Category: encryption

amd arm intel cpus all got problems – Meltdown and Spectre – JavaScript could steal your Firefoxs Passwords
04.01.2018

update 2018-03-15: from C’t: new micro codes for intel iCPUs (2011 and onwoards) seem to fix Spectre v2 (CVE-2017-5715) 60minutes: https://www.heise.de/security/meldung/Spectre-Luecke-Intels-Microcode-Updates-fuer-Linux-und-Windows-3994347.html update: good overview and explanation of the situation: ARM also affected. The Meltdown + Spectre Vulnerabilities update: please checkout […]

10.07.2017

you should setup harddisk encryption during setup. to add an encrypted /home partition afterwards might be possible but a lot more effort. scroll very down if you want to know how to encrypt an usb sticks … needless to say […]

gpg cheat sheed – encrypting files with gpg
08.06.2017

Warning! while gpg is very likely sound and solid encryption – what is far more likely to be compromised is YOUR HARDWARE – every network card – wifi card – usb UMTS G3 modem – PCI-Card – contains enough RAM […]

10.09.2016

Is TrueCrypt still secure? „The 77-page report (download report mirror: bsi.bund Security Analysis of TrueCrypt 2015-11-16.pdf) found several other bugs in TrueCrypt, but ultimately determined that the software is secure when used for its primary use case. That is, to […]

Linux -> How to Install Truecrypt
10.09.2016

Is TrueCrypt still secure? „The 77-page report (download report mirror: bsi.bund Security Analysis of TrueCrypt 2015-11-16.pdf) found several other bugs in TrueCrypt, but ultimately determined that the software is secure when used for its primary use case. That is, to […]

Getting started with PGP
29.02.2016

This is a backup of: https://spin.atomicobject.com/2013/09/25/gpg-gnu-privacy-guard/ Getting Started with GNU Privacy Guard This is part of a series on GNU Privacy Guard: Getting Started with GNU Privacy Guard (this post) Generating More Secure GPG Keys: Rationale Generating More Secure GPG […]

26.02.2016

„So it appears that the unexpected (putting it mildly) disappearance of TrueCrypt.org and the startling disavowal of TrueCrypt’s bullet proof security will turn out to be a brief disturbance in the force. We should know much more about a trustworthy […]

19.03.2015

checkout https://dwaves.org/2016/02/26/is-truecrypt-insecure/ and successor: https://sourceforge.net/projects/veracrypt/files/ vim /usr/bin/nautilus #!/bin/bash # set your filemanager here filemgr=thunar # set your webbrowser here, usually x-www-browser should be perfect webbrowser=x-www-browser ### DO NOT CHANGE ANYTHING BELOW HERE unless you know what you’re doing ### oldparams=$@ […]

05.02.2015

Source & Credits: http://blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.html „Since PGP keys aren’t designed for humans, you need to move them electronically. But of course humans still need to verify the authenticity of received keys, as accepting an attacker-provided public key can be catastrophic. PGP addresses this with […]

27.10.2014

SSLv3 is older than my daughter, but is still supported by all major browsers. The latest crypto bug is a MITM (man in the middle) attack that could allow anyone with a network device (WiFi router) sitting between browser users […]

05.03.2014

This is an UNTESTED (!!!) howto from: https://help.ubuntu.com/community/FullDiskEncryptionHowto the same for debian 🙂 https://dwaves.org/2017/07/10/gnu-linux-debian-9-full-harddisk-encryption/ the ideal OS for minimalists 🙂 It describes a way to set up an Ubuntu installation with a encrypted root partition and encrypted Swap.  Please refer […]