One step forward, two steps back

According to the powers that be end-to-end encryption as we know it might be one of those things like the prosperity of the 1990’s that we can only reminisce about in the near future. Now as, always the most secure way to transit messages over a secure channel (i.e. any sort of online service, even one which implements end-to-end encryption is to handle encryption yourself.) For those of you that use Mac OS X, there’s not a better, simpler way to do it than NouveauPG.

NouveauPG is a mature product that has been out for many years and is compatible with virtually all other PGP software on the market the one caveat (and I cannot stress this enough) you can not import private keys from another PGP program. There are really good reasons for doing so, not to get technical but PGP has been around since 1993. I’m not even young and I was in grade school back then. AES, the gold standard for symmetric encryption was not even invented back then! The patent for RSA didn’t expire until 1991. Most existing implementations are still under coded under the assumption that memory is far, far more expensive than it is now.

I’m planning a promotion in honor of this current attention given to crypto (I remember this came up in the Bill Clinton administration!) Stay tuned!

Hello world!

Welcome to the new home of NouveauPG now with SSL, will continue to redirect here.


NouveauPG is the slickest, easiest to use communication utility for MacOS. It is compatible with all common OpenPGP clients. I cannot seem to emphasize this enough, you can’t import keys from another client into NouveauPG. The user this was intended for is new to PGP communication. This is a feature, not a bug, and part of the reason in my opinion that OpenPGP still has relatively adoption unlike, say, email. NouveauPG also allows you to ‘piggyback’ on other forms of communication like e-mail and forums using ‘ASCII Armor’. So unlike Signal, and other well funded services this doesn’t tie you to an ecosystem.

DSA keys deprecating/ELIMINATING DSA keys in in openssl 7.0

You don’t have to take my word for it, but when I was begin developing NouveauPG years ago I found that, 1.) DSA is just hours of testing debugging, etc. with little return on invest. Don’t get this twisted, this was never designed to make me a millionaire but I thought is was something that should exist. We’re only here for a short time and we really have to think beyond the fleeting riches which so many in the current tech industry base their self worth. Just sort of proud that I saw that coming years ago. ūüôā

pgp instractructure under attact

Apart from the due to the limited role of NouveauPG’s ‘eco-system’ it is safe for the secure transmission of text messages of any length across insecure medium. Social media etc. NouveauPG was written from the ground up and shares no code with the c. 1994 code-base. Apart from myself accessing this site via Tor which could be AWS nonsense, all is secure.


For the time being, is the internet address. There are some very strange things happening with I’m hoping to have everything back up ASAP, but for the meantime is the temporary address.

UPDATE: well this is weird, I can access via Tor, but not my home connection. I’m sure it’s nothing. I have more pressing matters, just thought this was interesting.

Well this is weird, I can access through Tor.

UPDATE (Nov 2, 2019): I have moved hosting from Amazon to Linode to be done with these shenanigans. My day job is similar.

E-Fail attack against GPGTools Remember with NouveauPG, the entire app is sandboxed. The only way to get data in or out is by selecting a file using the system file dialog box, or using the clipboard. No internet access, third party plug-ins or anything. The only reason encryption is not ubiquitous by now is the trade-off between usability. More ‘convenient’ schemes always seem to backfire. NouveauPG is as simple as I know how to make it.  ]]>

Compiling and Installing GnuPG Classic v1.4.20 on Mac OS X

xcode-select For older versions of Mac OS X, the procedure outlined here may work. 2.) Download the source code archive for GnuPG v1.4.20 here and the signature here. The signature is a text file that we will use to verify the source code archive. 3.) Decompress and extract the source code archive.

bzip2 -d gnupg-1.4.20.tar.bz2 tar -xvf gnupg-1.4.20.tar
4.) From the source code directory, run the configure script to make sure your command line tools are installed.
cd gnupg-1.4.20 ./configure
5.) Assuming there are no errors, from the same directory run make to compile gnupg. At this point, if everything went correctly, you should find the gpg executable in the g10 subfolder. 6.) If you wish to install GnuPG 1.4.20 as your default gpg:
sudo make install
You must uninstall other versions of gpg (including those installed by other software packages) before installing.]]>