aldolat + security   30

Wikileaks CIA Files - What this means for Internet security and encryption - ProtonMail Blog
Earlier today, Wikileaks dumped a large database of secret documents from the CIA in a released dubbed #Vault7. Here we do a deeper analysis of the leak and the broader implications on online security and encrypted services.
security  encryption  wikileaks  cia  leaks 
16 days ago by aldolat
"Proof Mode" for your Smartphone Camera
ProofMode is an app for your smartphone that adds data to the photos you take to prove that they are real and unaltered
photo  camera  proof  signature  security 
24 days ago by aldolat
TCnext - Site dedicated to the development of the next "truecrypt" is the gathering place for all up-to-date information. Unfortunately is dead. But, we (the pure-privacy people) will help organize a future.
TrueCrypt  security  cryptography 
6 weeks ago by aldolat
VeraCrypt - Home
VeraCrypt is a free disk encryption software brought to you by IDRIX and that is based on TrueCrypt 7.1a.
TrueCrypt  security  cryptography  VeraCrypt 
6 weeks ago by aldolat
TrueCrypt 7.1a Hashes
The SHA256, SHA1, and MD5 hashes of all TrueCrypt version 7.1a files.
TrueCrypt  security  cryptography 
6 weeks ago by aldolat
Perché ho detto ai miei amici di non usare più WhatsApp e Telegram
Un confronto sulle impostazioni di privacy delle app di messaggistica.
security  messaging  WhatsApp  Telegram  Allo  Messenger  Signal 
7 weeks ago by aldolat
Home | Me and my Shadow
Through your computer, mobile phone, and other digital devices, you leave behind hundreds of digital traces (also called data traces) every day: bits of information about you that are created, stored, and collected.  When your digital traces are put together to create stories about you or profiles of you, these become your digital shadows. These can give others huge insight into your life; and they can also be totally wrong. Either way, once they're out there, they are almost impossible to control....
privacy  security 
9 weeks ago by aldolat
security in-a-box | tools and tactics for digital security
Security in-a-Box is a guide to digital security for activists and human rights defenders throughout the world.
security  privacy  activism  human_rights 
9 weeks ago by aldolat
“Why I told my friends to stop using WhatsApp and Telegram”
Reading the above, you might think you are fine since WhatsApp, Facebook Messenger, and Google Allo also use the Signal Protocol. Well, you’re not.
security  messaging  WhatsApp  Telegram  Allo  Messenger  Signal 
10 weeks ago by aldolat
Moving to HTTPS on WordPress | CSS-Tricks
I just recently took CSS-Tricks "HTTPS everywhere". That is, every URL on this site enforces the HTTPS (SSL) protocol. Non-secure HTTP requests get redirected to HTTPS. Here's some notes on that journey.
security  Apache  SSL  server  TLS 
10 weeks ago by aldolat
An SQL Injection Attack Is a Legal Company Name in the UK - Schneier on Security
Someone just registered their company name as ; DROP TABLE "COMPANIES";-- LTD.
11 weeks ago by aldolat
Should I escape translated strings in a WordPress plugin or theme? - James Collins
When writing a WordPress plugin recently, I wasn’t sure whether a translatable text/string is considered safe, or if it needs to escaped before being output.
security  WordPress  escape 
11 weeks ago by aldolat
WWW Malware Hides in Images - Schneier on Security
In this particular scenario, malvertising campaign operators hid malicious code inside PNG images used for banner ads.
security  malware  from instapaper
11 weeks ago by aldolat
Op-ed: Why I’m not giving up on PGP | Ars Technica
Every once in a while, a prominent member of the security community publishes an article about how horrible OpenPGP is. Matthew Green wrote one in 2014 and Moxie Marlinspike wrote one in 2015. The most recent was written by Filippo Valsorda, here on the pages of Ars Technica, which Matthew Green says "sums up the main reason I think PGP is so bad and dangerous."
In this article I want to respond to the points that Filippo raises. In short, Filippo is right about some of the details, but wrong about the big picture. For the record, I work on GnuPG, the most popular OpenPGP implementation.
security  OpenPGP  PGP 
11 weeks ago by aldolat
Op-ed: I’m throwing in the towel on PGP, and I work in security | Ars Technica
After years of wrestling with GnuPG with varying levels of enthusiasm, I came to the conclusion that it's just not worth it, and I'm giving up—at least on the concept of long-term PGP keys. This editorial is not about the gpg tool itself, or about tools at all. Many others have already written about that. It's about the long-term PGP key model—be it secured by Web of Trust, fingerprints or Trust on First Use—and how it failed me.
security  OpenPGP  PGP 
11 weeks ago by aldolat
Giving Up on PGP - Schneier on Security
Filippo Valsorda wrote an excellent essay on why he's giving up on PGP.
security  OpenPGP  PGP 
11 weeks ago by aldolat
Class Breaks
There's a concept from computer security known as a class break. It's a particular security vulnerability that breaks not just one system, but an entire class of systems. Examples might be a vulnerability in a particular operating system that allows an attacker to take remote control of every computer that runs on that system's software. Or a vulnerability in Internet-enabled digital video recorders and webcams that allow an attacker to recruit those devices into a massive botnet.
security  Internet  from instapaper
11 weeks ago by aldolat
Photocopier Security - Schneier on Security
A modern photocopier is basically a computer with a scanner and printer attached. This computer has a hard drive, and scans of images are regularly stored on that drive. This means that when a photocopier is thrown away, that hard drive is filled with pages that the machine copied over its lifetime. As you might expect, some of those pages will contain sensitive information.
security  hardware 
11 weeks ago by aldolat
WordPress Table Prefix: Changing It Does Nothing to Improve Security
Changing your WordPress table prefix is risky to implement and it does absolutely nothing to enhance your site security. In today’s post I’m going to explain what the original idea is behind this and why you should simply not do it.
WordPress  security  database  prefix 
12 weeks ago by aldolat
How Signal Is Evading Censorship - Schneier on Security
Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting.
Signal  messaging  security  Google 
12 weeks ago by aldolat
Creating the perfect GPG keypair - Alex Cabal
You’d think that today, where laptops and world travel are commonplace, there’d be a little more information on how to secure a private key you have to travel with. But I could only find one resource: the Debian Wiki entry on subkeys. Fortunately it turns out this wiki page has exactly the solution we need.
OpenPGP  keypair  subkeys  GnuPG  security 
12 weeks ago by aldolat

Copy this bookmark: