly after updating.


Files

screencast videos of EasyGPG
the EasyGPG installer
my public key as a text file
command-line help
easygpg.sh as a signed tar archive in text form
the easygpg folder as a signed tar archive in text form
offline documentation
past versions of EasyGPG and the EasyGPG installer
specification for the new Minus protocol, latest revision


Privacy

EasyGPG

No “authorities” have ever communicated with me about EasyGPG.

When using software, the greatest threat to privacy and security is the Internet. EasyGPG will not attempt to communicate with the Internet unless you tell it to read text from the Internet or check for a new version. EasyGPG uses no “telemetry.” I will make no attempt to discover who is using my software, where, when, or for what purpose.

This Website

No “authorities” have ever communicated with me about the EasyGPG sites — neither the .onion site nor the .i2p site, and not the EasyGPG items on Codeberg and the Internet Archive, either.

No “web design software,” such as WordPress, is used to create my web pages. I create my sites using asciidoc with the HTML4 backend and some small shell scripts I have written.

My web pages contain no scripts. My sites use no analytics, nor do they set or read cookies. Neither do they use JSON web tokens, ETags, or web storage.

My sites have no server-side scripts or other forms of CGI software of any kind whatsoever.

All requests to the sites, other than GET and HEAD requests return an error. There is no way to send files or other information to my sites. Even URL query strings are useless. A “?” in a URL, and everything that follows it is completely ignored.

I want to be able to honestly say that I do not know how many different people or bots access this site, what software they use, nor who or where they might be. However, as noted below, I can, while I am at my desk, see what files are being requested.

If you are viewing this page on http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/ or http://easygpg2.i2p/, your request has been logged in a request log. All the entries in this log are erased at least once every 24 hours. This log is stored on a tmpfs file system, and is not backed up.

Each log entry includes only the following information: the local date and time, the HTTP status code, the request type, the “Host” header sent with the request, the document or directory requested, and the number of bytes returned to the requester. No other headers sent with the request are logged. Specifically, no “Useragent” or “Referer” headers sent with the request are logged. The IP address of the requester is not logged either. Because of the way Tor and I2P work, this is not possible. The only address the server sees is 127.0.0.1 (localhost).

Of course my request log is not shared with anyone else, and it is on a machine that no one else is allowed to log onto.

The only purpose of having a request log at all is to identify possible abuse: DoS attacks, etc. I have seen no such abuse so far, but I have seen much probing. Most of this probing generates 404 errors.

Whenever a request is sent to the .onion and .i2p sites, the following response headers are sent. Date, Content-Length, Content-Type, and Last-Modified headers will also be sent, though, of course, their values will not be the same for every request.

X-Frame-Options: DENY
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), interest-cohort=()
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; media-src 'self'; img-src 'self'; style-src 'self'
Accept-Ranges: bytes
Keep-Alive: timeout=60

Copyright Notice

EasyGPG 4.58
Copyright (C) 2015 - 2024 the author indicated below
The author of EasyGPG made an OpenPGP, RSA key pair.
The fingerprint of this key pair is
BA34F30AC917CB0714884A3DA6BDBF5757B731E9
easygpg.sh contains the public key of this key pair,
as well as 3 PGP messages signed with it.

EasyGPG is distributed under the terms of the GNU General
Public License, version 3 (https://www.gnu.org/licenses/gpl.html).
EasyGPG is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY--without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.


Last updated 2024-03-09 15:30:03 UTC