We are still actively working on the spam issue.
Difference between revisions of "Encryption"
(→Controversy) |
|||
Line 2: | Line 2: | ||
== Windows == | == Windows == | ||
+ | |||
+ | Windows leaks a fucking shitload of information (thumbcache, temporary files, page file, etc...) | ||
+ | |||
+ | Don't even think about making a truecrypt volume for only your "sensitive" shit (you sick fuck) and do a full disk encryption, you will thank me later. Even if your sensitive stuff is shit nobody cares about like that shitty erotic story you wrote one year ago, windows sucks so much it has has a hundred copies of that file on the disk for every time you opened it with shitpad or whatever shitty Microsoft software you use. | ||
+ | |||
+ | Truecrypt files should only be used to safely store stuff on drop(botnet)box (I hope for your sake you don't have their client installed) or to securely send files to people. | ||
=== [http://www.truecrypt.org TrueCrypt] === | === [http://www.truecrypt.org TrueCrypt] === | ||
Line 19: | Line 25: | ||
=== [https://wiki.archlinux.org/index.php/Dm-crypt/Device_Encryption dm-crypt] === | === [https://wiki.archlinux.org/index.php/Dm-crypt/Device_Encryption dm-crypt] === | ||
− | dm-crypt + LUKS is the recommended encryption solution for GNU/Linux. | + | dm-crypt + LUKS is the recommended encryption solution for GNU/Linux. It comes with the kernel. |
=== [http://www.truecrypt.org TrueCrypt] === | === [http://www.truecrypt.org TrueCrypt] === | ||
+ | |||
+ | Don't use truecrypt on Linux, it's shit. dm-crypt is audited and everything and comes with kernel. The only reason you would use truecrypt is to convert your truecrypt volumes to dm-crypt. | ||
==== [https://github.com/bwalex/tc-play tc-play] ==== | ==== [https://github.com/bwalex/tc-play tc-play] ==== |
Revision as of 00:56, 31 January 2014
Encryption is the art of encoding messages in a way that only the intended, authorized person may read it. According to Edward Snowden, strong, tested cryptographic encryption systems were said to be one of the few remaining things that work (i.e. haven't been compromised by the NSA), and that people can still rely on.
Contents
Windows
Windows leaks a fucking shitload of information (thumbcache, temporary files, page file, etc...)
Don't even think about making a truecrypt volume for only your "sensitive" shit (you sick fuck) and do a full disk encryption, you will thank me later. Even if your sensitive stuff is shit nobody cares about like that shitty erotic story you wrote one year ago, windows sucks so much it has has a hundred copies of that file on the disk for every time you opened it with shitpad or whatever shitty Microsoft software you use.
Truecrypt files should only be used to safely store stuff on drop(botnet)box (I hope for your sake you don't have their client installed) or to securely send files to people.
TrueCrypt
A popular encryption solution for Windows. Allows full-disk encryption.
Controversy
- There are allegations that the TrueCrypt license is not a Free Open Source Software License.
- There are concerns over the binaries being non-deterministic and whether it has been fully audited or not.
- TrueCrypt binaries have been reproduced in the past, however, there are still some that are not satisfied with that.
FreeOTFE
A now defunct project that allowed users to mount dm-crypt/LUKS volumes in Windows. Does not have signed drivers, so Microsoft makes it a pain in the ass to install and use.
GNU/Linux
dm-crypt
dm-crypt + LUKS is the recommended encryption solution for GNU/Linux. It comes with the kernel.
TrueCrypt
Don't use truecrypt on Linux, it's shit. dm-crypt is audited and everything and comes with kernel. The only reason you would use truecrypt is to convert your truecrypt volumes to dm-crypt.
tc-play
A FOSS Truecrypt implementation to replace the official version. Supports most of Truecrypt's features.
I Want to Implement Crypto Correctly in my Shitty App, What do I do?
The best and easiest to use public key crypto library is NaCl. Don't even try creating your own crypto algorithm or using another shitty library. The important part with crypto is always use enough randomness in your keys. If you don't, this happens (you can't really have this problem with NaCl though). The other important part is always use a unique nonce.
NaCl is real easy to use, just use crypto_box_keypair() to generate a public/private keypair, use crypto_box() to encrypt data and use crypto_box_open() to decrypt it (This is the only function that you need to check the return value, it returns -1 if the decryption failed). Why does crypto_box() use your private key to encrypt a message you ask? That's so the other can check if that encrypted message really came from you, the same reason why crypto_box_open() takes the public guy of the guy who sent you the encrypted data.
If you have a grain of intelligence, before using NaCl for anything you will read everything on the website, especially this page.
Why NaCL?
1. It's secure (Authentication, protection against timing attacks, etc..)
2. It's fast (RSA is very slow).
3. The keys are only 256 bits (It's ECC), and it's as secure as RSA 3072.
4. It isn't a bloated pile of crap filled with insecure ciphers (OpenSSL)