@Pete-S said in Changing Public PGP Key:

Don't know if this helps in your application but if you have old files you can just decrypt them with the old key. If it's important to store them in an encrypted state you can encrypt them again with the new key. After that you can revoke the old key.

Yeah I could do that, it just seems unnecessary when you can sign the new key with the old key and decrypt both. Turns out it actually chooses the right key so there is no problem

@Obsolesce said in Is It Really Encrypted When the Key Is Public and Automatic?:

That's like saying your data is encrypted with BitLocker or FileVault, but anyone with BitLocker or FileVault respectively can will automatically decrypt your data without even trying.

FTFY

Within PowerShell can't use something like Push-Location \\Server\Share\path or Set-Location \\Server\Share\path and then run the cipher command?

Not surprised they finally caved to this. It was needed, but I am sure it will be a huge support hit in the short term.

@hellonadya Thank you for replying. I've started reading up on it, but got sidetracked last night. Looking forward to actually trying it out.

It's great to have representatives actually responding in our community here!

@Pete-S said in Local Encryption Scenarios:

@DustinB3403 said in Local Encryption Scenarios:

@Pete-S said in Local Encryption Scenarios:

@DustinB3403 said in Local Encryption Scenarios:

@Pete-S said in Local Encryption Scenarios:

Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

The data files could be secured the same way as any paper records. Locked in a safe when not in use.

That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.

Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe.

In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up.

You have those examples a bit mixed up.

The comparable scenario would be "getting to the data" The physical medium housing that data doesn't matter.

You break the lock, you get the data. If you break the encryption key you get the data.

But a physical lock is likely easier to break and get into whatever than it would to decrypt a encrypted volume.

Reminds me of this classic:
alt text

there is ALWAYS a relevant xkcd

@dbeato I forgot you are an MSP.

https://www.itnews.com.au/news/qld-it-minister-cautions-feds-over-interference-516628
Queensland’s IT minister Mick de Brenni has urged the federal government not to use its newly created Australian Digital Council as a way to dilute state regulation.
 
He has also accused the Canberra of not consulting with state and territory governments prior to releasing its inaugural digital transformation strategy last month

So it seems that only Canberra is keen on it.

I use Veracrypt.

It's compatible with TrueCrypt but It uses his own encryption mode by default.

@vhinzsanchez said in Re-Enable BitLocker on Windows 10 Home:

Thanks SAM, we are accepting the fact that the encryption will not be done at this moment.

Regards,

VhinzSanchez

https://www.howtogeek.com/234826/how-to-enable-full-disk-encryption-on-windows-10/

@stacksofplates said in Encryption FS on the Cloud and Remote SSH:

To play devil's advocate, if you're using LUKS the data is encrypted in transit also. So it's not just at rest.

I can't remember off of the top of my head, but you might need FIPS mode enabled for dm-crypt to encrypt in motion as well. I'm lazy and don't feel like looking it up.

I've heard of it, but never looked into it. If it's looking at every message on the line, it sounds like it could be block chain based.

Do you have .net4 installed on this xp client?

PTT is a way of provider TPM, they are not two separate things. PTT is a non-dedicated hardware approach to TPM 2.0. PTT is designed for low power devices, often used in industrial computing.

Traditionally TPM requires a TPM module, a dedicated hardware processor and firmware for security. With TPM 2.0 dedicated hardware is no longer required. PTT is Intel's implementation of TPM 2.0 for low power systems.

@dashrender said in US DOJ Continues Its Attack on User Privacy:

@scottalanmiller said in US DOJ Continues Its Attack on User Privacy:

@dashrender said in US DOJ Continues Its Attack on User Privacy:

@scottalanmiller said in US DOJ Continues Its Attack on User Privacy:

@dustinb3403 said in US DOJ Continues Its Attack on User Privacy:

Rosenstein also said

"...People want to secure their houses, but they still need to get in and out. Same issue here."

Not even close, those people are welcome to come and go in their damn house. You on the other hand might get shot in the face if you just walk into someone's house uninvited.

People can still get in and out of their phone. I don't have to give my door key to the DoJ.

Yeah - I'm trying to come up with a physical example to compare to digital security - but I'm coming up blank.

Doors aren't bad. You lock your door, the DoJ is an intruder, the key company does not send copies of your keys to the DoJ.

It's really not good enough. The DOJ can hack your door with lock picks or just bust it down.

I suppose a better example would be a universal garage door opener that only the government is supposed to have, but of course, once the bad guys know about that, they will keep hacking the government until they steal one of those universal door openers. Secure keys for encryption would be the same. The government is as leaky as a cauldron, there's almost no chance they could keep keys like this from the hackers. Then instantly everyone would be vulnerable.

Everyone that uses a mainstream OS or device that operates anywhere in the world that has any operations within the US. Yup

@zubairkhanzhk you're welcome!