Werner Koch | |
---|---|
Born | Düsseldorf, Germany | July 11, 1961
Occupation | Software developer |
Known for | GNU Privacy Guard |
Website | werner |
Werner Koch (born July 11, 1961) is a German free software developer. [1] He is best known as the principal author of the GNU Privacy Guard (GnuPG or GPG). [2] He was also Head of Office and German Vice-Chancellor of the Free Software Foundation Europe. He is the winner of Award for the Advancement of Free Software in 2015 for founding GnuPG. [3]
Journalists and security professionals rely on GnuPG, and Edward Snowden used it to evade monitoring whilst he leaked classified information from the U.S. National Security Agency. [4]
Koch lives in Erkrath, near Düsseldorf, Germany. He began writing GNU Privacy Guard in 1997, inspired by attending a talk by Richard Stallman who made a call for someone to write a replacement for Phil Zimmermann's Pretty Good Privacy (PGP) which was subject to U.S. export restrictions. [2] The first release of GNU Privacy Guard was in 1999 and it went on to become the basis for most of the popular email encryption programs: GPGTools, Enigmail, and Koch's own Gpg4win, the primary free encryption program for Microsoft Windows. [2]
In 1999 Koch, via the German Unix User Group which he served on the board of, [2] received a grant of 318,000 marks (about US$170,000) from the German Federal Ministry of Economics and Technology to make GPG compatible with Microsoft Windows. [1] In 2005 he received a contract from the German government to support the development of S/MIME.
Journalists and security professionals rely on GnuPG, and Edward Snowden used it to evade monitoring whilst he leaked classified information from the U.S. National Security Agency. [4] Despite GnuPG's popularity, Koch has struggled to survive financially, earning about $25,000 per year since 2001 [2] and thus considered abandoning the project and taking a better paying programming job. [4] However, given Snowden's leaked documents showed the extent of NSA surveillance, Koch continued. [4] In 2014 he held a funding drive and in response received $137,000 in donations from the public, [2] and Facebook and Stripe each pledged to annually donate $50,000 to GPG development. [2] [5] Unrelated, in 2015 Koch was also awarded a one-time grant of $60,000 from the Linux Foundation's Core Infrastructure Initiative. [5] [6]
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.
GNU Privacy Guard is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperable with GnuPG and other OpenPGP-compliant systems.
Enigmail is a data encryption and decryption extension for Mozilla Thunderbird and the Postbox that provides OpenPGP public key e-mail encryption and signing. Enigmail works under Microsoft Windows, Unix-like, and Mac OS X operating systems. Enigmail can operate with other mail clients compatible with PGP/MIME and inline PGP such as: Microsoft Outlook with Gpg4win package installed, Gnome Evolution, KMail, Claws Mail, Gnus, Mutt. Its cryptographic functionality is handled by GNU Privacy Guard.
Free Software Foundation (FSF) grants two annual awards. Since 1998, FSF has granted the award for Advancement of Free Software and since 2005, also the Free Software Award for Projects of Social Benefit.
S/MIME is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 3369, 3370, 3850 and 3851. It was originally developed by RSA Data Security and the original specification used the IETF MIME specification with the de facto industry standard PKCS#7 secure message format. Change control to S/MIME has since been vested in the IETF and the specification is now layered on Cryptographic Message Syntax (CMS), an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them. Since it is built on CMS, MIME can also hold an advanced digital signature.
Open-Xchange is a web-based communication, collaboration and office productivity software suite, which enables full integration of email, documents, scheduling and social media.
WinPT or Windows Privacy Tray is frontend to the Gnu Privacy Guard (GnuPG) for the Windows platform. Released under GPL, it is compatible with OpenPGP compliant software.
Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication.
Tinfoil Hat Linux (THL) was a compact security-focused Linux distribution designed for high security developed by The Shmoo Group. The first version (1.000) was released in February 2002. By 2013, it had become a low-priority project. Its image files and source are available in gzip format. THL can be used on almost any modern PC, as it requires an Intel 80386 or better, with at least 8 MB of RAM. The distribution fits on a single HD floppy disk. The small footprint provides additional benefits beyond making the system easy to understand and verify- the computer need not even have a hard drive, making it easier to "sanitize" the computer after use.
Gpg4win is an email and file encryption package for most versions of Microsoft Windows and Microsoft Outlook, which utilises the GnuPG framework for symmetric and public-key cryptography, such as data encryption, digital signatures, hash calculations etc.
KDE Wallet Manager (KWallet) is free and open-source password management software written in C++ for UNIX-style operating systems. KDE Wallet Manager runs on a Linux-based OS and Its main feature is storing encrypted passwords in KDE Wallets. The main feature of KDE wallet manager (KWallet) is to collect user's credentials such as passwords or IDs and encrypt them through Blowfish symmetric block cipher algorithm or GNU Privacy Guard encryption.
Incognito was a Linux distribution based on Gentoo Linux. Its main feature was the inclusion of anonymity and security tools such as Tor by default and being able to be used as a Live CD or Live USB.
GPG Mail is a commercial extension for Apple Mail which comes as part of GPG Suite, a software collection that provides easy access to a collection of tools designed to secure your communications and encrypt files. GPG Mail provides public key email encryption and signing. It integrates with the default email client Apple Mail under macOS and the actual cryptographic functionality is handled by GNU Privacy Guard.
Tails, or The Amnesic Incognito Live System, is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity. It connects to the Internet exclusively through the anonymity network Tor. The system is designed to be booted as a live DVD or live USB, and leaves no digital footprint on the machine unless explicitly told to do so. It can also be run as a virtual machine, with some additional security risks. The Tor Project provided financial support for its development in the beginnings of the project, and continues to do so alongside numerous corporate and anonymous sponsors.
Android Privacy Guard (APG) is a free and open-source app for the Android operating system that provides strong, user-based encryption which is compatible with the Pretty Good Privacy (PGP) and GNU Privacy Guard (GPG) programs. This allows users to encrypt, decrypt, digitally sign, and verify signatures for text, emails, and other files.
Riseup is a volunteer-run collective providing secure email, email lists, a VPN service, online chat, and other online services. This organization was launched by activists in Seattle with borrowed equipment and a few users in 1999 or 2000, and quickly grew to millions of accounts.
pretty Easy privacy is a pluggable data encryption and verification system, which provides automatic cryptographic key management through a set of libraries for written digital communications. Its main goal is to make end-to-end encryption the default in written digital communications for all users in the easiest way possible and on the channels they already make use of, including e-mails, SMS, or other types of messages.
Nitrokey is an open-source USB key used to enable the secure encryption and signing of data. The secret keys are always stored inside the Nitrokey which protects against malware and attackers. A user-chosen PIN and a tamper-proof smart card protect the Nitrokey in case of loss and theft. The hardware and software of Nitrokey are open-source. The free software and open hardware enables independent parties to verify the security of the device. Nitrokey is supported on Microsoft Windows, macOS, Linux, and BSD.
In 2013, Edward Snowden, a former NSA contractor, leaked NSA documents that revealed the agency was collecting data from the electronic communications of United States citizens. Other disclosures included information about PRISM, the agency's data collection program, a surveillance metadata collection and XKeyscore, which supplies federated search capabilities for all NSA databases. Since that time, there have been perceptible increases in the general public's knowledge about the U.S. government's cybersecurity initiatives and awareness of how those initiatives have impacted the privacy of individuals, businesses and foreign governments.
SigSpoof is a family of security vulnerabilities that affected the software package GNU Privacy Guard ("GnuPG") since version 0.2.2, that was released in 1998. Several other software packages that make use of GnuPG were also affected, such as Pass and Enigmail.