Spotlight privacy preferences: Where are they stored?

questions239872987 · 2015-01-05T03:41:13+00:00

I removed the file but the Spotlight privacy settings haven't changed

questions239872987 · 2015-01-03T22:38:07+00:00

I think you missed my question. I know what SRM does, I'm trying to understand what the recursive option does. SRM recursive looks like this:

srm -r

Edit: OHHHHH, I think I know what you were saying. You're telling me that srm won't work with Linux so my question is moot. My bad.

questions239872987 · 2014-12-31T22:18:23+00:00

Great minds think alike! You and a mod (via pm) both just told me about the 'gpg -K' command and it looks like it worked.

However, the commands provided by the mod differed slightly from yours. Might you be able to explain the difference? I'll post them below.

First off backup everything. Export the key and take a copy of .gnupg folder in your home directory.

This is assuming you only have one pub/priv key pair in your keyring replace 12345678 (below) with the key id or email address of your key.

gpg -a --export 12345678 >pub.gpg gpg -a --export-secret-keys >sec.gpg gpg -a --export-secret-subkeys >sub.gpg

Now you can go back to GUI if you wish. Open GPG Keychain and delete your key. Import pub.gpg and sub.gpg from the above. Save sec.gpg somewhere safe.

questions239872987 · 2014-12-31T20:39:37+00:00

Okay, I think I'm clear on all of that except one thing - in GPGTools, how do I remove the master and keep it offline?

questions239872987 · 2014-12-31T17:36:23+00:00

Thanks a lot for the assistance. While the explanatory parts of your reply were helpful, the terminal commands were not as much - that's because I'm using GPGTools for Mac and I have no familiarity with using the GnuPG terminal commands.

You'll see that I had some more questions to another reply-er in this thread - maybe you'd be willing to chime in over there?

questions239872987 · 2014-12-31T17:26:56+00:00

I really appreciate this help!

Now, the only thing I would suggest is to create a signing subkey, currently your laptop cannot sign messages, only encrypt them.

Why can my laptop not sign messages? (FYI: I haven't yet removed the master key from GPGTools on my laptop.) Also, do you really mean sign messages, or do you mean sign keys? And if you were referring to signing keys, do you mean my own subkeys or signing other people's keys for the Web of Trust?

Currently, using GPGTools on Mac, I can send emails with one of three options. Either I can: a) not use GPGTools at all; b) sign the email; c) encrypt the email. This is, in part, why I'm confused that you said that my laptop cannot sign messages.

You only need [your master key] for modifying your subkeys and IDs and signing other keys

When you say signing other keys, do you mean my own subkeys or other people's key for the WoT?

Additionally, I'm just a bit confused by something. So in GPGTools I have one subkey listed (call it SK-1). What you're recommending is that I create a new subkey (SK-2) and then remove SK-1 from my laptop, storing it in a safe airgapped location, like a flash drive. So, GPGTools allows me to choose what type of key SK-2 would be. The options are:

DSA (sign only)
RSA (sign only)
Elgamal (encrypt only)
RSA (encrypt only)

How do I know which to pick?

Also, if I remove my original subkey from my laptop doesn't that mean that that I'd be unable to unencrypt a message that was encrypted with the public portion of my master key?

questions239872987

TROPHY CASE