LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
Is Mandatory Access Control Too Much Security For Enterprise's Linux?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Advisory Watch: August 29th, 2008
Linux Security Week: August 25th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Cryptography
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



TrueCrypt - Opensource on the Fly Disk Encryption Tool  08 August 2008 
Source: susegeek - Posted by Bill Keys   
TrueCrypt is a free opensource software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc). Have you ever wondered how to encrypt a filesystem? This article does this by showing user's how to use TrueCrypt. Do you use any other tools for encrypting your data?

Write Comment

 
HOWTO: Encrypt The System Manually Upon Installation  23 July 2008 
Source: HowToForge - Posted by Bill Keys   
Another howto by me concerning encryption. However this one will be pretty intense on graphics. I have a step-by-step guide on how to do a manual full encryption of the system. Due to a bug current in the ubuntu installation, you cannot encrypt the swap partition directly during the manual install. The install will just hang. Here's a link to the bug report: https://bugs.launchpad.net/ubuntu/+bug/231451 This article is a step by step guide to do a full encryption of a Linux system. The author provides snapshots in showing you how to do this.

Write Comment

 
TrueCrypt 6.0: Better Software for the Paranoid  08 July 2008 
Source: ostatic - Posted by Bill Keys   
You and I may have taken the 4th of July off, but the folks over at TrueCrypt didn't. Instead, they pushed out version 6.0 of their on-the-fly encryption utility, with more options than ever for protecting - and hiding - the critical data on your hard drives. Available for Linux, OS X, and Windows, the software is licensed under its own TrueCrypt license, which is not OSI-approved. Check out the latest release of TrueCrypt. Have you ever used it on your Linux machine to protect personal data? If so what do you think about it.

Write Comment

 
SSL Certificates Vulnerable to OpenSSL Flaw on Debian  17 June 2008 
Source: Netcraft - Posted by Bill Keys   
Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks. The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned. Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible.

Write Comment

 
SSL Certificates Vulnerable to OpenSSL Flaw on Debian  17 June 2008 
Source: Netcraft - Posted by Bill Keys   
Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks. The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned. Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible.

Write Comment

 
SSL with Firefox 3  09 June 2008 
Source: Eddy Nigg - Posted by Bill Keys   
The new Firefox 3 browser is approaching fast its final release to the public and millions of fans will download the new product from Mozilla this month. For me this is a very exciting event and a great opportunity to show you which changes and improvements will effect us, specially in relation to SSL secured web site. What do you think about the changes to Firfox's SSL features? Are they an improvement over the older Firefox versions? I would be interesting in what users are think about Firefox 3 bata security features.

Write Comment (3 Comments)

 
Researchers Simplify Quantum Cryptography  03 June 2008 
Source: vnunet - Posted by Bill Keys   
Quantum cryptography, the most secure method of transmitting data, has taken a step closer to mainstream viability with a technique that simplifies the distribution of keys.

Researchers at the National Institute of Standards and Technology claim that the new "quantum key distribution" method minimises the required number of detectors, the most costly components in quantum cryptography. What is your opinion on the state of computer cryptography. I am glad to see researching working on improving the security of cryptography.

Write Comment

 
GPG-Based Password Wallet  15 May 2008 
Source: Linux Journal - Posted by Bill Keys   
Like many Internet addicts, I have way too many user name/password accounts to remember: accounts on social-networking sites, rarely used logins at work, on-line banking and so on. One solution to this problem is to use the same user name and password everywhere, but that's clearly not safe; if people get a hold of your account information in one place, they own all your other accounts too.

I wanted a relatively safe, flexible and easy way to store passwords and other useful confidential information. I also wanted it to be easily accessible, which meant that I'd like to get at it over a text-only SSH connection. And, I wanted it to be something that could move around from machine to machine without too much trouble. This article looks at ways of storing passwords securely. With all those password we have to remember it's a good securely practice to store them encrypted.

Write Comment

 
Firefox 3 Improves Handling of Invalid SSL Certificates  01 May 2008 
Source: tuxmachines - Posted by Bill Keys   
I have downloaded the beta of Firefox 3 to check out the improvements related to SSL. First, there's the added support for Extended Validation SSL certificates, but I am not very excited about that (I wrote about this previously in Extended Validation SSL certificates not going anywhere, as predicted). It's a nice feature, but it's not going to bring much good overall. On the other hand, I am very happy with the improvements to the handling of invalid SSL certificates. A much needed improvement to handling invalid SSL certificates were added to Firefox 3. What do you think about the improvements.

Write Comment (2 Comments)

 
Protecting Directory Trees with gpgdir  25 April 2008 
Source: Linux.com - Posted by Bill Keys   
gpgdir uses GNU Privacy Guard (GnuPG) to encrypt and decrypt files or a directory tree. You could accomplish the same objective by tarring the filesystem up and then encrypting the tar.gz file with GnuPG, but then you would still have to shred or wipe every file in the original directory tree. With gpgdir the whole tree is encrypted in one command. Do you use gpgdir? What do you think about it? This article goes through everything you need to encrypt and data on your system.

Write Comment

 
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 10 of 843
    
Partner:

 

Latest Features
Review: Hacking Exposed Linux, Third Edition
Security Features of Firefox 3.0
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Meet the Anti-Nmap: PSAD
Open Source Tool of February: Nmap!
Yesterday's Edition
Security Configuration Guides
Firefox 3.0's SSL Certificate Interface Meets Resistance

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.