celesteh – Page 34 – Les said, the better II

It’s alllllliiiiive!!!!!!

Caravia asks, rhetorically, I hope, “Is feminism dead?” There’s nothing as fun as answering a rhetorical questions, so therefore, my answer is “if it was, you wouldn’t be asking that question.”

She goes on to point out that the key players in the Iraq war boondoggle have been almost all men. That’s true, but I would caution against the drawing of certain conclusions based on that. Lest anyone think that women are automatically better, more peaceful leaders, may I draw your attention to Marget Thatcher. I think it’s an error to assert the automatic superiority of women in any matter. Women suck just as much as men. We already have equality in stupidity.
The reason fewer women were in war planning has to do with the spectacular level of sexism in the US. However, it may also be the case that the war itself is a result of the same sexism. The US seems to be going through a certain crisis of masculinity. There’s a desire afoot to assert a masculine presence. Columnists fret about a metaphorical castration of the armed services. Voter’s positive evaluations of Bush before his re-election also seem to be mostly based on the perception of him as the more manly candidate. Therefore, I would say that the lack of women in high levels of the Pentagon did not cause this disastrous foreign adventure, but instead, is also an effect of the same social forces that caused the war. What better way to assert a hyper-masculine presence than kicking some ass.
Note that the war was marketed as “ass kicking.” Toby Kieth sang, in the widely played song Courtesy of the Red, White and Blue, “An’ you’ll be sorry that you messed with the U.S. of A. / ‘Cos we’ll put a boot in your ass, it’s the American way.” Of course, it was not Iraq that “messed with” the United States, it was Al Quaeda, but an extensive misinformation campaign caused the majority of Americans to believe that Iraq was at fault. Kieth sang, “A mighty sucker-punch came flying in from somewhere in the back.” obviously alluding to the September 11 terrorist attacks in New York. A sucker-punch is an unexpected hit: a tap on the shoulder from behind followed by a fist to the face. He felt this was a damage to the dignity of the US, singing metaphorically about a “big black eye,” which is used, typically, not to just refer to an physical injury, but also a humiliation. In the barroom brawl in which he imagines foreign policy occurring, the US’ masculinity has been compromised.
Alas, the “boot in ass” did not go as well as some might have hoped. Osama bin Laden was at large. There was no catharsis in extending the suffering of Afghanis and the already-destroyed infrastructure in Afghanistan. By contrast, there were plenty of things to blow up in Iraq.
The recipient of a sucker punch must retaliate to the punch or risk being labeled a “pussy.” “Pussy,” of course, is a crude word for a vagina as well as a descriptor for an insufficiently masculine man. The symbolism of the toppelling towers was not lost on the American subconscious. We were castrated, a hole left where once a tower stood.
The presence of more women in the Pentagon, then, wouldn’t mean the women there would be any smarter or less loyal Bushie than their male colleagues, but it would imply that the crisis of masculinity was lessened or passed, thus causing a decrease in sexism and an increase in female participation.
Caravia goes on to note:

The idea with . . . peace movements driven by women is to raise awarness about the consequences of the war, the millions of civilian casualties. Not only the killed, but . . . the raped women, carrying the children of their rapists, the people killed in genocides around the world.

Her implication is, then, that male-driven peace movements focus on something other than civilian casualties. Perhaps they focus more on the (not inconsiderable) harm suffered by American soldiers? This is an interesting assertion and one that bears further analysis. It’s certainly the case that woman are more able to have an immediate empathy with foreign victims of rape. American women are taught rape fear from an early age. Outside areas at night, mall parking garages, even the homes of friends are all fraught with danger. This ever-present rape awareness creates a connection between American women activists and their sisters in war zones. (I can’t speak for European women’s experiences.)
Others seem to have a harder time empathizing with women. In his song, Keith clearly imagines his metaphorical protagonist as male. What happens when somebody “sucker punches” a woman? Firstly, I doubt many would refer to it as a sucker-punch, but rather as an assault. And the response to an assault isn’t to get into a brawl, but rather a more legalistic approach of calling the police, pressing charges, etc: a due process where, ideally, everyone involved is treated fairly and justly. This kind of response is one that might not work as well in a song (“Whip out my cell, before you can run / dial the operator at 9-1-1. / The police will come and put you in jail. / It takes 72 hours to set bail”), but is one that doesn’t harm innocent bystanders or set off a larger, regional bar-brawl.
That Keith and others couldn’t imagine themselves as acting as anything other than a humiliated man may stem from a horror at their tower being replaced by a hole but more likely shows that the crisis of masculinity was already present, probably brought about by other social factors, probably including economic insecurity. This shows that a thriving feminist movement could result in peace and also that it’s tied to other struggles, like class inequality and the healthcare crisis.

Organ Concert Review

The Grote Kerk in The Hague is having an organ festival right now, which explains why I keep hearing organ music while walking the dog. Last night, I saw a very small flyer for it posted to the church door and decided to check it out. I really like organ concerts and I can name one organ composer off the top of my head (Henry Brant), but I’ve never written for the organ and don’t know too much about the instrument. As a former resident of the Bay Area, though, I was pretty lucky as there are two Mighty Wurlitzer organs installed in local movie theatres. One is in the Grand Lake in Oakland and the other is in the Castro. Also, Wesleyan University, where I was in 2003-5, has a pretty nifty organ which was brand new when I was a student, so I got to hear a lot of organ music, including a new piece by Christian Wolff. This whole paragraph is a long way of saying: I don’t know much about the organ (factoid: invented by ancient Romans), but I dig it.

The performer last night was Leo Van Doeselaar of Amsterdam / Leiden. There was a pre-concert talk of which I understood nothing and then he went up to the organ loft to play. Church organs are often located in the back of churches, which is the case in Den Haag’s Grote Kerk or sometimes on the side. Almost never does a listener actually face the organ (Wesleyan is an exception to this). However, the chairs were arranged, so the audience sat facing the back of the church and hence the organ. Also, it’s often the case that the organist can’t be seen. They had set up a screen and a projector so that there was a camera pointing at the organist and the image was projected where we could see it. Kind of strange, but also interesting.
This particular organ has two panels of stops on either side of three manuals (keyboards). the stops control which pipes are getting air in them and they’re a bunch of knobs which can be pulled out or in (hence the expression, “pulling out all the stops.”). The organist had an assistant who was a page turner, but also did a lot of stop manipulation. The music would switch manuals without a break and while one manual was being played, the busy assistant would re-set the stops for the return to the original manual. Interesting to watch.
The first two pieces were from the 17th century. Which, alas, is not my favorite century. Also, note in the first paragraph that most of my organ listening has been with theatre organs, which often play a more popular repertoire. So the music just seemed kind of . . . sedate. The organ was not punching through and not filling the space. I could see the performer and I could tell he was playing is heart out, but it just wasn’t translating for me. So I wondered if it was the music or the organ. “Well, they can’t all be Bach’s Toccata in d.” (You know the piece. It’s a very dramatic and cliche organ piece. Nicole associates it with horror movies.)
Even as my mind wandered, certain sonic effects were occasionally interesting and I wondered if I might want to exploit them by writing an organ piece. (Well, why not?) Then, the organist started on the third piece, Gioco by Peter-Jan Wagemans (wikipedia). I do not need to write an organ piece, as Wagemans used all the cool bits that I had noticed and several I hadn’t. The piece was astoundingly amazing. The composer is an organist himself, so he is able to write as somebody who really, really knows the instrument. And as he’s a local guy, it’s very well-suited to the sort of organ they tend to have in Holland. It played off the reverb in the cathedral very well, using short notes played quickly to create textures. There was a section where a certain flourish was repeated a few times and each time there was a note repeated afterwards like an echo. The stops for that note were really mushy sounding, not cutting through at all, so it was hard to tell when it started and stopped. It was more of a presence. And I swear, it sounded like a real echo. One that boldly defied physics: believable and slightly disorienting!
There was no clapping between pieces, but the audience was all abuzz after that one. Organists, take note: you can make people very happy if you depart from the 17th century. There are composers alive today and some of their work is amazing.
Then, alas, we returned to the dusty past. But, much to my delight, the last piece actually was Bach’s Toccata in d. Man, I love that piece. It’s great. So unapologetically dramatic! And it’s got these huge parts that should just, imo, shake the fillings out of your teeth. There’s a piece for an organ, something that fills a space! A gigantic installed behemoth, an ancient roman excess! Crashing and pounding like the ocean! Huge! but. It just wasn’t. Ok sure, it was dramatic. And it had a couple of moments that were kind of big. but. Maybe I’ve been conditioned by Mighty Wurlitzers to expect something too big, too much. Maybe what I expect is gauche and ostentatious and not what Bach had in mind at all. Maybe I’m crass. But crass is great fun but this was restrained and smallish.
I think the organ is just too small. It’s also kind of recessed, which can’t help.
I also think that I just must be crass, because the audience gave the organist a standing ovation and then rushed to the CD table. I do think he was a really good performer (especially the new piece was fantastic), so maybe they’re used to the organ and I’m not? I’m probably going to skip the rest of the series, however it also includes carillon recitals (no wonder the bells have been so interesting lately), so I will definitely listen for those.

Feminism and FLOSS

Introduction

Let’s start this with some definitions. (No, this isn’t about feminism and gum disease (although that might also be interesting).) FLOSS stands for “Free (Libre) Open Source Software.” As they say, that’s “free” as in speech, not “free” as in beer. FLOSS refers to software projects in which participation is more open. Users can get copies of the source code (this is the stuff that programmers make. you can change it and thus change the program) and do whatever they like with it, as long as what they distribute is also FLOSS. This is what we mean by “free.”
However, to be clear, the distribution model of FLOSS means it is often also available without monetary exchange. Users can go to a website and get tons of cool software for their computer, including an operating system. You can get computer hardware and never pay for any of the programs on it and do this without piracy or stealing. And if you have technical skills and really like a piece of software, you can even add features to it. Or, you can ask for the feature and somebody might even listen to you and do it.

Every piece of software has a certain community aspect. The users are a group of people who care about the software. Thus, all software has some community. But proprietary software owned by big companies can afford to ignore this community or even work against them. Many of the mis-features in the new version of windows were added at the bequest of media companies and are contrary to the needs and desires of the user community. This dynamic is less present in FLOSS software because the user community has direct access to the very essence of the software. If something unpopular gets stuck in, they can take it back out. Thus FLOSS software is inherently democratic, existing squarely within the free marketplace of ideas. The users own the software.
Therefore FLOSS empowers the user. This dynamic tends to have implications in the social dynamic among users. Many FLOSS programs have online resources to help users and the community will often offer help and support to each other. For example a FLOSS thing I use has an IRC group (a chat room). Many users log in and keep it open in the background. If they have a problem, they can ask about it. If they notice somebody else is having a problem that they can solve, they might jump in and help.
Many of the implications and goals of FLOSS have an obvious commonality with feminist goals. In a more concise summary, my internet friend Paula (aka Bastubis) wrote:

I think FLOSS offers better possibilities [than proprietary software] for feminist use because:

it’s community owned
mutual and self-help model
collaborative
empowers the user

Women Developers

Despite all the commonality between FLOSS and feminism, it’s still the case that only around 1.5% of FLOSS developers are women. Therefore, we can conclude that while FLOSS has a commonality with feminism, it is not, in and of itself, inherently feminist or women’s participation would be higher.
Ironically, some of the very openness of FLOSS may be part of the issue. All groups have hierarchies and power imbalances. In some groups, hierarchies are formalized and in others they are not. Informal groupings are fine for consciousness raising or within groups of friends, but they can become problematic in groups that are taking more direct action. For example, let’s say a CR group decides to act on a specific issue. One person might have an idea for a protest, but, since this is a new direction for the group, before presenting it to the group as a whole, she runs it by a few friends within the group who offer suggestions. Over time, in-groups and out-groups develop, where a core group of friends discusses things before brining it to the group as a whole. This dynamic can quickly become toxic and it’s why direct action groups often have specific handbooks for how to organize themselves. You cannot try to right a power imbalance unless you first recognize that it exists.
Ironically, sometimes even more oppressive hierarchy can be better for reaching feminist goals. About 20% of corporate developers are women. Corporations invest energy in trying to recruit women and trying to avoid the appearance of sexism (to some extent). This is not because corporations are good, far from it, but because we have been able to use the legal system to force them to be less discriminatory. However, turning the legal system on FLOSS is probably not the best solution to the lack-of-diversity problem, alas.
So, given all of this, what causes women’s non-participation in FLOSS? Well, most FLOSS stuff occurs on the internet. I remember the good old days of “nobody knows if you’re a dog on the internet” and how the invisibility of identity would lead to a truly colorblind, genderblind utopia. There’s multiple problems with this ideal, which can explain where it went wrong. First of all, access issues meant that the majority of (english-speaking) people on the internet were white men. This lead users to assume that anybody they were talking to was a white men. Secondly, anoninimity causes people to act like assholes. A few assholes could spew racist, sexist, classist garbage until populations that were sensitive to this would leave. The answer to this is not to do it in reverse because it’s a terrible model of how to behave and because it just won’t work. White guys are priviliged and this makes them less vulnerable to this kind of attack. So they’re in a position where they can exert this power and have no negative consequences for it. Probably, these are people who don’t feel terribly empowered in their daily lives. In the offline world, most gay bashers are teen boys who are alarmed about their own sexuality.
Informal hierarchies on online forums, coupled with conditions created by institutionalized oppression, therefore can create an environment which is explicitly hostile to women (and other minority groups). Because everyone is equally empowered, nobody is empowered to stop harassers, trolls, and vocal bigots. Indeed, a completely open forum is a situation where a troll (or a spammer) can destroy a community, by creating so much garbage that any meaningful communication is effectively drowned out. The way to solve this problem is to create a more formalized hierarchy, where certain users are granted the power to ban certain users or remove certain posts. These super-empowered users are called moderators. They keep spammers and trolls at bay. There are more refined models of moderation, such as rotating moderatorship or systems where comments are voted on and given certain scores (so users can elect to see only high-scoring comments).
However, moderation is only as good as the moderator(s). If the moderators don’t care about sexism, an informal hierarchy based on sex can still exist. These partially unmoderated portions of the internet are often explicitly hostile to women. The moderated sections are less hostile, but there’s still the nobody-knows-if-you’re-a-dog invisibility. Everyone around you is (apparently) a white man. This does not create a welcoming environment.
So what to do about women in FLOSS? As the hierarchies are most often informal, a legal remedy is probably not the answer. Therefore, I think there are two approaches we should explore. One is to work with prominent FLOSS organizations, like GNU, to put women in high profile positions. I think the Ubuntu group is probably receptive to this. This would create a situation where women FLOSS contributors are more visible.
The other approach is affinity groups. Having groups of women working together on FLOSS creates visibility and an a community which is specifically welcoming to them, potentially attracting more women to become active in FLOSS.
I think there’s also a financial issue Do FLOSS developers get paid for their work? (Frankly, I don’t want to add to the amount of unpaid labor already extracted from women.) Programmers in open source may be living off of donations to their projects. They may be funded by corporations and foundations. Some just do it in their free time. The grass-roots kind of FLOSS that we’re talking about is more in the free-time category of development. I’m guessing that the men who do free time development have some sort of infrastructure to support them. They’re students. Or they’re married and have a woman picking up after them or they have a maid (a woman picking up after them). By contrast, women who are not students usually have to pick up after themselves.

Non-profits

The ideals of FLOSS have a great synchronicity with non-profit enterprises, but if we want women who are in non-profits, and thus already getting low pay, to take up FLOSS development, it needs to be part of their job, not something for their free time. The good news about this is that there is funding out there.
If we want women who are in non-profits to take up FLOSS tools, we need to give them training and support, face to face, through affinity groups. The money they save on software licenses will make it worth their time. Also, we as developers need to make sure that the tools we give them are self-explanatory. If they want to get a volunteer to come in for an afternoon and do something, they want hir to just be able to sit down and do it, without having to spend too much time learning the system.

Conclusions

FLOSS and feminism could and should work together. To ensure that this happens on the development side, we need to push for both visibility and anti-sexist moderation policies. We can create visibility by getting women into visible formally hierarchical organizations that already exist and by creating our own such organizations. On the user side, we should specifically offer support through affinity groups, so that women have an explicitly welcoming environment where they can learn about FLOSS tools. Furthermore, we should specifically reach out to feminist non-profits as a means to help them become more effective and thus advance the cause of feminism in the brick and mortar world, as well as online.

Distances

And now, it’s the math you’ve all been waiting for. How far did we go?

Den Haag – Emmen: 363
Emmen – Jels: 487
Jels – Slagese = 162
These numbers are arrived at by: For the first section, adding up all the daily totals from when we were still in the Netherlands and I was doing daily totals. For the second section, taking the numbers from the Jutland Fietsroute (“The Viking Route”) book. For the third section, by getting distances from booklets published by the Dansk Cyclist Forbund.
The first and third sections are fairly accurate. However, the middle fails to account for many detours, including following a different cyclepath along the Wesser and taking several detours to fjords. Figuring out the actual distance is too much effort for my lazy self, but the number listed here is low.
No section accounts for wandering around for three damn hours looking for a night lodging that would take dogs, or side trips to campsites and grocery stores. I had a little bike computer that did real odometer readings, but it got dropped and broken in June.
So, in an idealized world where we did not get lost, go in circles or wander far and afield from the route to look at nearby cities, we went 922 km total. (I’m confident, therefore, that the real number is over 1000k, and therefore, I want to buy a touring bike, because I’ve gone far enough to justify it and cuz 3 geared Bromptons are no match for fjords. (Lovely, but dangerous. My sister got bitten by a moose once, for instance!))

By Country

Distance in The Netherlands: 391, in Germany: 374, in Denmark: 247

Travel Clips

More short movies! She first is from Austria. The first part is in Linz and the second in in the big cathedral in Vienna.

The second is an interaction I had with some animals in a nature preserve when I was biking in the northern part of the Netherlands.

Feel free to remix.

Stupid Maemo Tricks

I’ve been spending the last several weeks trying to figure out best way to blog from a N800 internet tablet. I now have a solution, but, alas, it’s stupid.

I signed up for a super secret gmail address. I set up the built-in mail client to use that address. I saved the email posting address for blogger and flickr in my contacts list.
I can upload to flickr by emailing pictures in. The subject is the title. The body is the description. tags go on new lines marked with “Tags:”. Not bad.
And I can email posts to blogger, but as far as I know, I get no tags.
The posts sit in the email outbox until I stumble upon an open wifi network. Then they get sent off to the appropriate places. So I can blog and do picture stuff when I’m offline.
This is really sub-optimal. There’s a nice-looking cross-platform uploader called glimmr, but I can’t build it on OS X because the configuration script is not cross-platform and I’m lazy (deadly combo). And there’s a blog client, but it crashes for me. Oh well. Better than nothing.
I’m off tomorrow.

Lake Woebegone

I just started getting the podcast to the American radio show “A Prarie Home Companion”. It’s patriotic Americana for the left wing. Or rather, the slightly less right wing. People who theoretically favor rights for gay people and women and immigrants, but want to dream of the midwestern heartland, populated by lonely Norweigan farmers and their foibles and aren’t we all struggling in this together, all of us straight, white, christian liberals?

I remember listening to a christmas episode and they were talking about the town Christmas pageant and the kids dressed as Mary and Joseph and the lights and the feeling of community and it made me feel terribly lonely. Because this community was not for me. I didn’t know the word “heteronormative” yet then, but I knew this imperfect paradise of essentialist americanism was not for me.
And my patience for it and longing for it has since been replaced by annoyance. What makes white, heterosxual christians more american than black people or gay people or atheists or costal people or queer, atheist costal black people?
I’m really tired of Americannes being defined regionally such that minority populations are more likely to be excluded. If we stop and think for a moment, we know that Lake Woebegone is not only inhabitted by white, straight christians. People migrate within the US. Even people born to Christian families drop the ID. 10% of the kids will be queer. But the continuing refernces to Norweigan farmers implicitly excludes atheists and queers and explicitly excludes jews, latinos, black people etc. Garrison Keeler’s America is not so different than Rush Limbaugh’s America. Except in Rush’s America, the enemies are at the gate. In Keeler’s, the same people Rush calls enemies just don’t exist at all.
And this is the choice for us in America. We can be normative and blend in, we can be invisible or we can be reviled. This kind of “choice” eats into you (and by “you” I mean “me”) even if you try to reject it. Square peg, round hole. Trying to make your identity fit into the grid provided for it. Being a queer alone is suxxor, because you just don’t exist. You have no mirror to reflect your existance. Affinity groups are essential for maintaining sanity, imo. Also, NPR sucks. Can we stop calling essentialist erasism “liberal?” Because it’s not, and I’m tired of it.

Book Review (relatively spoiler free)

So I just finished the latest novel, Harry Potter and the Title that Gives Away a Major Plot Point. Um, what can I say? That book is powered by hype. It was hype that made me go to a book store at 12:20 at night so that I could be among the first to purchase it. It was hype that made me sit and read it all at once. It was hype that first got me into the series.

Let’s face it, the writing is not all that great and the plots are all pretty predictable, although I’ll admit once in a while she throws in a good twist. That said, this book is much tighter written than some of the previous ones in the series. It’s a reasonable length and extraneous bits were mostly left out. There were no quiddich matches, for instance. Returning characters appeared without any backstory, which has it’s good points, but I found it kind of confusing when a red shirt not heard of except in passing for many books suddenly appears. The book makes most sense when the other books are fresh.
After sprawling across six previous books, some of them far too long, there are a lot of characters in the Harry Potter universe. Who could keep track of all of them? The teacher of Muggle Studies? Has she even been mentioned since an aside when the kids got old enough to take electives? So when the red shirts start dropping left and right, with no re-introduction, well, wait, who just got killed?
Anyway, off to a promising start with a focused plot, the book eventually gets . . . melodramatic. I won’t quote any words from it, but the writing gets to be completely over-wrought. Unsupportably so.
In a book about magic, it’s silly to complain about a deus-ex-machina, because, well . . .. Anyway, you’ve probably already made up your mind about whether or not you’re going to read it. Perhaps, like me, it’s already too late for you. But I will give a your of caution: just skip the epilogue.
What’s with the British tacking these stupid epilogues on to things? It’s just like the last chapter of Clockwork Orange. Why do they think we can’t handle just letting the damn thing end? No, several years in the future when the pain of all the dead red shirts had subsided, the surviving characters maintained the friendships that they had built and went on to breed. “All was well.” Yeah, it actually ends with “all was well.” Gah, what bullshit. All that melodrama with an inane epilogue . . . the combinations is too much. The book has a promising beginning but doesn’t pay off in the end.
Or maybe I’m grumpy because I stayed up until 6 AM reading and then woke up a few hours later and finished it. I need a nap.

Crypto Howto

Last night, I posted my PGP key with no context whatsoever. Some of you probably didn’t quite grok it. So here is an explanation of what it is and how to use it. This is specifically written for OS X users, but the concepts can apply more generally.

What is PGP

PGP stands for “Pretty Good Privacy.” But it’s more than pretty good, it’s very very strong encryption. This means that you can send email to somebody such that only that person can read it. You do not have to meet ahead of time and arrange secret passwords or secret knocks. No “the crow flies at midnight” required.
Or rather, there IS a “the crow flies at midnight” required but anybody and everybody knows it. This is something called a public key. You want to shout your public key from the rooftops. Anybody that wants to send you a secret message has to know it. But the public key is only half the story. You also have a private key which you keep secret.
Your buddy in the Animal Liberation Front wants to send you some secret email. Zie uses your public key to encrypt the email. This transforms hir message into a bunch of gobbledygook. Zie sends you the gobbledygook. Nobody can figure out what the secret message is – except for you! Your private key (and ONLY your private key) can descramble the message.
Your public and private keys go together. One scrambles. The other descrambles. They are a key pair and work together.
The main point: you can send secret messages to people that ONLY they will be able to read.
You can also use PGP to sign messages, which is something that we’ll get to at the end.

Why would you want to send secret messages?

Email goes through the internet like a postcard goes through physical mail. Your text is not at all hidden. The postal carrier can easily read what you’ve written. Do you use gmail? You know how the ads on the side are related to your email contents? It’s because they’re peeking at your mail to figure out what ads to show you. (They promise that no human ever peeks, it’s just an ad-making engine.)
Just like with a postcard, any computer sitting between your computer and the recipient can read your email. For Americans, under the Patriot Act, various government agencies can demand that your ISP hand over your email and never even tell you it happened. I’m sure you’re not planning any nefarious deeds, but recall that police have been infiltrating the sort of peace groups that gather and hold candles. If you’ve ever gone to an anti-war march or just have a similar name to somebody who has, it’s possible that your email is being intercepted. To put this another way: you know all those stories of woe surrounding the idiotic “no fly list”? Well, the same thing is probably going on with email, except since nobody tells you, you never know. Recall that the big telephone building in the Mission District of San Francisco has a bunch of federal spy equipment in the basement. Reading emails going into and out of the Bay Area.
Maybe you’ve got a really unique non-activist name and are completely apolitical. What have you got to hide? Except that steamy extra-marital affair!

Wait! Can’t terrorists and kiddie porn people also use these tools??!

Yep. Having opaque walls of your house ensures that nobody can see you when you’re sitting on the toilet, but it also means nobody can see you when you murder cute puppies. I’m still in favor of having opaque walls.

Getting Software

As if things weren’t confusing enough, the current version of PGP is called GPG. (The ‘G’ stands for GNU, not that it matters.) It does not come standard with OS X, but can be downloaded from: http://macgpg.sourceforge.net/
You will want to download several of the programs on that page. Scroll down some and then grab: GNU Privacy Guard. (Get the version that matches your operating system version (to find that out, go to the apple icon in the very top left hand corner of your screen. Click on it, then click on “About This Mac”. A window will open with a picture of an apple and the words “Mac OS X”. Below that is the version.))
Also grab: GPG Keychain Access, GPGFileTool, GPGDropThing and anything else that looks interesting.

Making Keys

After you download and install the tools, you need to create a key pair. Recall that a key pair means a public key and the private key that goes with it. One encrypts. The other decrypts. As you can probably guess, there’s some tricky math involved (it has something to do with the products of large prime numbers and is really cool, but this is the last you’ll hear of it in this post, alas). Fortunately, the software handles all of this for you.
Start up the GPG Keychain Access program. As you can guess from the name, this program keeps track of keys for you. Not only your keys, but the public keys of your friends, co-revolutionaries and secret lovers.
Under the Key menu, click “Generate”. A helpful dialog will pop up. The default values are all fine. When it asks for your name, give a name known to people who want to send you email. And for email address, obviously, you want an address also known to those people. For comment, give some info that will separate you from all the other Sarah Jane Smiths on the internet like “traveler in space and time” or “investigative reporter” or something that actually applies to you that will help your friends and co-conspirators recognize you.
Eventually, it will ask you for a password. This will be the password for your keychain. Recall that your private key has to remain secret. This secrecy requires the boring, old-fashioned, password-based security, like the combination lock on your gym locker. All the normal suggestions for picking passwords apply.
And finally, it makes your key pair. Which takes a while because of the tricky math. Go make a cup of tea or walk your dog while this part goes.

Sharing Keys

Posting your key to your blog is, alas, not the best way to share keys. Instead, there are computers called keyservers. These computers sit on the internet and do nothing but keep track of people’s public keys. They are good places to put your public keys and also a good place to find the public keys of other people.
Your new key is now listed in the Keychains window of the GPG Keychain Access program. Click on it so that it’s highlighted. Then, under the Key menu, select, “Send to Keyserver.”
Oh my gods, weird windows popping open! The terminal! Ack! Yeah, just close all of them. The program is kind of ugly and messy, but it does it’s job. Your key is now out on the internet where folks can find it.

Finding Keys

I can hear your inner monologue now, “Whee! This is fun! What next? Secret email! Oh, but who do I send it to?” Well, you could send some to me! But first, you need to find my key. Go back to the “Key” menu on your Keychain Access application and select “search for key.” Type in my name, “Celeste Hutchins”
More windows pop open, but this time you have to pay attention to them. The terminal window will give you a numbered list of all the people named “Celeste Hutchins” who have submitted keys. Which one is me? Well, make your best guess and type in the number next to it. It should then go into your key menu in the keychain application.
How do you know it’s really me and not some evil miscreant pretending to be me? Well, that’s a problem. And for that reason, you need to tell the keychain manager how much you believe that the keys actually go with the person that you think they go with.
Highlight my key. Under the Key menu, select “Edit.” Again, a terminal window opens. It waits for you to type a command. Type “trust” (without the double quotes) and then hit return. It then asks you about your trust level. It gives you a rating from 1 – 5, where 1 is “none” and 5 is “all the way.” this trust level is not about how much you trust me (or the person whose key you are editing). It’s how much you trust that they actually belong to who you think it belongs to. Do you trust that it’s really my key? Well, alas, there are some features that won’t work unless you select 5. So if you want to try sending me encrypted email, you’re going to have to pick 5. Type “5” (without the double quotes) and then hit return. Then type “quit” (without the double quotes) and hit return. Now you can close the window.

Encrypt Something

Yay, now the fun part! Open the program GPGDrop Thing. A strange-looking window opens. Type something in that window. Specifically, type your secret message! When you’re done creating your secret message, go to the GPG window and select “encrypt.” You get to pick the recipient from a drop down list. In that list, you will see your own email and the email addresses of everybody that you trust ultimately. Pick your recipient and then click ok. Your message will turn into gobbledygook. Now select the whole contents of the window, copy it and paste it into your gmail account (or other mail program). Send it. Only the recipient can descramble it.

Decrypt something

You just sent me encrypted email. I wrote back with an encrypted message. It looks like:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.7 (Darwin)

hQEOAwGSD30Hb8lOEAP/RmZP0J11auooLc/VGT13VDD1U+r2MhD3mivHOlK3pn8u
8gnSiHSvVTqX1xSRqWoyFKN9o+7oJMCOTLqzPxin+lzzejIPNJYQ8jIWASxHXSPS
2bAl+dVHywXs3FQH2ZgPa4Hn7hDfi5fR/cdmNdp0QTOz8JUEf8pfS8upkvGYQ1UE
AKhYTl455pEV2WU5+E4/LH0qifQWgRnmmS7J6UAow/u45GakeC2athUpF3K8l1uM
PnvLK41KRUhQPS+VkbK5CgPlR+EGTmZgxqE4fTe+oBSPB/M3DSNiCBHux/auAIOM
6QvvjCyw8G+Dejx9IGIVrky8En5rKAvdOwWfU9YApWhF0mMBEwEnVdbjuLoh+en1
e93Hfc3UabK7gGcx3xE+fJHtDnghYdamAKk0sR5kp7dBAtcENiNYmYlgD5p9hhvz
F8t3X0K/e8NREERDx814RL3AzhjJmcvTJEn27NXQ/lFOpH5AlDY=
=CNU6
-----END PGP MESSAGE-----

What does it say?! Copy and paste it into GPGDrop thing. Get everything between and including the “—–BEGIN PGP MESSAGE—–” and “—–END PGP MESSAGE—–“. Go to the GPG menu. Click “decrypt”. Now you can read your secret message!

Sign Messages

Sometimes encrypting messages is overkill. you don’t need to bother encrypting it, but you’d like to make certain that it hasn’t been changed mid-route. Maybe you’re sending email internationally and part of it got censored, just like an over-zealous postal carrier might strike out naughty words on a postcard. You can sign a message, thus showing whether or not it has changed en route.
This puts some text around the message like this:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is a signed paragraph.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFGoMDraT4BrLUNqWkRApd1AJ4xqy9KtjGdG1du6U+UKCrS3V0S3gCgoSdG
Ehf8fbykxxhJEGiq2bcZgRg=
=MKke
-----END PGP SIGNATURE-----

The main text is “This is a signed paragraph.” The rest is the signature. It verifies that the text that you received is the same as the text that I sent. PGP uses my text and my private key to generate the signature. The text and the key put together form a unique string of gobbledygook. You can verify that they match by cutting and pasting the whole thing into GPGDrop Thing. Under the GPG menu, click verify. If it verifies ok, the message is as I sent it. If does not, it means that my text has been changed.

Going further

If you use the Thunderbird mail client, you can install some PGP plugins to handle all of this for you. There are also scripts that exist for firefox. You will have to look these up on your own. Have fun!

Confused?

Please leave comments if you are confused or have ideas about how this can be improved. Is it clear enough for people who are not power users, but just surf the web and check their email?

PGP Key

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (Darwin)

mQGiBEaYzz8RBACRD6e18q4cGeBeIyearg6hse92sj+PppRRHhh/7V3c0igVXdik
hSaebeozxrQDa/k04vj0TyCh+/565FKqtFDPy+yGD4PkNqQ+zV40viktpcUCVOg9
ftJc/8Ao7LaCZehdUrOFgqYk7e0IQFhJM1LjkRBBhBwmaLrTYAFx2vKAVwCgxL8V
x6RPBCIbcYgwV0yT2nrjE+cD+wTfAuNo8zN9vhiGOaxoM4huFk6NKaIQfpMI3Y/8
jEuKnytyDf4fwfEbTRhZ43vBQYQbl3NW8aptT/OSdDSfbuPJT6f1lBStZDfwS+Di
uIABhLZ+xDCjCe5rocRGX+zX3qPcetvUY11rVQPyawk5RPdHHqjPCmzepwiU1YO0
ZqVEBACNgVBAfU8E2ESj+iea2gihEDxowkYmvpxhbGJZilFcwqCvbxEPhrMkUh2x
7Nn8vU49m2rsQM/AWc4Ox0c/dzpNJ3oyaTbiBGlGpOoT+Dim0sEPi2bUw7s3Epv+
oek6IUrSQ6YdeUudkBhApl7WNWR06zWlB04Zq3vmIm3ncaA0JLQwQ2VsZXN0ZSBI
dXRjaGlucyAoQ29tcG9zZXIpIDxjZWxlc3RlaEBnbWFpbC5jb20+iGYEExECACYF
AkaYzz8CGwMFCQHhM4AGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBpPgGstQ2p
afo/AKCsUG8o32WEKjeKjEYxIwDtv0bxoQCfeV8uYqNrcxFWyL/savABSCO+PyC5
Ag0ERpjPPxAIAPf9+7onD1l89XJ3oD8xhT0U2KesZ3yvpMZzLlm4P3DKOFahKtsE
ssQu2R4BMjkuetvnHcDBFJ4AzznK6mkmHJCjcTGWHTdsN7gotKcRAmI28dhtZvrp
PlHJkh/No7/2fR3/zgvDcntm0hUhPWNY3+848suy0jWv7TFHSZwDm28OYLRMhAuw
8JV3z2iSbJLOBpwQLhLTNkLicLq809BBqBQNG4s+nFH5GDKWVDAd45jkILXW4qlf
XvSbiS4XWid3jQTTpYObGYkFUNxxoPEQdsW43/EOv0NO6/7ZexpI9lAXgJvaC5hW
UntngkZ9PRzyGlBSlE+dhyUtAB+gA8xzvzMAAwYIAOgL9tdfLP+eL3+V8G8LPGdP
EY+wi73kYkobjk2G1zLbVRl163F1BXOfQAEAmopPyh+b4HOT7C88414t2MtN4BoG
UR/0+RvcRSKNluFi6mwGfxF5Eo/Qe5U2q+GmHmU459G77txU90Wf5pCE8Gf86vih
ecsNECUJ8ATPGPMF9LRv5zJiiPBaHOmsUlpFbDSy/Z7bJr32IuS+/JKug6mbuB+K
wtNxJrfkmIHVOB+5DTKydv1Neq6y5Uqzr+XQoQi+apn1bOIYRPW68i2hQ2W3Reg0
qufz/TBu7/LsUyAJNz8BcuKd7QVkG7s1Z/l+XlgaM64ztc1JnoI+ctplClvfBUyI
TwQYEQIADwUCRpjPPwIbDAUJAeEzgAAKCRBpPgGstQ2paa7nAKCtqMJetrzuP3zf
OAlsuQoNcNhjoACePRsxlYzvwFyUAz1wI1fqDzcV08E=
=1qVO
-----END PGP PUBLIC KEY BLOCK-----

Crypto is good