Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. encryption
    Log in to post

    • Changing Public PGP Key
      IT Discussion • encryption gpg key management • • wirestyle22  

      4
      2
      Votes
      4
      Posts
      116
      Views

      @Pete-S said in Changing Public PGP Key: Don't know if this helps in your application but if you have old files you can just decrypt them with the old key. If it's important to store them in an encrypted state you can encrypt them again with the new key. After that you can revoke the old key. Yeah I could do that, it just seems unnecessary when you can sign the new key with the old key and decrypt both. Turns out it actually chooses the right key so there is no problem
    • Is It Really Encrypted When the Key Is Public and Automatic?
      IT Discussion • encryption software legal • • scottalanmiller  

      59
      1
      Votes
      59
      Posts
      451
      Views

      @Obsolesce said in Is It Really Encrypted When the Key Is Public and Automatic?: That's like saying your data is encrypted with BitLocker or FileVault, but anyone with BitLocker or FileVault respectively can will automatically decrypt your data without even trying. FTFY
    • UNSOLVED Windows 10 and Windows Server 2008 R2 Encrypted EFS Files on Network Share
      IT Discussion • windows windows 10 windows server encryption windows server 2008 r2 efs • • scottalanmiller  

      6
      0
      Votes
      6
      Posts
      181
      Views

      Within PowerShell can't use something like Push-Location \\Server\Share\path or Set-Location \\Server\Share\path and then run the cipher command?
    • VoIP.ms Call Encryption
      IT Discussion • voip encryption voip.ms • • NashBrydges  

      2
      1
      Votes
      2
      Posts
      93
      Views

      Not surprised they finally caved to this. It was needed, but I am sure it will be a huge support hit in the short term.
    • ONLYOFFICE tests end-to-end encryption of documents with blockchain
      IT Discussion • encryption onlyoffice blockchain • • hellonadya  

      8
      2
      Votes
      8
      Posts
      281
      Views

      @hellonadya Thank you for replying. I've started reading up on it, but got sidetracked last night. Looking forward to actually trying it out. It's great to have representatives actually responding in our community here!
    • Local Encryption Scenarios
      IT Discussion • security encryption full disk encryption • • BRRABill  

      45
      1
      Votes
      45
      Posts
      406
      Views

      @Pete-S said in Local Encryption Scenarios: @DustinB3403 said in Local Encryption Scenarios: @Pete-S said in Local Encryption Scenarios: @DustinB3403 said in Local Encryption Scenarios: @Pete-S said in Local Encryption Scenarios: Anyway, in the case of the CPA we are talking about material that is not really sensitive at all. The data files could be secured the same way as any paper records. Locked in a safe when not in use. That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data. Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe. In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up. You have those examples a bit mixed up. The comparable scenario would be "getting to the data" The physical medium housing that data doesn't matter. You break the lock, you get the data. If you break the encryption key you get the data. But a physical lock is likely easier to break and get into whatever than it would to decrypt a encrypted volume. Reminds me of this classic: there is ALWAYS a relevant xkcd
    • Server 2016 EFS turned on
      IT Discussion • encryption server 2016 efs • • CCWTech  

      14
      0
      Votes
      14
      Posts
      396
      Views

      @dbeato I forgot you are an MSP.
    • Australia passes new law to thwart strong encryption
      News • security ars technica encryption australia • • mlnews  

      16
      1
      Votes
      16
      Posts
      372
      Views

      https://www.itnews.com.au/news/qld-it-minister-cautions-feds-over-interference-516628 Queensland’s IT minister Mick de Brenni has urged the federal government not to use its newly created Australian Digital Council as a way to dilute state regulation.   He has also accused the Canberra of not consulting with state and territory governments prior to releasing its inaugural digital transformation strategy last month So it seems that only Canberra is keen on it.
    • VeraCrypt or DiskCryptor for External Drives
      IT Discussion • encryption users external storage • • DustinB3403  

      11
      2
      Votes
      11
      Posts
      972
      Views

      I use Veracrypt. It's compatible with TrueCrypt but It uses his own encryption mode by default.
    • Re-Enable BitLocker on Windows 10 Home
      IT Discussion • windows windows 10 encryption bitlocker • • vhinzsanchez  

      10
      0
      Votes
      10
      Posts
      2093
      Views

      @vhinzsanchez said in Re-Enable BitLocker on Windows 10 Home: Thanks SAM, we are accepting the fact that the encryption will not be done at this moment. Regards, VhinzSanchez https://www.howtogeek.com/234826/how-to-enable-full-disk-encryption-on-windows-10/
    • Encryption FS on the Cloud and Remote SSH
      IT Discussion • encryption luks • • Emad R  

      28
      3
      Votes
      28
      Posts
      988
      Views

      @stacksofplates said in Encryption FS on the Cloud and Remote SSH: To play devil's advocate, if you're using LUKS the data is encrypted in transit also. So it's not just at rest. I can't remember off of the top of my head, but you might need FIPS mode enabled for dm-crypt to encrypt in motion as well. I'm lazy and don't feel like looking it up.
    • Bitmessage
      IT Discussion • encryption messaging p2p decentralized messaging bitmessage • • gjacobse  

      3
      2
      Votes
      3
      Posts
      459
      Views

      I've heard of it, but never looked into it. If it's looking at every message on the line, it sounds like it could be block chain based.
    • Machine software unabel to connect to new SQL server
      IT Discussion • encryption sql server connection string • • JaredBusch  

      9
      5
      Votes
      9
      Posts
      629
      Views

      Do you have .net4 installed on this xp client?
    • Siilo Encrypted Text App
      IT Discussion • encryption app siilo • • dbeato  

      1
      0
      Votes
      1
      Posts
      269
      Views

      No one has replied

    • TPM vs PTT
      IT Discussion • security encryption intel bitlocker tpm ptt • • jepoytengco  

      2
      2
      Votes
      2
      Posts
      3774
      Views

      PTT is a way of provider TPM, they are not two separate things. PTT is a non-dedicated hardware approach to TPM 2.0. PTT is designed for low power devices, often used in industrial computing. Traditionally TPM requires a TPM module, a dedicated hardware processor and firmware for security. With TPM 2.0 dedicated hardware is no longer required. PTT is Intel's implementation of TPM 2.0 for low power systems.
    • Strengthening Cluster Shared Volume security with Microsoft BitLocker encryption
      Starwind • microsoft starwind powershell windows server encryption starwind blog failover cluster csv bitlocker data protection cluster shared volume • • Oksana  

      1
      3
      Votes
      1
      Posts
      694
      Views

      No one has replied

    • US DOJ Continues Its Attack on User Privacy
      News • ars technica encryption privacy • • mlnews  

      13
      3
      Votes
      13
      Posts
      1280
      Views

      @dashrender said in US DOJ Continues Its Attack on User Privacy: @scottalanmiller said in US DOJ Continues Its Attack on User Privacy: @dashrender said in US DOJ Continues Its Attack on User Privacy: @scottalanmiller said in US DOJ Continues Its Attack on User Privacy: @dustinb3403 said in US DOJ Continues Its Attack on User Privacy: Rosenstein also said "...People want to secure their houses, but they still need to get in and out. Same issue here." Not even close, those people are welcome to come and go in their damn house. You on the other hand might get shot in the face if you just walk into someone's house uninvited. People can still get in and out of their phone. I don't have to give my door key to the DoJ. Yeah - I'm trying to come up with a physical example to compare to digital security - but I'm coming up blank. Doors aren't bad. You lock your door, the DoJ is an intruder, the key company does not send copies of your keys to the DoJ. It's really not good enough. The DOJ can hack your door with lock picks or just bust it down. I suppose a better example would be a universal garage door opener that only the government is supposed to have, but of course, once the bad guys know about that, they will keep hacking the government until they steal one of those universal door openers. Secure keys for encryption would be the same. The government is as leaky as a cauldron, there's almost no chance they could keep keys like this from the hackers. Then instantly everyone would be vulnerable. Everyone that uses a mainstream OS or device that operates anywhere in the world that has any operations within the US. Yup
    • Hytrust Configuration Backups with Powershell REST API Calls
      Self Promotion • vmware powershell disaster recovery encryption scripting networknerd blog networknerd vmware api rest api hytrust networknerd hytrust networknerd powershell vm encryption • • NetworkNerd  

      1
      2
      Votes
      1
      Posts
      707
      Views

      No one has replied

    • What Exactly Is a VPN, Is HTTPS a VPN SAMIT Video
      IT Discussion • security youtube networking scott alan miller vpn samit encryption ssl https tunneling • • scottalanmiller  

      28
      4
      Votes
      28
      Posts
      2852
      Views

      @zubairkhanzhk you're welcome!
    • Introducing Cloud Storage in the Blockchain with Sia and Nextcloud
      News • storage nextcloud encryption blockchain nextcloud blog sia • • mlnews  

      2
      2
      Votes
      2
      Posts
      765
      Views

      I saw something about this the other day... It is interesting to say the least.
    • Flter: Privacy & Security Router
      IT Discussion • security vpn encryption router privacy tor flter • • gjacobse  

      24
      1
      Votes
      24
      Posts
      2040
      Views

      I've used tor, it's functional, but removes a lot of what most people consider useful from most websites.
    • The SHA1 hash function is now completely unsafe
      IT Discussion • security encryption sha1 cryptography • • JaredBusch  

      7
      5
      Votes
      7
      Posts
      967
      Views

      @Breffni-Potter said in The SHA1 hash function is now completely unsafe: If you burn 110K in cash. And have a team of cyber security experts. Today, yes. But in six months it'll be a script and $30K in compute power. In two years it'll be $500 of AWS time.
    • Symantec PGP vs...
      IT Discussion • security encryption gpg pgp • • bbigford  

      4
      2
      Votes
      4
      Posts
      658
      Views

      Can't reply on SW, it's having one of its "this thread won't let you respond" hiccups.
    • SOLVED How do I setup TLS on a Postfix relay
      IT Discussion • email encryption tls postfix • • JaredBusch  

      6
      2
      Votes
      6
      Posts
      1119
      Views

      @JaredBusch Awesome. Tks Jared. Tested and works beautifully!
    • Boxcryptor
      IT Discussion • security encryption cloud storage dropbox google drive box.net cloud security boxcryptor • • gjacobse  

      3
      0
      Votes
      3
      Posts
      795
      Views

      Yes, I have. It was talked about on Security Now a few years ago. It allows TNO (Trust No One) on cloud storage . You control the keys for encryption. of course, if you don't have the keys, the data is useless.
    • How to Require TLS for Outbound SMTP Connections with MDaemon
      IT Discussion • security email smtp encryption tls mdaemon alt-n • • scottalanmiller  

      82
      1
      Votes
      82
      Posts
      7995
      Views

      @BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon: I think what he meant was encrypted from the e-mail client (Outlook, Webmail) to the MD server. That's confusing because it isn't email at that point but is just an internal application API. If it is Outlook, for example, it talks directly with Exchange as a client manipulating stuff on Exchange. If it is OWA, it's Exchange that you are looking at directly (the "email" is still on Exchange.)
    • Let's Encrypt stats
      IT Discussion • encryption ssl lets encrypt tld ninja • • JaredBusch  

      7
      3
      Votes
      7
      Posts
      1754
      Views

      @scottalanmiller said in Let's Encrypt stats: @Jason said in Let's Encrypt stats: I'm guessing a lot of kids/teens and college age are using let's encrpyt hence the .ninja I'm confused, aren't all those domains only used by ninjas? Go Ninja, Go Ninja, Go!
    • Securing Windows Server RDS with ZeroTier
      IT Discussion • security vpn zerotier encryption windows server 2012 r2 rds windows server 2012 sdn terminal server windows server 2008 r2 software defined network • • scottalanmiller  

      17
      4
      Votes
      17
      Posts
      5318
      Views

      Only the other night for me and it was all on one project so I'm not sure what it was, yet.
    • Kickstart with LUKS
      IT Discussion • linux encryption luks kickstart • • stacksofplates  

      22
      2
      Votes
      22
      Posts
      5841
      Views

      @thwr said in Kickstart with LUKS: @scottalanmiller said in Kickstart with LUKS: @thwr said in Kickstart with LUKS: @thwr said in Kickstart with LUKS: But if the server walks, the TPM walks with it and the security has been totally bypassed. In fact, IMHO, if you have the key on TPM and it decrypts automatically on start up and you had to state if the system was encrypted or not, at best you could say "sort of." While you might get away with saying that it is encrypted, if asked the other way "is the data wide open", the answer would also be yes because it's not encrypted when someone looks at it. Ah, sorry, misunderstood your posting in the first place. Well, that's chicken-egg. You can either have it decrypt automatically or not. If going for automatic decryption, we have to make sure the machine can't decrypt e.g. when it gets stolen or sold. For this, storing the key on the host alone, even with TPM, may not be enough (don't know enough about TPM at this point. Sealing to system state seems quite safe, but...). Thus, we need to bring in another factor. Let's call it "location awareness", e.g. pulling the actual key from the network and TPM stores just something to authenticate against the "key server". Server offsite -> no decryption. Past boot, it is up to you to secure the server by traditional means. Strong passwords, no or strongly secured RS232 TTY and so on. Exactly, something externally has to trust that the system is where it is supposed to be physically so that it will release the key. We considered using this but decided that security trumped downtime and kept the system requiring human intervention and just accepted large downtimes in the event of a reboot. Agree, downtime due to a misconfiguration, some failure on the network or the key server would be an issue. What if we look at some back approach: If some removeable storage with a key is present at boot, LUKS will use this key. Otherwise, it tries to pull it from the key server as described above? Should be pretty solid and a backup is in place (key on USB stick) in case something goes south. This surely is an approach for environments requiring a very high level of security, but I like the idea. I've seen places do that, pop in a key and use that, but you have to trust that people will remove it immediately and store it somewhere.