Announcement

Collapse
No announcement yet.

Crypto Software (email/web/irc) for the everyday person

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Crypto Software (email/web/irc) for the everyday person

    Originally posted by c0nv3r9
    I know this has been discussed somewhat pre-dc10... but this puts an interesting twist on it, imo. What forms of encryption do you tend to stick with blackwave? others? How much faith are you willing to put into PGP?
    It really depends on what I am using the crypto for.
    I use crypto on my:
    external drives (pgpdisk over ntfs/efs (with offloaded keys))
    usb keys (using pgpi pgpdisk)
    email (pgpi/hushpgp)(s/smime)
    communications (ssh)

    ... the thing about crypto is that most people don't have the time or the requirement to go over the implementation of the algos or the algos themselves... but soley rely on the advice of acclaimed cryptographers/cryptologists/cryptanalysts...
    check out www.cryptome.org and subscribe to counterpane'scryptogram.
    PGPi can be found here: http://www.pgpi.org/
    I have not used PGP 8 from http://pgp.com/

    I use hushmail (http://www.hushmail.com/) they have a nice antispam feature (that at least works for now)... you can block all non crypto-email... now i am just waiting for crypto-wrapping spam bots... <looking around nervously>

    ... here is a fun site: http://www.spammimic.com/

    regarding Winn's example, it takes two to tango in using communications crypto since if one of the entities drop the ball, it doesn't matter who dropped it... it has been dropped. :)

    ... in the end remember two things:

    Crypto is not meant to STOP anyone from knowing the data... just slow them down until the data invalidates, no longer becomes important.

    Crypto is usually exploited not through the algos, but the implementations of the algos and various bad programming techniques and security practices.

    I think crypto is a nice burden to use.

  • #2
    Originally posted by blackwave

    PGPi can be found here: http://www.pgpi.org/
    I have not used PGP 8 from http://pgp.com/
    I have not used PGP 8 either, I use PGP 7.0.3. I have heard that there are some compatibility issues with the Keys in 8. DUnno from experience though.
    perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

    Comment


    • #3
      Hmmm, this *has* reminded me to upgrade my version.

      Al
      "Are my pants...threatening you?"

      Comment


      • #4
        Originally posted by blackwave
        I use crypto for everything from email to surfing the net to irc.
        Do you have any good links you would like to share for free or pay SSL web proxies & IRC servers? I know of Anonymizer
        and Church of the Swimming Elephant , but does anyone have any suggestions for other good ones from a personal use standpoint?
        Happiness is a belt-fed weapon.

        Comment


        • #5
          Originally posted by che
          Do you have any good links you would like to share for free or pay SSL web proxies & IRC servers? I know of Anonymizer
          and Church of the Swimming Elephant , but does anyone have any suggestions for other good ones from a personal use standpoint?
          anonymizer rules in almost every way.. the F-secure software they offer with their subscription is pretty decent. (though it isn't required to use)

          JAP is decent and free : http://anon.inf.tu-dresden.de/index_en.html

          [c]... another neat tool to use in conjunction with surfing for windows is Proxomitron: http://www.proxomitron.org/

          Comment


          • #6
            JAP is decent when working...
            if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

            Comment


            • #7
              I myself use PGP 8.0. It works great.
              (¯`·.__Exodus__.·´¯)

              Comment


              • #8
                Originally posted by Exodus
                I myself use PGP 8.0. It works great.
                For Windows, I was using PGP 7.03 (which I sometimes still use), but I have started moving to GPG (which I have used for linux for a while). There are several plug-ins for GPG for windoze that work quite well..
                Happiness is a belt-fed weapon.

                Comment


                • #9
                  Use Encryptro!!!

                  You can use Encryptro, made by Coyotee Labs
                  I know Coyotee (the author) and already got the program.
                  The program will soon be available on www.coyoteelabs.go.ro

                  The program can encrypt any tipe of file with or without a password and as many times you want (even different passwords for every encryption). Without the correct passwords you can't see sh*t in the file. Executables can't be run, files can't be seen (not even with hex editors).
                  BY ACCEPTING THIS BRICK THROUGH YOUR WINDOW, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE INSTALLATION OF THIS BRICK INTO YOUR BUILDING.

                  Comment


                  • #10
                    Re: Use Encryptro!!!

                    Originally posted by ^Dash^
                    You can use Encryptro, made by Coyotee Labs
                    I know Coyotee (the author) and already got the program.
                    The program will soon be available on www.coyoteelabs.go.ro
                    Hopefully it will have a better description, and implements a known crypto system as compared to:
                    CL Encryptor / Decryptor v1.0 This program is used to encrypt / decrypt text documents. It uses its own encryption / decryption system.

                    Comment


                    • #11
                      umm

                      I would suggest "Password Safe". It was written by Bruce Schnier who runs counterpane security, writes the CryptoGram newsletter, and is an EXPERT on cryptography. The algorithm used is called BlowFish and was one of the 5 finalists for the AES standard that the government and industry are replacing DES with.

                      But most importantly, it's Open Source, so if you get the urge you can check the code to make sure there aren't any back doors in the program.

                      http://www.counterpane.com/passsafe.html

                      Travis
                      --- The fuck? Have you ever BEEN to Defcon?

                      Comment


                      • #12
                        Re: umm

                        Originally posted by kallahar
                        I would suggest "Password Safe".
                        I love password safe (for windows) and use it 24/7 very handy to have on a usbkey in fact :)
                        Though for updated versions(newer than the 1.7.1) check here:
                        http://passwordsafe.sourceforge.net/
                        and you can download the latest versions off [currently 1.9.0]:
                        https://sourceforge.net/projects/passwordsafe/
                        ... and if you lost your password safe password here is the FAQ:
                        http://www.counterpane.com/passsafe-faq.html

                        Comment


                        • #13
                          Re: Re: umm

                          Originally posted by blackwave
                          I love password safe (for windows) and use it 24/7 very handy to have on a usbkey in fact :)
                          Though for updated versions(newer than the 1.7.1) check here:
                          http://passwordsafe.sourceforge.net/
                          and you can download the latest versions off [currently 1.9.0]:
                          https://sourceforge.net/projects/passwordsafe/
                          ... and if you lost your password safe password here is the FAQ:
                          http://www.counterpane.com/passsafe-faq.html
                          what kind of usbkey do you have. Im looking around to buy one, but interested in which one you may have.

                          Comment


                          • #14
                            Re: Re: Re: umm

                            Originally posted by pyrophite
                            what kind of usbkey do you have. Im looking around to buy one, but interested in which one you may have.
                            I have about 5 different usb keys, (I will bring a couple down on Friday... ) though one of my favorite models is from here: http://www.jetflashusa.com/ more specifically their A model: http://www.jetflashusa.com/flashdrive.asp ... I use it for both slackware and XP.. the only part that sucks about it is that there is no "security" software they provide that protects the key in linux... so if someone sucks off the data, it better be pre-crypto'd :) In windows I have anything important on the usb key using pgpdisk which works out great.

                            For a while I have been talking to a few companies on getting a fips3/4 usb crypt token, but after pgp flipped around I haven't talked to them much.... but a fips3/4 usb token would work nicely since you have to login to the token before you have access to it, and the token kills itself with too many bad pin/password attempts... mmm.. gotta love that PKI.. :) though most smartcard type of tokens are still in kB :( ... then good thing with the usb tokens you can get them currently in 2GB... though the ones I normally use are 128MB and 256MB... since they are easily disposable if need be <wink>

                            Comment


                            • #15
                              thanks bw, wondering if i should save up for a gig, or just go grab a 256.. What apps do u keep on your drive, what programs can you not leave home w/ out. Or do u just keep data like ns files, maps etc?

                              Comment

                              Working...
                              X