Linux Cryptography - Page 23 - Results from #440

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55

Guide To Encrypted RAID1 LVM Setup On Debian Lenny System

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For this Howto I use Debian Lenny (still testing and not "stable" for the simple reason as - contrary to Debian Etch and/or Ubuntu 8.04/8.10 - the install routine does setup the initrd correctly so that you can set up encrypted swap and also an encrypted raid1 lvm during install). This Howto will be heavy on screen shots again - a lot of them are repetitive as I setup multiple partitions at once. If you are interested in setting up an encrypted RAID1 LVM system take a look at this article. It will show you step by step how to do this on your Linux machine.

LinuxSecurity.com Team
Dec 08, 2008

Secure Email Communications Using PGP on Ubuntu Systems

In a continuing series of articles highlighting that GNU/Linux is a viable replacement operating system, today we're exploring how to encrypt emails using the popular Ubuntu distribution. In the previous article we looked at the basics of using PGP, creating and backing up PGP keys and using them to encrypt files locally. Now we'll look at how to send someone an encrypted email. This article will show you ways to encrypt your email communication. Do you use any software to keep your email private?

LinuxSecurity.com Team
Dec 03, 2008

Automate Encrypted Filesystem Mounting At Login Using Pam_Mount

The pam_mount project lets you unlock an encrypted filesystem automatically when you log in. The same password used to log in is used as the key to unlock the encrypted filesystem, so you only need to type it once. Using this method, you can easily share a laptop and have only a single user's home directory unlocked and mounted when he logs in. And pam_mount can mount any filesystem, not just encrypted filesystems, so you can use it, for example, with an NFS share that you are interested in but which you might not like to leave mounted when you are not logged in. Did you ever wanted to know how to mount an encrypted filesystem automatically? This article will show you how.

LinuxSecurity.com Team
Nov 07, 2008

Understanding Quantum Cryptography And Its Risks Of Eavesdropping

The idea behind quantum crypto is that two people communicating using a quantum channel can be absolutely sure no one is eavesdropping. Heisenberg's uncertainty principle requires anyone measuring a quantum system to disturb it, and that disturbance alerts legitimate users as to the eavesdropper's presence. No disturbance, no eavesdropper

LinuxSecurity.com Team
Oct 17, 2008

Agito Networks Introduces Advanced Voice-Over-Wi-Fi Encryption Features

Fixed-mobile convergence (FMC) start-up Agito Networks Monday plans to announce voice-over-Wi-Fi encryption and other features for its RoamAnywhere Mobility Router. The RoamAnywhere router is customer-premises equipment (CPE) that extends PBX policy and dialing plans across Wi-Fi and cellular networks to smart phones running RoamAnywhere client software. It enables location-based, seamless roaming between both types of wireless networks so that sessions aren

LinuxSecurity.com Team
Sep 11, 2008

Unveiling TrueCrypt: An Open Source On-the-Fly Encryption Tool

TrueCrypt is a free opensource software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc). Have you ever wondered how to encrypt a filesystem? This article does this by showing user's how to use TrueCrypt. Do you use any other tools for encrypting your data?

LinuxSecurity.com Team
Aug 08, 2008

Step-By-Step Guide to Encrypt Linux During Installation

Another howto by me concerning encryption. However this one will be pretty intense on graphics. I have a step-by-step guide on how to do a manual full encryption of the system. Due to a bug current in the ubuntu installation, you cannot encrypt the swap partition directly during the manual install. The install will just hang. Here's a link to the bug report: https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/231451 This article is a step by step guide to do a full encryption of a Linux system. The author provides snapshots in showing you how to do this.

LinuxSecurity.com Team
Jul 23, 2008

Explore TrueCrypt 6.0: New Encryption Features For Linux Users

You and I may have taken the 4th of July off, but the folks over at TrueCrypt didn't. Instead, they pushed out version 6.0 of their on-the-fly encryption utility, with more options than ever for protecting - and hiding - the critical data on your hard drives. Available for Linux, OS X, and Windows, the software is licensed under its own TrueCrypt license, which is not OSI-approved. Check out the latest release of TrueCrypt. Have you ever used it on your Linux machine to protect personal data? If so what do you think about it.

LinuxSecurity.com Team
Jul 08, 2008

Debian OpenSSL Flaw Affects SSL Certificates: Threat to User Trust

Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks. The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned. Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible.

LinuxSecurity.com Team
Jun 17, 2008

Firefox 3 SSL Features And Security Enhancements Overview

The new Firefox 3 browser is approaching fast its final release to the public and millions of fans will download the new product from Mozilla this month. For me this is a very exciting event and a great opportunity to show you which changes and improvements will effect us, specially in relation to SSL secured web site. What do you think about the changes to Firfox's SSL features? Are they an improvement over the older Firefox versions? I would be interesting in what users are think about Firefox 3 bata security features.

LinuxSecurity.com Team
Jun 09, 2008

NIST Quantum Key Distribution Breakthrough Improves Data Security

Quantum cryptography, the most secure method of transmitting data, has taken a step closer to mainstream viability with a technique that simplifies the distribution of keys. Researchers at the National Institute of Standards and Technology claim that the new "quantum key distribution" method minimises the required number of detectors, the most costly components in quantum cryptography. What is your opinion on the state of computer cryptography. I am glad to see researching working on improving the security of cryptography.

LinuxSecurity.com Team
Jun 03, 2008

Efficient Password Management Through GPG and SSH Accessibility

Like many Internet addicts, I have way too many user name/password accounts to remember: accounts on social-networking sites, rarely used logins at work, on-line banking and so on. One solution to this problem is to use the same user name and password everywhere, but that's clearly not safe; if people get a hold of your account information in one place, they own all your other accounts too. I wanted a relatively safe, flexible and easy way to store passwords and other useful confidential information. I also wanted it to be easily accessible, which meant that I'd like to get at it over a text-only SSH connection. And, I wanted it to be something that could move around from machine to machine without too much trouble. This article looks at ways of storing passwords securely. With all those password we have to remember it's a good securely practice to store them encrypted.

LinuxSecurity.com Team
May 15, 2008

Firefox 3: Improved Handling of Invalid SSL Certificates for Security

I have downloaded the beta of Firefox 3 to check out the improvements related to SSL. First, there's the added support for Extended Validation SSL certificates, but I am not very excited about that (I wrote about this previously in Extended Validation SSL certificates not going anywhere, as predicted). It's a nice feature, but it's not going to bring much good overall. On the other hand, I am very happy with the improvements to the handling of invalid SSL certificates. A much needed improvement to handling invalid SSL certificates were added to Firefox 3. What do you think about the improvements.

LinuxSecurity.com Team
May 01, 2008

Encrypting Directory Trees Efficiently with Gpgdir and GnuPG Tools

gpgdir uses GNU Privacy Guard (GnuPG) to encrypt and decrypt files or a directory tree. You could accomplish the same objective by tarring the filesystem up and then encrypting the tar.gz file with GnuPG, but then you would still have to shred or wipe every file in the original directory tree. With gpgdir the whole tree is encrypted in one command. Do you use gpgdir? What do you think about it? This article goes through everything you need to encrypt and data on your system.

LinuxSecurity.com Team
Apr 25, 2008

Investigating Memory Remanence Threats to Disk Encryption Security

It turns out that some researchers at Princeton University followed up on earlier research showing that modern computer memories retained their contents even with the power off (known as memory remanence), and that the retention time could be lengthened by cooling the memory. (See the chapter on physical tamper resistance in Ross Anderson's Security Engineering: A Guide to Building Dependable Distributed Systems. I always file it interesting researching the state of encryptions security. What do you think the future of computer encryptions is? Are we going to have to invent better encryption algorithms?

LinuxSecurity.com Team
Feb 27, 2008

Secure Your Files With Easy Crypt: AES 512-Bit Encryption Tool for Ubuntu

Do you consider your files "top secret" information? Do you keep sensitive work information or bank account information on your computer? What your gift list for the holiday season? :) Either way, if you want some serious encryption on you system, look no further than EasyCrypt: a military grade encryption tool that can allow for AES 512-bit Whirlpool encryption. I tried using TrueCrypt on Ubuntu in the past, but found it annoying to be entering terminal commands several times a day to access the encrypted file. I find Easy Crypt to be a speedy, practical, and easy to use interface on a daily basis. With the basic Easy Crypt setup, your locked files are saved as a hidden file in your user directory, located at /home/username/.easycrypt-crypt (although using the

LinuxSecurity.com Team
Dec 03, 2007

OpenSSL Encryption Issues: Federal Compliance Risks and Patching

The OpenSSL library of encryption algorithms has just been patched by the OS Software Institute. This open source module has been utilized at many government agencies, and is an interesting example of two things: the effectiveness of Open Source technologies in the most demanding environments and how the kind of work that still needs to be done in the government sector regarding secure Internet infrastructure: "For FIPS 140-2 validated software no changes are permitted without prior CMVP approval so neither of these patches can be applied to the v1.1.1 distribution for the purposes of producing a validated module," Steve Marquess of OSSI said in the announcement of the patches. That means that for the time being federal users must continue using the flawed software or patch it and go out of compliance.

LinuxSecurity.com Team
Nov 30, 2007

Securing Syslog Transmission: Encrypting Logs With Stunnel

Syslog is a clear-text protocol. That means anyone with a sniffer can have a peek at your data. In some environments, this is no problem at all. In others, it is a huge setback, probably even preventing deployment of syslog solutions. Thankfully, there is an easy way to encrypt syslog communication. I will describe one approach in this paper. Do you use Syslog? Have you thought about encrypting the logs which are being forwarded over the network? Protecting your logs is an important security practice.

LinuxSecurity.com Team
Nov 06, 2007

GnuPG Extensions for Enhanced Digital Privacy in GNOME Environment

The GNU Privacy Guard (GnuPG) allows you to encrypt, decrypt, sign, and verify communications and data, as well as create and manage the keys needed for these tasks. It is a full, open source implementation of the OpenPGP Standard (RFC2440) and is integrated into many Linux applications ranging from clipboard applets to instant messaging clients. These applications make it easy to use GnuPG for digital security in the GNOME desktop environment. Most user's don't use any form of encryption when sending information over the Internet. Is the problem that it's not alway easy to use encryption? However, with theses GnuPG plugins user's can easily protect all their Internet traffic without touching the command line.

LinuxSecurity.com Team
Sep 17, 2007

OSSI: OpenSSL Update for FIPS 140-2 Compliance and Data Security

When the Open Source Software Institute (OSSI) sought Federal Information Processing Standards (FIPS) 140-2 validation for its OpenSSL toolkit last year, it was anything but smooth sailing. OSSI has just submitted a new OpenSSL update for FIPS validation but, according to Executive Director John Weathersby, things are bound to go much more smoothly this time around. OpenSSL, allows programs to securely exchange data over a network. The reason that it took so long was they had complaints about the validity of the code base. Another part of this article which should be noted is government agencies are starting to consider using OpenSSL as a data exchange solution. Have you tested out the new OpenSSL update yet?

LinuxSecurity.com Team
Sep 12, 2007

Linux Cryptography - Page 23

Linux Kernel Gains Hardware-Wrapped Encryption Keys

When Security Hinges on a Single Key: A Wake-Up Call for Admins

IPFire 2.29 Core Update 193: Key Improvements in Security and Defense

Discover Cryptography News