Friday, September 17, 2010

Intel Wants to Dictate What Software Their CPU's Can Run

According to the latest speculation, Intel may be planning to implement code signing and whitelisting into their future lines of processors.  On first glance this sounds like a good idea to help alleviate the disaster that has been Windows security for so long, but there is one little detail that I am not sure Intel has considered: what about those of us that don't run Windows?

Wednesday, September 1, 2010

Pypass Updated to GTK Interface

I updated my password generating program from the unsightly Tkinter to GTK 2.  It should now fit in with whatever theme one is using in Gnome.  I also got rid of the hashing and the option to use /dev/random.  Since /dev/urandom is essentially just a non-blocking /dev/random and about as strong, I see no reason to continue supporting /dev/random.  In the future I plan on supporting a PRNG that takes random input from the user as a seed.  You can get it from my PPA (if on Ubuntu) or from SourceForge.

Saturday, August 7, 2010

A Keylogger Challenge for Linux

I see posts on the Ubuntu forums quite often about keyloggers in Linux.  Many people are under the impression that a keylogger can merely download itself onto a machine without any user intervention (like through a browser exploit) and suddenly begin logging keystrokes.  Eventually, as the theory goes, the user will elevate privileges and the keylogger will steal the root password and send it back to some shady eastern European hacker.  I call BS on this.

Monday, July 19, 2010

The Washington Post Exposes Scope of The Intelligence Complex

A new Washington Post piece was just released which details just how large the intelligence community has become post 9-11.  We all knew that intelligence spending had increased dramatically, but this piece really sheds light on just how chaotic, unorganized, compartmentalized, and under-supervised the whole intelligence community is, despite efforts to improve it.

Pypass Password Generator

As an exercise in Python, I decided to write a random password generator.  I decided on a few features that it had to have: for one, it must produce passwords as randomly as is possible on a finite state machine.  Secondly, it must produce passwords of up to 63 characters in length.  Third, it must produce passwords in just about every logical combination of ASCII printable characters.

     The program is finished and I hope it is of use to the many Linux newcomers who need an easy to use password generator with a GUI.

Sunday, July 18, 2010

E-mail Encryption Using GnuPG

Every e-mail that you send across the Internet is sent in plain text, meaning any individual sitting at one of the many hops between you and your recipient can read the message. And sniffing e-mail is not hard to do even for amateurs. Many ISP's have data retention policies where they retain every e-mail and website visited by every subscriber for a period of months (and sometimes years). Furthermore, the FBI is lobbying Congress to pass a law making such practices mandatory and expanding the length of time ISP's must retain data to 2 years. The NSA, as we all know, was caught spying wholesale on Internet communications at the various backbones (AT&T being one culprit that helped with the spying). If you live in the UK or many other countries, you already have Orwellian laws on the books making data retention mandatory.[1] So, one must ask oneself: "Do I really want my ISP having access to all of the personal e-mails I have sent for the past couple of years?" I don't know about you, but I don't.

Therefore, I will use this post to cover e-mail encryption using the best tool for the job: GnuPG.

Friday, July 16, 2010

Encryption Options in Linux

A lot of people post to the Ubuntu forums wondering about encryption options, or, more generally, how to secure their data in a number of different scenarios. There's a lot of questions one must ask oneself: do I want asymmetric or symmetric encryption? Do I want to encrypt a whole disk, container, or a single file? How about e-mail and IM encryption? Luckily all of these things can be done in a fairly straight-forward way with software your distro came with out of the box. This post will cover only encrypting files, folders, partitions and whole disks. It will not cover e-mail (I will save that for another post since it deserves special attention).

Thursday, July 15, 2010

First Post

Just testing. I will have some stuff to post a little later on.