i just want to know that if someone is on my router using internet..what sort of data he is availing or what he or she is doing on my router .
My main email is encrypted email and I give out another email address that is forwarded to my main email. For me, it creates an extra layer of protection, or so I like to think it does. Does it? Or is it counterproductive to the end-to-end encryption of my main email?
I’m using openssl to sign files, it works but I would like the private key file is encrypted with a password. These are the commands I’m using, I would like to know the equivalent commands using a password:
- Use the following command to generate your private key using the RSA algorithm: openssl genrsa -out private.key 2048 - Use the following command to extract your public key: openssl rsa -in private.key -pubout -out public.key - Use the following command to sign the file: openssl dgst -sha512 -sign private.key -out signature.bin file.txt - To verify the signature: openssl dgst -sha512 -verify public.key -signature signature.bin file.txt
The app requires that the user be prompted for some kind of identifying information whenever it is launched, but for ease of use this need not be their full username and password. Password entry in particular (and especially on mobile devices) will be too cumbersome to make this feasible. Therefore, we are considering a once-off login procedure where the full credentials are supplied, followed by a “setup” step where the user creates a PIN for future access. This could, in future, be extended to allow a fingerprint/face scan to also “unlock” the app on supported devices.
My initial thoughts on implementation are:
- The user submits a valid username/password combination to a
login/endpoint of the API and receives an “ID token” in response.
- During the “setup” phase, the PIN chosen by the user is used to encrypt the ID token.
- The encrypted ID token is stored in
- A secondary request is made to an
authorise/endpoint of the API, including the plaintext ID token. Assuming the token validates, a second token is issued to the app.
- This second token is what is used in all subsequent requests to the API to prove the user is trusted, has a relatively short expiry, and is not stored in any persistent manner by the application.
- Upon returning to the app at a later date, the user need only provide their chosen PIN.
- It can be used to decrypt the stored ID token, which is then used in the
authorise/request to generate and return a new short-lived session token.
The internet abounds with articles advising against the use of
LocalStorage for anything sensitive, due to its exposure in the event of XSS attacks. The threat is that a token in
LocalStorage could be stolen when the same token in an httpOnly cookie could not. It is worth noting that in both cases, a malicious script running within the app could successfully issue fraudulent requests to the backend API.
I believe the XSS threat of the ID token being stolen is mitigated by it being encrypted under the user’s PIN, and neither the decrypted value nor the PIN itself being stored or used beyond the
I think the above sounds like a secure way to implement our requirements, but I am no security expert. Am I missing any obvious weaknesses here? Does this actually sound secure?
Is their an easy way to convert a vanila install with unencrypted root partition to an encrypted one (eg LUKS) in Ubuntu 16.04? I know that Android offers equivalent functionality, but am unaware of a “Linux” equivalent, and posit that this is OS specific and non-trivial.
I note the root filesystem is EXT4 and /boot is a seperate partition. I am aware of the possibility of backing up my data and reinstalling the OS, I’m just wondering if there is a more expedient way.
How do I increase the swap area size after installing Ubuntu with full disk encryption?
I didn’t encrypt my root partition when I was installing my Ubuntu 18.04 when 18.04 first came out (first few months of it’s release) So for reasons I decided to encrypt it now.
I know this question has been asked before (I posted the links of some of the asked ones, actually!) but I posted this because this issue is specific to me, so please don’t remove my question, thank you very much, dear moderators and admins. I did not find anyone who had an issue same as mine, and after doing some MAJOR linux stuff, I had to ask for help since I was unable to solve this by myself. (Which hasn’t happened a lot over my past 11 years of GNU/Linux-*nix experience. I solved/fixed my problems by myself and dear Google like 99% of the times… and as you know problems happen a lot in linux! 😀 )
Anyway, Here are the steps of which I did it: (In a 18.04 live usb)
sudo cryptsetup -v -y -c aes-xts-plain64 --key-size 512 --hash sha512 luksFormat --uuid=049172c6-5376-4b9c-bd27-b503b6f25423 /dev/sda5 sudo cryptsetup -v luksOpen /dev/sda5 myroot sudo mkfs.ext4 -m 0 /dev/mapper/myroot sudo mount /dev/mapper/myroot /media/myroot #I created /media/myroot beforehands #Then for copying the contents of my root partition I used dd: sudo dd if=/dev/sda6 of=/dev/mapper/myroot bs=4M #/dev/sda6 is a duplicate of my original sda5 root...
Then after this I did A LOT of things I thought would help for booting this new encrypted root of mine with GRUB, and also A LOT OF MORE things I found by searching. So I basically tried everything people suggested in these links:
Booting 19.04 from LUKS system drive
Can't get Ubuntu to boot from LUKS / LVM group on external drive on iMac with refind
Ubuntu full disk encryption with encrypted /boot
Mount LUKS encrypted hard drive at boot
How to get grub to boot from a newly encrypted partition
(And a lot of more links)
Here’s the output of fdisk -l:
Disk /dev/sda: 238.5 GiB, 256060514304 bytes, 500118192 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: FE0857E8-E0DE-40A0-96C5-C4FEC80B8742 Device Start End Sectors Size Type /dev/sda1 2048 534527 532480 260M EFI System /dev/sda2 534528 1067007 532480 260M EFI System /dev/sda3 2582528 4630527 2048000 1000M Lenovo boot partition /dev/sda4 4892672 259438591 254545920 121.4G Microsoft basic data /dev/sda5 259438592 332343295 72904704 34.8G Linux filesystem /dev/sda6 332343296 400898047 68554752 32.7G Linux filesystem /dev/sda7 410068992 425521151 15452160 7.4G Microsoft basic data
These are my UUIDs:
/dev/sda5: LUKS UUID: 049172c6-5376-4b9c-bd27-b503b6f25423 Partition UUID: 1db5df50-7000-48df-a281-74bad5689ce1 /dev/sda6: Former UUID which I recently changed it to a new one because it was same as sda5's due to using dd for copying root filesystem to new LUKS partition: 1db5df50-7000-48df-a281-74bad5689ce1 New UUID: 7876a195-7219-4440-892a-61b57c706443
And finally the things I tried in GRUB: http://s000.tinyupload.com/index.php?file_id=00739971820320475700
Any help will be much appreciated I really don’t want to reinstall and encrypt from the installer, I need the things I have on my ubuntu and I really can’t do a reinstall, this ubuntu install of mine is just so perfect, I’ve had a lot of experience with GNU/Linux (Over 10 years now) and had a lot of linux installations and I’m no noob, but I just can’t loose all my data or configurations or customizations I made… I know I can back them up but I just… you know?
I see advantage of using container in it that offer work with more files rather than with one but is there some advantage in encryption technique?I would like to know if it encrypt each single file in a container (or an archive) or is there some another technique used to encrypt it?I want create my own file container as a school project and add some features like encryption etc. therefore i would like to gain more complex overview firstly.
I have a Corona SDK sample project that contains only the following code:
-- The following sample code contacts Google's encrypted search over SSL -- and prints the response (in this case, the HTML source of the home page) -- to the Corona terminal. local function networkListener( event ) if ( event.isError ) then print( "Network error: ", event.response ) else print ( "RESPONSE: " .. event.response ) end end -- Access Google over SSL: network.request( "https://encrypted.google.com", "GET", networkListener )
The code has been copied directly from Corona SDK’s documentation.
Once the network request completes, the console will output the requested HTML source. However, my question is, how can I verify that the network request and all information that was exchanged was actually encrypted and not clearly legible as it is in the console output?
I am planning on creating an app that will communicate with a PHP file on my server over SSL and being able to verify that the traffic between the server and the Corona made app is actually encrypted is essential since I’d be sending over passwords and other confidential (but not personally identifiable) information.
Does SharePoint 2019 with SQL 2017 Enterprise edition support the Always Encrypted ?