I've mentioned GPG before in the context of being both the best tool for creating cryptographic signatures and for encrypting messages you want to send through a potentially hostile channel. To help show what a GPG signed message looks like I though I'd post an example.1 The signature can be verified with the GPG public key posted here by all interested parties.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you are a representative of Solar Wind Mining reading this, be aware that I'm not calling you a scam. I'm saying that your potentially legitimate venture doesn't even look as good as some scams, and this situation was entirely preventable. Originally posted October 7th, 2013 Signed October 9th, 2013 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSVOiTAAoJEDCbuNfzJRFDh+cP/1BcJ0gJXo+RQ+OH2U1ZWFGl nqm7oEphS9D3vsFamd8Gl3sHNZeKX27GFEy1E846l862XAMqUKaJ/gY56EYb+PRx J6U55T4kjIW00foJlKnAjeiqNkrRf/ejQGO7NKYWMXJsa9+h0icVjYZOzSRRbpdF UDCpAJ4eJHB0uF7Vb8KIBmJapxS31tvTiyahRUov97ZQQ7/emstft9UoLSeDxX4b xLR9FOhi9dBSzIhzjUee9Jae+2UI4g08UrXnSON5RbupbSvxhsMIlls1scm/nN2R B2g+y2/j+8xUbOAi+c8jdYN9ebRJBOQiggn+4n6kfSJreSJBoHInE+PQYcTAll5V Eieuc/hVzGav4oSFVaXEq2XtjZfyxz5zd/l8YlFkb9bvOsHCdOMXjKnf2DSXJGPO ehjJewoCz+5SCVXSN8OPzsSzwcQ4rvzsi5A9dQH6G+GflZj+ffS8uundjA/ogfsY jV3IF6efGHFPtQpiXcZur6ncudK+jxrde1i04Ntki9L4xI3EChCOjTbjfpA8Oa6r UHj3ZVgMmG+bR8IjMlZUX4nIhUpJE3+EfYrXhZokLz7O3+Hs15Qa4ulNv4uOCt/T myib4h5czX62bH3yS+91wOBlAz313o96E6h83j60jxW9ooSeajq64MmPVPvsATyj EEiFS+ChNXn+7hqoCFNw =v4hh -----END PGP SIGNATURE-----
So, I chose this statement to sign, because I am willing to stand behind it. Even if I take down this post anyone who can produce the signed text block can show that this is something that I said. Checking this signed statement against my public key using GPG allows for that. No amount of my later trying to bury this post can hide the fact that it was signed by the private key corresponding to my public key.
This particular piece of text comes from Monday's post on the Solar Wind Mining Company. As of my typing this I can not find any information on measures they have taken to address the problem of known scams working harder to look legitimate than they do, so I have not problem signing that statement for the original post on the subject. I also kind of wanted to highlight that particular statement because it encapsulates everything wrong about how they are approaching this "Bitcoin Business" thing. If you can't put forward the effort to look better than the scams, what hope do you really have. At the moment the only thing the Solar Wind mining venture has pointing towards their sincere effort to deliver on their promise is most scammers work much harder on their presentation, but as people who care to do the mining math point out even a sincere effort probably isn't saving them.2
I summary, we have a GPG signed message. Using the GPG software verifying the message is easy. Even if I take this post down anyone who saved the signed message can demonstrate I signed it.
- I'd post a sample encrypted message to, but doing that for every potential reader's public keys would be a bit much. [↩]
- Given the counterparty risks related to timely deliver of mining hardware I tend to use rather unflattering parameters in evaluating mining hardware purchases. Math wise I find Solar Wind's promises too unrealistic to state here. [↩]