Encrypted Mailto links [closed]

Sometimes when looking for a way to contact someone on the internet a javascript:linkTo_UnCryptMailto(XXXXXX); appears instead of the email address of that person.

When I click on it, the browser wants to open up an email program that is not configured and also not used, as I use web interfaces of a mail provider (such as gmail, yahoo, hotmail, protonmail and others.)

Is there any way to extract or find out the email address (name@something.com) so I can copy paste the address into the "to" box on the web interface?

Can VeraCrypt encrypted volume be tampered with?

Reading on the security of Borg backups and both encryption and authentication is used (Encrypt-then-MAC).

My understanding is authentication is used to prevent tampering which is especially important for backups vulnerable to unauthorized access (cloud storage or safety deposit boxes for example).

Reading on the security of VeraCrypt (which uses XTS), I can’t find anything about authentication.

XTS mode is susceptible to data manipulation and tampering, and applications must employ measures to detect modifications of data if manipulation and tampering is a concern: "…since there are no authentication tags then any ciphertext (original or modified by attacker) will be decrypted as some plaintext and there is no built-in mechanism to detect alterations. The best that can be done is to ensure that any alteration of the ciphertext will completely randomize the plaintext, and rely on the application that uses this transform to include sufficient redundancy in its plaintext to detect and discard such random plaintexts."

Can VeraCrypt encrypted volume be tampered with?

Is storing an encrypted 2FA backup on Bitwarden (a password manager) a good idea?

I am at the moment using Bitwarden and a separate 2FA app.

I am trying to figure out a way to be able to securely recover my access to credentials and 2FA in case my phone/laptop/other electronic devices get stolen or destroyed and am not sure if what I am doing is good enough.

The app I am using for 2FA allows for encrypted backups with a password. I use Bitwarden to manage my passwords and it also requires a 2FA code from the app.

Now I have a backup of the 2FA app on Bitwarden, where the master passwords for both are long and different (consisting of letters only). I modified the 2FA recovery code for Bitwarden (so that only I know how to read it) and store it on a piece of paper in my wallet and some other places.

My plan is if all goes wrong to gain access to Bitwarden through the recovery code and then download and restore the backup of the 2FA app, in order to regain access to the other places.

Do you think that is secure enough?

How is CSR encrypted?

Using openssl to generate a CSR:

> openssl req -newkey rsa:2048 -nodes -keyout key -out mycsr.csr 

It outputs the mycsr.csr file along with the key file.

The content of mycsr.csr:

-----BEGIN CERTIFICATE REQUEST----- MIICsDCCAZgCAQAwazELMAkGA1UEBhMCRUcxDjAMBgNVBAgMBUNhaXJvMREwDwYD VQQHDAhTaGVyYXRvbjEMMAoGA1UECgwDRm9vMQ4wDAYDVQQLDAVGb29JVDEbMBkG A1UEAwwSd3d3LmZvb2NvbXBhbnkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA1nAiC9voU4s+sBDWuP8Mi99gdCN9hQviL2pagloOydCsqDRkGTeK nxqkK7xVE0EdgogMGUX1eVls7EYJI/6oQUjQR2rSKYaZoKm5eVntG8TST17SHUKm eFZlbsabb6scdsQ1765u5oG8iY/o5fM7WG1RU+MSq2bB+I68ogeY6n0oKK6sYZIH Wbrw7VSehgijXUpRuMNkZBbQXkvKqIG9rYxfIQ47O4hwPrFcO3aVAMop3ZvC/CiE mMtxJw+lfg29ArrQNbvNwrqWuo9MUEUXQk2YeTAJQUme9oaagbQR108GzUM/RAvk LxLt2gFLrD7N+FmfqOMngt99qQMJelUQiQIDAQABoAAwDQYJKoZIhvcNAQELBQAD ggEBAMuCpbBLXPCpRabJbdIW3stCPizuYYbkL0Y4vWJvdP0OWeyfc7jDsAtMeHgB qEaCAg6f4mwyMGAcY3JOKwzfiaCv4busj7S6qdV4q4+1iP7eCMyojrcmT0eVMN6G 9dPvkE82pNJvC4S7hZBDed3Wtwnol9UV5dGqsuRv1tb6WNBZU8+BLeb8NyeNJ5vl Kt5WMwCPLGfG99ghzzTjd/fGue0PJYeWH1x0piZb17Sw5RpZ8CQecUnPYffw+jun 6onLsao5jIXFzA/J1r089p9lM4Xvb3sWegB7SBK2yO4zlyH//R8iNn7JJsFv6JB4 OfhkNv9TAwOPncqPs5IHFddScdM= -----END CERTIFICATE REQUEST----- 

And to see the actual content:

> openssl req -text -noout -verify -in mycsr.csr  verify OK Certificate Request:     Data:         Version: 1 (0x0)         Subject: C = EG, ST = Cairo, L = Sheraton, O = Foo, OU = FooIT, CN = www.foocompany.com         Subject Public Key Info:             Public Key Algorithm: rsaEncryption                 RSA Public-Key: (2048 bit)                 Modulus:                     00:d6:70:22:0b:db:e8:53:8b:3e:b0:10:d6:b8:ff:                     0c:8b:df:60:74:23:7d:85:0b:e2:2f:6a:5a:82:5a:                     0e:c9:d0:ac:a8:34:64:19:37:8a:9f:1a:a4:2b:bc:                     55:13:41:1d:82:88:0c:19:45:f5:79:59:6c:ec:46:                     09:23:fe:a8:41:48:d0:47:6a:d2:29:86:99:a0:a9:                     b9:79:59:ed:1b:c4:d2:4f:5e:d2:1d:42:a6:78:56:                     65:6e:c6:9b:6f:ab:1c:76:c4:35:ef:ae:6e:e6:81:                     bc:89:8f:e8:e5:f3:3b:58:6d:51:53:e3:12:ab:66:                     c1:f8:8e:bc:a2:07:98:ea:7d:28:28:ae:ac:61:92:                     07:59:ba:f0:ed:54:9e:86:08:a3:5d:4a:51:b8:c3:                     64:64:16:d0:5e:4b:ca:a8:81:bd:ad:8c:5f:21:0e:                     3b:3b:88:70:3e:b1:5c:3b:76:95:00:ca:29:dd:9b:                     c2:fc:28:84:98:cb:71:27:0f:a5:7e:0d:bd:02:ba:                     d0:35:bb:cd:c2:ba:96:ba:8f:4c:50:45:17:42:4d:                     98:79:30:09:41:49:9e:f6:86:9a:81:b4:11:d7:4f:                     06:cd:43:3f:44:0b:e4:2f:12:ed:da:01:4b:ac:3e:                     cd:f8:59:9f:a8:e3:27:82:df:7d:a9:03:09:7a:55:                     10:89                 Exponent: 65537 (0x10001)         Attributes:             a0:00     Signature Algorithm: sha256WithRSAEncryption          cb:82:a5:b0:4b:5c:f0:a9:45:a6:c9:6d:d2:16:de:cb:42:3e:          2c:ee:61:86:e4:2f:46:38:bd:62:6f:74:fd:0e:59:ec:9f:73:          b8:c3:b0:0b:4c:78:78:01:a8:46:82:02:0e:9f:e2:6c:32:30:          60:1c:63:72:4e:2b:0c:df:89:a0:af:e1:bb:ac:8f:b4:ba:a9:          d5:78:ab:8f:b5:88:fe:de:08:cc:a8:8e:b7:26:4f:47:95:30:          de:86:f5:d3:ef:90:4f:36:a4:d2:6f:0b:84:bb:85:90:43:79:          dd:d6:b7:09:e8:97:d5:15:e5:d1:aa:b2:e4:6f:d6:d6:fa:58:          d0:59:53:cf:81:2d:e6:fc:37:27:8d:27:9b:e5:2a:de:56:33:          00:8f:2c:67:c6:f7:d8:21:cf:34:e3:77:f7:c6:b9:ed:0f:25:          87:96:1f:5c:74:a6:26:5b:d7:b4:b0:e5:1a:59:f0:24:1e:71:          49:cf:61:f7:f0:fa:3b:a7:ea:89:cb:b1:aa:39:8c:85:c5:cc:          0f:c9:d6:bd:3c:f6:9f:65:33:85:ef:6f:7b:16:7a:00:7b:48:          12:b6:c8:ee:33:97:21:ff:fd:1f:22:36:7e:c9:26:c1:6f:e8:          90:78:39:f8:64:36:ff:53:03:03:8f:9d:ca:8f:b3:92:07:15:          d7:52:71:d3 

How all these data got encoded (is this the right word?) in the base64 text? I’m not talking about the mathematical operations specifically, but using which techniques? is it encryption or hashing ..?

my definitions of:

Encryption: converting information into unreadable text using a key, the resulting text can be decrypted to the original text using the same key or another private key.

hashing: a one-way conversion of text into unreadable text.

signing: encrypting using the private key then hashing the resulting text.

Security of encrypted data and decrypting key

I am writing a python program in which I use encryption. The user can set the password and when it will be an input, the database will be decrypted. However, the function needs the decryption key to decrypt. So I thought about hiding that key somewhere(encryption and decryption key will be generated dynamically which means that the user on new device will have another decryption key.). I have no idea where I could hide it, so program could use it, but the user could not crack it.

Decrypt in chunks a ASE 128 CBC encrypted object

I have an Encrypted object in Minio, encrypted using the ASE 128 bit CBC algorithm.

The object is quite large (~50 MB) so instead of loading it into the memory completely (which may cause out of memory exception), I am retrieving it in chunks of 1MB. I need to decrypt it before use.

Is it possible to decrypt the object in this way (1MB at a time, the whole object was encrypted in one go)? If yes, how can I do it? I have tried decrypting 16-byte chunks which produce the following errors:

javax.crypto.BadPaddingException: Given final block not properly padded

javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher

Do browsers know domains that are supposed to be encrypted?

Do browsers have a list with sites that are supposed to be encrypted?

Could a man in the middle attack be performed by presenting a user a http site instead of an https site? That way the server would not need to provide a certificate.

It wouldn’t show up as a secure site in the browser but I think most people wouldn’t notice it. And it wouldn’t warn the user, because there are legitemate sites who don’t use https.

Would such an attack be possible or does the browser notice that the site is supposed to use https but doesn’t?

How to find the hashed password contained in an encrypted file? [closed]

I have an encrypted "*.pbl" file (100kb) that contain my forgotten password. My password is very easy: number+lower case letters with length=6. Once I find the Hashed password I’ll quickly recover my password.

Of course the hash of a file can be found but it is still not the hash of a password. How do I find the hashed password?

One thing I could possibly do is to create another account with another password; this way I can generate a new encrypted file with the exactly same format and I might be able to find the position of my passwords.

PS: I did check related post but obviously I don’t need to do things like SQL injection because the file has always been on my local machine.

gmail warns about encrypted PDF file

I recently received a PDF file that, when attached to a gmail message, causes a warning to be displayed as follows:

Encrypted attachment warning – Be careful with this attachment. This message contains 1 encrypted attachment that can’t be scanned for malicious content. Avoid downloading it unless you know the sender and are confident that this email is legitimate.

However, I am able to open the file without getting prompted for a password. I followed the advice given in this security stack exchange question and used the pdfid.py program whereupon I got the below output:

$   pdfid.py ~/Downloads/filename.pdf PDFiD 0.2.7 /home/username/Downloads/filename.pdf PDF Header: %PDF-1.6 obj                  402   endobj               402  stream               401   endstream            401 xref                   0 trailer                0 startxref              1 /Page                  0 /Encrypt               1 /ObjStm               15 /JS                    0 /JavaScript            0 /AA                    0 /OpenAction            1 /AcroForm              1 /JBIG2Decode           0 /RichMedia             0 /Launch                0 /EmbeddedFile          0 /XFA                   0 /Colors > 2^24         0 

It would seem to me that since this file contains no JavaScript it is safe to open and handle. But I am puzzled by the encrypted message that Gmail displays. I guess it is related to the /Encrypt flag that’s set on the above output.

Why is Gmail telling me that the file is encrypted even though I can open it without being prompted for a password and would that, on its own, be reason for concern?