Sometimes I am a perfectionist. Having previously made my private diary blog available via a Tailscale sidecar container in my Tailnet, I have now integrated Tailscale directly into GoBlog. Both Tailscale and Tailscale’s Let’s Encrypt certificates can be configured directly in GoBlog. No sidecar container is needed anymore. A much simpler solution! (And Tailscale rocks!) ⌘ Read more
Matrix vs. XMPP
XMPP and Matrix are two decentralized and federated free sofware projects for chat, including true end-to-end encrypted chat.
Users can either install the software on their own server if they want, but they can also easily register on any public server—both allow any XMPP or Matrix user to talk to users on their server or on any other one. In essence, it works like email: you might have an em … ⌘ Read more
updated email address and made a new encryption key
How to Generate the Free Let’s Encrypt SSL Certificate on Your Own (Windows) Computer ⌘ Read more…
https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption cryptsetup swap
https://we.riseup.net/debian/encrypted-swap crypt debian devuan swap
Encryptomatic® OpenPGP 2.7.7 Email Encryption Add-in for Microsoft Outlook is now available. ⌘ Read more…
@felixp7@twtxt.net “Yo, crypto-heads. Encrypted communication doesn’t protect your privacy. Laws …” I guess crypto-heads are often happy with acknowledging this, but also arguing that e.g. deniable crypto is a useful way out here (and, of course, just doing illegal stuff if it gets really rough).
Kaidan: Kaidan will receive a grant for end-to-end encryption ⌘ Read more…
Client-Side Field Level Encryption (CSFLE) in MongoDB with Golang ⌘ https://developer.mongodb.com/how-to/field-level-encryption-fle-mongodb-golang
-----BEGIN CRYPTUTIL ENCRYPTED MESSAGE-----
l0GwFAQpx3ed+bZlcQ+pexbynFzZOm8EI/FivGbWQ16whyTkToVv8S2GSAjrsJoT
37MdaBDpoitli/f/aP130b6O6SnK/LdHHJ1DTvWgxB14sq9b4mRtk7HvYzA=
-----END CRYPTUTIL ENCRYPTED MESSAGE-----
@prologic@twtxt.net Ok.. so using NaCL boxes. yeah its just a combo of using secretbox with a generated key/nonce. and then using the pubkey box to encrypt the key/nonce for each device.
@prologic@twtxt.net sender generates an AES key encrypts message. gets the device list for user and encrypts key for each device. sends the encryptedkeys+cypertext.
@prologic@twtxt.net for encryption. we can have browser/app generate ec25519 keypair. store the private on device and add pub to list of devices for the user on pod.
Snikket: Sponsoring Group Chat Encryption in Siskin ⌘ https://snikket.org/blog/sponsoring-group-omemo-in-siskin/
Opportunistic Encryption on the IP Layer ⌘ https://hack.org/mc/blog/ipsec-dns.html
Cryptee | Private, Secure, Encrypted Photos and Encrypted Documents ⌘ https://crypt.ee/
@lucidiot@tilde.town @kas@enotty.dk There’s also Keybase as good GPG tool. They offer a lot of encrypted services as well :)
Even though noone send me GPG encrypted messages, I renewed my expiration date to one more year :)
Using Gnupg and openssl for encryption
I have used Gnupg to encrypt my private files, specially those that I upload to the clouds, for a long time. I used to encrypt to self, using my own key, then later moved to symmetric encryption only. The command is easy:
To encrypt:
gpg --cipher-algo aes256 --symmetric file.txt
Adding the option --armor to the above will produce an ASCII armoured encrypted file.
To decrypt:
... ⌘ [Read more](https://collantes.us/2019/07/30/using-gnupg-and-openssl-for-encryption/)
…or encrypted in iCloud 🤔
Others are more subtle about it, exploiting pragmatic ambiguity or encrypting themselves, hiding in externalities so that down the road, someone may come up with the same flawed spell again
@freemor@freemor.homelinux.net I also always try to have a few ssh servers with several ports available for me to use. My favorite port is 443. Once had a firewall that wouldn’t allow SSH on 22 but 443 was acceptable because it expected encryption on it.
the other selves, crafty as ever, have started encrypting their messages and instead of voices or urges, it’s now flashes of bridge, three, red, [bread on tongue], [nose twitch]
The memetic panspermia hypothesis: Encrypted in constellations, consciousness and other concepts lurk, waiting to imprint themselves onto unsuspecting sapients when the stars are right
Alex Schroeder: 2018-01-10 Encrypted Gopher https://alexschroeder.ch/wiki/2018-01-10_Encrypted_Gopher
How to keep your ISPâs nose out of your browser history with encrypted DNS | Ars Technica https://arstechnica.com/information-technology/2018/04/how-to-keep-your-isps-nose-out-of-your-browser-history-with-encrypted-dns/
@freemor@freemor.homelinux.net I think we already discussed encrypted tweets some time ago, but no encryption seemed short enough. GPG ist just too big. Any ideas?
You Can Encrypt Your Face – The New Inquiry https://thenewinquiry.com/you-can-encrypt-your-face/
those who die in virtuality will have their memories encrypted and moved to the saveyard
@kas@enotty.dk Is #starttls-everywhere just to ease configuration or is there any reason why #lets-encrypt certs won’t work on mail servers?
He has music-architecture synesthesia and encrypts his plans as sheet music
Old school liches store their souls in crypts, modern ones encrypt their minds and make backups. The rules stay the same: don’t touch that.
What looked like dreadlocks were in fact finely machined braids, overall encoding roughly one megabyte of encrypted data.
@kas@enotty.dk That’s what i’m using. But shouldn’t i be able to generate keys to communicate with other users? How could i encrypt a message for you?
Wow, a third of all ssl certificates on twtxt are from Let’s Encrypt. Incredible.
Apple on encryption
Apple mobile devices—iPhones, iPads, iPods—are used everywhere. The US smartphone subscriber market share highest percentage is dominated by them. As an American company, they are bound to comply with U.S. laws and regulations. So, when the U.S. Justice Department [requested](http://www.nytimes.com/2015/09/08/us/politics/apple-and-other-tech-companies-tangle-with-us-over-acce … ⌘ Read more
Backing up and restoring GPG keys
If you use GPG to occasionally encrypt and/or sign your email, or to encrypt your files before placing them on the cloud, you will understand how important it is to have a backup of your GPG keys. Similarly important will be to know how to restore them as well.
To back your private, and public keys, as well as your trust database, you will do1:
gpg --armor --export-secret-keys > ~/Des ... ⌘ [Read more](https://collantes.us/2015/10/13/backing-up-and-restoring-gpg-keys/)