recentpopularlog in

kme : crypto   153

« earlier  
The Horror of a 'Secure Golden Key'
So hackers have (1) stolen everyone's credit cards, and (2) stolen celebrities' personal pictures. Up next: your personal pics, videos, docs, messages, medical data, and diary. With the Washington Post's proposal, it will all be leaked, a kind of secure golden shower.

When you host your data and your keys "in the cloud", your data is only as strong as the weakest programmer who has access.

Threat #4. It Protects You From the future

This is the greatest threat of all.

Our cloud data is stored for eternity, not the moment. Legislation and company policy cannot guarantee backups are destroyed. Our government may change, and what qualifies as a "lawful" warrant tomorrow might be illegal today. Similarly, your eternal data might be legal today and a threat tomorrow.

Except, as I learned in trivia the other day, "ex post facto" legal proceedings are forbidden by (Article 1) of the Constitution--in *criminal* matters. Some ex post facto laws (like ones related to violent offenders and sexual predators) do get passed, though, so...
crypto  privacy  security  backdoors  masterkey  politics  government  lawenforcement 
june 2019 by kme
Keybase is not softer than TOFU
In cryptography, the term TOFU ("Trust on first use") describes taking a gamble the first time 2 parties talk. Rather than meeting in person, you just trust a party in the middle to vouch for each side...and then, after the initial introduction, each side carefully tracks the keys to make sure nothing has changed. If a key has changed, each side sounds the alarm.

Similarly, in SSH, if a remote host's key changes, it doesn't "just work," it gets downright belligerent:

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in /Users/rmueller/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/rmueller/.ssh/known_hosts:12
RSA host key for has changed and you have requested strict checking.
Host key verification failed.</code>

This is the right answer. And make no mistake: TOFU isn't TOFU if it lets you keep going with a cute little shield that flows by. You should be seeing a giant skull and crossbones.
crypto  security  tofu  privacy  communication  chatapps 
june 2019 by kme
How to View a Certificate Fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL
How to View a Certificate Thumbprint as SHA-256, SHA-1 or MD5 using OpenSSL How to View a Certificate Fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL
openssl  x509  crypto  ssl  certificate  sha1  sha256  hash  fingerprint  commandline  solution 
june 2019 by kme
Automatically enable HTTPS on your website with EFF's Certbot, deploying Let's Encrypt certificates.
webdevel  webmaster  tls  certificate  letsencrypt  crypto  alternativeto  selfsignedcertificate 
june 2019 by kme
Is saving passwords in Chrome as safe as using LastPass if you leave it signed in? - Information Security Stack Exchange -
The feature we've been talking about helps users. That other one was a misguided attempt at being useful by filling in forms using things you typed on other websites. So imagine an autocomplete assistant like Clippy, but with worse social skills: "I see you're trying to log in to Ebay; I'll just fill in your login from Yahoo and we can see if that works." Yeah, we had funny ideas about security back in the 90's. You can see why putting autocomplete=off into everything even remotely security-related quickly became a bullet-point in site audits.
google  chrome  security  browser  passwordmanager  passwords  crypto  clippy 
may 2019 by kme
SHA-1 collision attacks are now actually practical and a looming danger | ZDNet
should switch to (in order of preference):

* SHA-512/256
* SHA3-256
* SHA-384
* Any other SHA2-family hash function as a last resort

"...unless they're storing passwords! In which case, they should switch to (in order of preference):

* Argon2id with memory >= 32MiB, >= 2 rounds, and >= 2 parallelism
* scrypt / yescrypt with memory >= 32 MiB, >= 4 rounds, and >= 1 parellelism
* bcrypt (for PHP devs, password_hash() and password_verify() does the trick)
* PBKDF2-SHA512 with 85,000 iterations as a last resort

"But SHA1 should no longer be used anymore. No excuses," Arciszewski
sha1  cracking  crypto  hashing  algorithms  advice 
may 2019 by kme
encryption - LUKS and loop device - Ask Ubuntu |
For me, what worked was:

<code class="language-bash">
head -c 100M /dev/zero > crypt
sudo cryptsetup luksFormat crypt
sudo cryptsetup luksOpen crypt
sudo mke2fs /dev/mapper/c1

# then mount with the file manager

<code class="language-bash">
sudo cryptsetup luksClose filecontainer
crypto  blockdevice  storage  linux  howto  sortof  solution  alternativeto  truecrypt 
march 2019 by kme
pipe - cryptsetup: Attaching loopback device failed - Unix & Linux Stack Exchange |
It seems that cryptsetup requires the LUKS header to be either regular file or device. If you need to provide the LUKS header as an output from a process/stream, you can easily circumvent the restriction by sending it to /dev/ram
<code class="language-bash">
cat LUKS-HEADER > /dev/ram0

(provided that your kernel supports ramdisk)

Then you can then simply use your cryptsetup command as:
<code class="language-bash">
cryptsetup luksOpen /dev/sdb1 sdb1 --header /dev/ram0

Keep in mind, the LUKS header will stay in /dev/ram0 disk until you free up the space. To free up the memory, you can use the blockdev command:
<code class="language-bash">
blockdev -v --flushbufs /dev/ram0
luks  crypto  blockdevices  linux  unix  sysadmin  tipsandtricks 
march 2019 by kme
The Monkeysphere Project |
Frequent users of ssh are familiar with the prompt given the first time you log in to a new server, asking if you want to trust the server's key by verifying the key fingerprint. Unfortunately, unless you have access to the server's key fingerprint through a secure out-of-band channel, there is no way to verify that the fingerprint you are presented with is in fact that of the server you're really trying to connect to.
pki  gpg  ssh  cacert  security  crypto 
february 2019 by kme
StackExchange/blackbox: Safely store secrets in Git/Mercurial/Subversion |
Safely store secrets in Git/Mercurial/Subversion. Contribute to StackExchange/blackbox development by creating an account on GitHub.
secrets  devel  git  security  crypto  encryption  puppet  collaboration 
february 2019 by kme
DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them |
Microsofty things use the '.cer' extension (which is interchangeable with '.crt'), and are often DER-encoded. PEM-encoded certs are "ASCII (Base64) armored data" prefixed with a "-----BEGIN CERTIFICATE-----" line.

Here's how to "cat" a DER-encoded certificate:
<code class="language-bash">
openssl x509 -in certificate.der -inform der -text -noout

And here's how to convert one in that format to the format expected on a Debian GNU/Linux system:
<code class="language-bash">
openssl x509 -in cert.crt -inform der -outform pem -out cert.crt

NB: the '.crt' extension seems to be important, otherwise 'sudo update-ca-certificates' doesn't pick up on new ones that you've added to /usr/local/share/ca-certificates.
ssl  certs  cacert  certificates  openssl  sysadmin  webmaster  crypto  fuckina  solution  importexport  conversion 
january 2019 by kme
curl - ERROR: The certificate of `' is not trusted - Stack Overflow |
In my case, 'wget' gave a better error message than 'curl', and it told me that my organization was using a fake root CA, and 'wget' didn't recognize *its* issuer.

Solution for a Debian system at (convert issuer CA to PEM-encoded .crt, put in /usr/local/share/ca-certificates, and run 'sudo update-ca-certificates)
github  errormessage  ssl  cacert  certificates  crypto  headache 
january 2019 by kme
Laverna - keep your notes private |
I wish I could hide the toolbar, and there's too much wasted space in the UI, but it's good. Also like the way it handles task lists (progress meter).
markdown  notes  todolist  notetaking  productivity  crypto  alternativeto  simplenote  evernote 
january 2019 by kme
apt - "GPG error:The following signatures were invalid: KEYEXPIRED" - Ask Ubuntu |
That ppa has been removed and no longer exists. You must find a different source for the packages installed through the samrog131 ppa.

In the meantime, run the following commands to resolve the situation.

First, to delete the expired key:
<code class="language-bash">
sudo apt-key del 1436387333

Then, to delete the ppa:
<code class="language-bash">
sudo rm /etc/apt/sources.list.d/samrog131*
sudo apt-get clean
sudo apt-get update

If you need to add a key see here.
<code class="language-bash">
sudo apt-get upgrade

You may want to run:
<code class="language-bash">
sudo apt-get dist-upgrade

depending on your situation. If you are not sure, see here.
ubuntu  apt  packagemanagement  crypto  pubkey  errormessage  solution 
november 2018 by kme
How can I convert a python urandom to a string? - Stack Overflow |

In python 3, the answer is

<code class="language-python">
from base64 import b64encode
from os import urandom

random_bytes = urandom(64)
token = b64encode(random_bytes).decode('utf-8')
python  python3  crypto  random  webdevel  solution 
march 2018 by kme
How to sign a file on Linux with GPG - TechRepublic |
You might be asking yourself this question, "What's to stop anyone from generating a gpg key with my information and then sending bogus data to a client?" Truth is, not much. However, I do have one very easy "work around" for this. What I do is create a new signing key that lasts only a day, and then in the comment section during the creation, enter a unique phrase. When I send the file to the recipient, I will have them verify the file and have them repeat the comment. If the comment is correct, I will give them the go-ahead to decrypt and use the file. If the comment isn't correct, they have a bogus file on their hands.
gpg  crypto  security  howto  newbie  tipsandtricks 
january 2018 by kme
Everyone Is Getting Hilariously Rich and You’re Not - The New York Times |
“My neurons are fried from all the volatility,” Mr. Hummer said. “I don’t even care at this point. I’m numb to it. I’ll lose a million dollars in a day and I’m like, O.K.”

His room is simple: a bed, a futon, a TV on a mostly empty media console, three keyboard cleaning sprays and a half dozen canisters of Lysol wipes. His T-shirt read, ‘The Lizard of Wall Street,’ with a picture of a lizard in a suit, dollar-sign necklaces around its neck. He carries with him a coin that reads, “memento mori,” to remind himself he can die any day. He sees the boom as part of a global apocalypse.

“The worse regular civilization does and the less you trust, the better crypto does,” Mr. Hummer said. "It’s almost like the ultimate short trade.”

He says he is going to shoot a music video soon for a song called “Lambo Party” and another called “Cryptomom,” about “all these moms are pumping in their children’s savings accounts.”

Maria Lomeli, 56, came to the party to find the people she had put a lot of trust in. A housekeeper from Pacifica, Calif., she said she had invested $12,000 in cryptocurrencies over the last few weeks after reading about it in the news.
Continue reading the main story
Arya Bahmanyar, 28, also know as “Coin Daddy,” at the San Francisco Bitcoin Meetup Holiday Party at the Runway Incubator in San Francisco. Credit Jason Henry for The New York Times

She wore running shoes and a zip-up jacket that said, “Cinemark, the best seats in town.” She worked there cleaning out theaters. Now she cleans houses. Banks, she said, were designed to steal. Taxes left her supporting a government that she felt didn’t support her.

“Charges for sending money to my daughter, interest on our loans,” she said. "And then the money we pay in taxes goes to wars and whatever else they want.”
bitcoin  cryptocurrency  crypto  bubble 
january 2018 by kme
Firefox 3 and Self-Signed Certs |
Leaving aside the fact that many people who use this model for SSH don't bother to do 1) in practice but just say "OK" and hope, it is our assertion that no-one has yet come up with a UI that makes this model of crypto (known as Key Continuity Management - KCM - or "the SSH model") understandable to Joe Public. You can't provide him with a string of hex characters and expect it to read it over the phone to his bank. What he does instead is just click "OK", which might as well be labelled "Yeah, Whatever", and hopes for the best. The same thing happens when he gets "key changed!" warnings, even scary ones.

The first important thing to note about this model is that key changes are an expected part of life. No-one does or should use the same key for ever, and key compromise or discovered weakness means that keys change. So the user is going to get a series of alerts over time, some of which indicate an OK condition, and some of which indicate a dangerous condition. It is our assertion that no UI can navigate Joe through this complexity in a safe way.

Usability research tells us that repeated security dialogs and warnings habituate users into just clicking "OK" - it's the "Yeah, Whatever" thing again. If that dialog mostly indicates a benign condition but occasionally indicates a serious one, then the problem is compounded. This happens no matter what the dialog says. UI designers can work on the wording for a year, but whatever it is, it'll eventually just get ignored.

However, running your own CA has its own hidden costs - and you normally discover them after a key compromise when you have to update all the certificates at once, and everyone has to learn a lot about crypto really quickly. A simpler solution is just to get in touch with StartCom, or budget for a few expenditures of $14.95 or whatever, and use the same public CA system everyone else does.
firefox  ssl  ca  security  selfsignedcertificate  selfsigned  certificate  browser  crypto 
december 2017 by kme
Falling through the KRACKs – A Few Thoughts on Cryptographic Engineering |
The IEEE has been making a few small steps to ease this problem, but they’re hyper-timid incrementalist bullshit. There’s an IEEE program called GET that allows researchers to access certain standards (including 802.11) for free, but only after they’ve been public for six months — coincidentally, about the same time it takes for vendors to bake them irrevocably into their hardware and software.

This whole process is dumb and — in this specific case — probably just cost industry tens of millions of dollars. It should stop.

In the end we all know that the answer is for humans to stop doing this work. We need machine-assisted verification of protocols, preferably tied to the actual source code that implements them. This would ensure that the protocol actually does what it says, and that implementers don’t further screw it up, thus invalidating the security proof.
formalverification  security  crypto  wifi  wpa2  vulnerability  humanerror 
november 2017 by kme
Google Tech Talk on common crypto flaws | rdist |
Have you read the book “The Cult of the Amateur”? Though it does not talk specifically about crypto, it does talk about some of the issues with Web 2.0, some of which probably led to things like the rainbow table fiasco.

Comment by Yuhong Bao — November 1, 2009 @ 3:47 pm

The one thing JS crypto gets you that server-side crypto does not is client-side auditability. That’s it. However, this benefit comes with tremendous caveats that I think far outweigh it.

* The user has to be a cryptographer and can detect subtle cryptographic flaws. Note: this ignores all the malicious crypto research by Yung et al and assumes this is actually doable in reasonable time.

* The user always does “View Source” each time she connects to be sure the code is identical. If it was changed for bugfixes or whatever, she has to re-review the entire thing.

* The user always loads everything over SSL to be sure she’s getting untampered code and there is no MITM.

* The JS code does not have cache problems where users keep running old code after you’ve fixed a flaw and tried to upgrade them.

* You periodically audit all your servers to be sure they aren’t serving up malicious or outdated JS code. Note: this audit cannot be done via a client because an attacker can return different code to you than your users, based on src IP.

Since no one does all this and the disadvantages are so significant, JS crypto is worse than server-side crypto.
javascript  webdevel  security  crypto  video  talk  forthecomments 
november 2017 by kme
gpg - What happens when you verify a detached signature? - Unix & Linux Stack Exchange |
This will give you the full length key, because it seems nowadays I can't fetch keys with just the abbreviated one anymore (the one that 'gpg --verify' shows you if you don't have it in your ring).
You can use the --list-packets option to get a dump of what's in a gpg file. The description of the file format is RFC 4880 (OpenPGP standard).
gpg  keyverification  crypto  solution 
october 2017 by kme
How to disable Bitlocker through command prompt? - Super User
The site of Manage-bde ( gives:

-off - Syntax manage-bde –off Volume [-ComputerName Name]

So, you can try to:

manage-bde -off F:
bitlocker  windows  wholedriveencryption  crypto  sysadmin  reference  solution 
october 2017 by kme
python - InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately - Stack Overflow
NB: This will require 'yum install libffi-devel' on CentOS.

Except it still didn't make the warnings go away.
You can also pip install requests[security] and only import requests. – admdrew Mar 26 '15 at 19:59
python  python26  errormessage  almostsolution  crypto 
may 2017 by kme
Trump aides' use of encrypted messaging may violate records law | ZDNet
Every record, such as documents, memos, and even emails and instant messages of government business, has to be preserved by the National Archives and Records Administration (NARA) within a few days of its creation. That said, presidential records are treated slightly differently from federal records. Most of the president's senior aides are not subject to freedom of information requests until after the president leaves office, but they must still retain and archive their work communications for later release.
politics  government  crypto 
may 2017 by kme
The Next Big Encryption Fight
Donald Trump, meanwhile, called for a boycott of Apple products when the company refused to help the FBI. His pick to head the Justice Department, Senator Jeff Sessions of Alabama, believes it is “critical that national security and criminal investigators be able to overcome encryption.”
crypto  encryption  presidenttrump 
february 2017 by kme
ImportError: No module named setuptools_ext · Issue #163 · byt3bl33d3r/MITMf
ImportError: No module named setuptools_ext

The problem seems to be in cffi not installing properly or the order of installation.

Upgrading cffi manually first

pip install --upgrade cffi

Then doing

pip install --upgrade -r requirements.txt

[fixes the problem]
python  crypto  cryptography  build  errormessage  solution 
july 2016 by kme
« earlier      
per page:    204080120160

Copy this bookmark:

to read