@JasGot Thanks everyone. This was very helpful. And that other discussion was too.

After further discussion with them, they are only trying to protect the routing and account number for accounts. The same routing and account number that is printed on their check and sent through us mail.

They agreed, this level of secure transmission is not required.

Thanks.....

@JaredBusch I have a file that exports the username and password in the script, so I am using a password. Sadly this error just fixed itself with no changes and everything is working as intended now so I won't know what the root cause of this was. Thanks for replying though.

@Pete-S said in Changing Public PGP Key:

Don't know if this helps in your application but if you have old files you can just decrypt them with the old key. If it's important to store them in an encrypted state you can encrypt them again with the new key. After that you can revoke the old key.

Yeah I could do that, it just seems unnecessary when you can sign the new key with the old key and decrypt both. Turns out it actually chooses the right key so there is no problem

@Obsolesce said in Is It Really Encrypted When the Key Is Public and Automatic?:

That's like saying your data is encrypted with BitLocker or FileVault, but anyone with BitLocker or FileVault respectively can will automatically decrypt your data without even trying.

FTFY

Within PowerShell can't use something like Push-Location \\Server\Share\path or Set-Location \\Server\Share\path and then run the cipher command?

Not surprised they finally caved to this. It was needed, but I am sure it will be a huge support hit in the short term.

@hellonadya Thank you for replying. I've started reading up on it, but got sidetracked last night. Looking forward to actually trying it out.

It's great to have representatives actually responding in our community here!

@Pete-S said in Local Encryption Scenarios:

@DustinB3403 said in Local Encryption Scenarios:

@Pete-S said in Local Encryption Scenarios:

@DustinB3403 said in Local Encryption Scenarios:

@Pete-S said in Local Encryption Scenarios:

Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

The data files could be secured the same way as any paper records. Locked in a safe when not in use.

That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.

Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe.

In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up.

You have those examples a bit mixed up.

The comparable scenario would be "getting to the data" The physical medium housing that data doesn't matter.

You break the lock, you get the data. If you break the encryption key you get the data.

But a physical lock is likely easier to break and get into whatever than it would to decrypt a encrypted volume.

Reminds me of this classic:
alt text

there is ALWAYS a relevant xkcd

@dbeato I forgot you are an MSP.

https://www.itnews.com.au/news/qld-it-minister-cautions-feds-over-interference-516628
Queensland’s IT minister Mick de Brenni has urged the federal government not to use its newly created Australian Digital Council as a way to dilute state regulation.
 
He has also accused the Canberra of not consulting with state and territory governments prior to releasing its inaugural digital transformation strategy last month

So it seems that only Canberra is keen on it.

I use Veracrypt.

It's compatible with TrueCrypt but It uses his own encryption mode by default.

@vhinzsanchez said in Re-Enable BitLocker on Windows 10 Home:

Thanks SAM, we are accepting the fact that the encryption will not be done at this moment.

Regards,

VhinzSanchez

https://www.howtogeek.com/234826/how-to-enable-full-disk-encryption-on-windows-10/

@stacksofplates said in Encryption FS on the Cloud and Remote SSH:

To play devil's advocate, if you're using LUKS the data is encrypted in transit also. So it's not just at rest.

I can't remember off of the top of my head, but you might need FIPS mode enabled for dm-crypt to encrypt in motion as well. I'm lazy and don't feel like looking it up.

I've heard of it, but never looked into it. If it's looking at every message on the line, it sounds like it could be block chain based.

Do you have .net4 installed on this xp client?

PTT is a way of provider TPM, they are not two separate things. PTT is a non-dedicated hardware approach to TPM 2.0. PTT is designed for low power devices, often used in industrial computing.

Traditionally TPM requires a TPM module, a dedicated hardware processor and firmware for security. With TPM 2.0 dedicated hardware is no longer required. PTT is Intel's implementation of TPM 2.0 for low power systems.