TrueCrypt is a free opensource software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).
Have you ever wondered how to encrypt a filesystem? This article does this by showing user's how to use TrueCrypt. Do you use any other tools for encrypting your data?
Another howto by me concerning encryption. However this one will be pretty intense on graphics. I have a step-by-step guide on how to do a manual full encryption of the system.
Due to a bug current in the ubuntu installation, you cannot encrypt the swap partition directly during the manual install. The install will just hang. Here's a link to the bug report: https://bugs.launchpad.net/ubuntu/+bug/231451
This article is a step by step guide to do a full encryption of a Linux system. The author provides snapshots in showing you how to do this.
You and I may have taken the 4th of July off, but the folks over at TrueCrypt didn't. Instead, they pushed out version 6.0 of their on-the-fly encryption utility, with more options than ever for protecting - and hiding - the critical data on your hard drives. Available for Linux, OS X, and Windows, the software is licensed under its own TrueCrypt license, which is not OSI-approved.
Check out the latest release of TrueCrypt. Have you ever used it on your Linux machine to protect personal data? If so what do you think about it.
Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks.
The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned.
Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible.
Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks.
The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned.
Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible.
The new Firefox 3 browser is approaching fast its final release to the public and millions of fans will download the new product from Mozilla this month. For me this is a very exciting event and a great opportunity to show you which changes and improvements will effect us, specially in relation to SSL secured web site.
What do you think about the changes to Firfox's SSL features? Are they an improvement over the older Firefox versions? I would be interesting in what users are think about Firefox 3 bata security features.
Quantum cryptography, the most secure method of transmitting data, has taken a step closer to mainstream viability with a technique that simplifies the distribution of keys.
Researchers at the National Institute of Standards and Technology claim that the new "quantum key distribution" method minimises the required number of detectors, the most costly components in quantum cryptography.
What is your opinion on the state of computer cryptography. I am glad to see researching working on improving the security of cryptography.
Like many Internet addicts, I have way too many user name/password accounts to remember: accounts on social-networking sites, rarely used logins at work, on-line banking and so on. One solution to this problem is to use the same user name and password everywhere, but that's clearly not safe; if people get a hold of your account information in one place, they own all your other accounts too.
I wanted a relatively safe, flexible and easy way to store passwords and other useful confidential information. I also wanted it to be easily accessible, which meant that I'd like to get at it over a text-only SSH connection. And, I wanted it to be something that could move around from machine to machine without too much trouble.
This article looks at ways of storing passwords securely. With all those password we have to remember it's a good securely practice to store them encrypted.
I have downloaded the beta of Firefox 3 to check out the improvements related to SSL. First, there's the added support for Extended Validation SSL certificates, but I am not very excited about that (I wrote about this previously in Extended Validation SSL certificates not going anywhere, as predicted). It's a nice feature, but it's not going to bring much good overall. On the other hand, I am very happy with the improvements to the handling of invalid SSL certificates.
A much needed improvement to handling invalid SSL certificates were added to Firefox 3. What do you think about the improvements.
gpgdir uses GNU Privacy Guard (GnuPG) to encrypt and decrypt files or a directory tree. You could accomplish the same objective by tarring the filesystem up and then encrypting the tar.gz file with GnuPG, but then you would still have to shred or wipe every file in the original directory tree. With gpgdir the whole tree is encrypted in one command.
Do you use gpgdir? What do you think about it? This article goes through everything you need to encrypt and data on your system.
