Setting Up Private Employee Survey Area On Company Website [closed]

Long-time listener, first-time caller.

Our company has about 120 Employees and growing. We are at a point where we need to collect self-evaluations and other survey data from our workforce but only our administrators and managers have user accounts with our Google Apps (because those costs add up!) Since we can’t require anyone to have a personal Google account, we don’t have a reliable way to verify or authenticate the rest of our employees as they fill out surveys. Our solution so far is to hand out paper forms and do the data entry manually.

I’ve been charged with finding a solution. I was thinking it’d be possible to set up a member area of sorts on our website where employees could register and log in for surveys and such. I could get Google Sheets talking to the survey database and we’d be off to the races.

Our public-facing site is hosted on SquareSpace, if that makes any difference.

Anyway, the world has changed many times over since I’ve had anything to do with the back end of a website (it’s true; I’m not a pro) and I’m completely unsure of where to start, but I can probably build it once I get my bearings so I’m here looking for suggestions on how to start.

Help?

Does Private Sanctum prevent Rope Trick from being cast?

Private Sanctum states:

• Planar Travel is blocked within the warded area.

Rope Trick states:

… an Invisible entrance opens to an extradimensional space that lasts until the spell ends. The extradimensional space can be reached by climbing to the top of the rope.

Would Private Sanctum prevent Rope Trick from being used? RAW it does not seem like it.

Does PGP passphrase necessary if I store private key and passphrase in the same place?

I’m building a system that generates PGP key and store private key in secret vault. One thing I’m not fully understanding is the need for passphrase.

I can generate a random passphrase during the key generation and then store it in the secret vault along side with the private key, but I’m wondering if it has any benefit. If I store both passphrase and private key in the same place and that place can be considered secure, is there any additional benefit of using the passphrase? Or just storing the private key securely is enough?

Secure and private connection to GnuPG keyservers

I wish to privately submit my public key (without possibility of it’s snooping on the internet). I found that I have 3 ways to connect to the keyserver securely:

  1. https://
  2. hkps://
  3. hkp:// [Using TOR]

Which one of the 3 is most secure …….surprised to find that the TOR keyservers present use only hkp and not hkps?

https keyservers are working with ipv4 to search and submit keys but it’s hard to find hkps server working with ipv4?

Dedicated Private Proxies (from 0.8$) | Shared Proxies (from 0.25$) | Discounts | Custom GEO | Bulk

Selling Dedicated Private Proxies (from 0.8$ ) | Shared Proxies (from 0.25$ ) | Discounts | Custom GEO | Bulk

Selling Cheap Private Proxies (from 0.8$ on the bigger packs) and Super Cheap Shared Proxies  (from 0.25$ on the bigger packs)
Unlimited Bandwidth & Threads.
Anonymous Proxies. No logs are being stored.
All proxies are HTTP/HTTPS no SOCKS.
Non Sequential IPS.
You can request for the private proxies to be refreshed once per month.
Setup fee is not lost. You’ll use the proxies for another month after you’ll stop paying. The setup fee is there so we won’t have to take immediate action if you don’t plan on paying another month.
Do not use them for anything illegal or offensive.
An active subscription is required to maintain access to your proxies. I will remove your access within 1 month (setup month) and 48 hours of your subscription being cancelled.
Bulk discounts are available. If you start with 1 pack and later you’ll buy a few more , contact us and we’ll adjust your invoice with the new bulk pricing. ( Price list below).
Yearly discounts are available.
Depending on the pack of your private proxies you can choose a few locations.
The Shared-Proxies are from USA only
IP Authentification only.
Private Proxies : You get access to control panel where you can activate up to 10 IPs instantly.
Shared Proxies: You’ll get access on 1 IP only. You can change that IP via support ticket (no control panel access).
Our Guarantee:
If the proxies aren’t suitable for whatever you need request a full refund within 3 days of ordering! (For packs up to 101 proxies.)[/COLOR]
No vouche copies are available. We’ve been selling proxies among our private customers for a while now and just decided to open the service to the public.
Try it risk free with our 3 days money back guarantee![/COLOR]
Pricing! Monthly Payments!
Private Proxies:
10 Proxies – 10$ (1$ each)
60 Proxies – 60$ (1$ each)
100 Proxies – 95$ (9.5$ each)
500 Proxies – 450$ (0.9$ each)
1000 Proxies – 850$ (0.85$ each)
2000 Proxies – 1600$ (0.8$ each)
Shared Proxies:
100 Proxies – 35$ (0.35$ each)
200 Proxies – 60$ (0.3$ each)
500 Proxies – 125$ (0.25$ each)
1000 Proxies – 250$ (0.25$ each)
2000 Proxies – 500$ (0.25$ each)
[B]Wordwide Locations available atm:[/B]
[LIST]
[*]Sydney, Australia
[*]Ontario, Canada
[*]Quebec, Canada
[*]Beijing, China
[*]Estonia, Europe
[*]Sweden, Europe
[*]Ukraine, Europe
[*]Paris, France
[*]Berlin, Germany
[*]Frankfurt, Germany
[*]New Delhi, India
[*]Israel, Asia
[*]Tokyo, Japan
[*]Amsterdam, Netherlands
[*]Lisbon, Portugal
[*]Bucharest, Romania
[*]Zurich, Switzerland
[*]Essex, United Kingdom
[*]London, United Kingdom
[*]Rochdale, United Kingdom
[*]Staffordshire, United Kingdom
[*]Surrey, United Kingdom
[/LIST]
[B]USA Locations available atm:[/B]
[LIST]
[*]Birmingham, AL
[*]Mesa, AZ
[*]Phoenix, AZ
[*]Tucson, AZ
[*]Fresno, CA
[*]Hacienda Heights, CA
[*]Los Angeles, CA
[*]Sacramento, CA
[*]San Diego, CA
[*]San Francisco, CA
[*]San Jose, CA
[*]Miami, FL
[*]Atlanta, GA
[*]Honolulu, HI
[*]Chicago, IL
[*]Church Creek, MD
[*]Dearborn, MI
[*]Kansas City, MO
[*]Omaha, NE
[*]Las Vegas, NV
[*]Parsippany, NJ
[*]Buffalo, NY
[*]New York, NY
[*]Columbus, OH
[*]Edmond, OK
[*]Beaverton, OR
[*]Portland, OR
[*]Nashville, TN
[*]Austin, TX
[*]Dallas, TX
[*]Houston, TX
[*]Seattle, WA
[/LIST]
[CENTER]Contact me via PM, on site at https://www.bywex.com/contact/ or via skype at
[URL=’https://hatscripts.com/addskype?live:support_42971'][IMG]https://hatscripts.com/addskype/live:support_42971.png[/IMG][/URL][/CENTER]

Storing private keys for updates to remote device

I’m reading up on how to perform signed updates for remote hardware devices. I need to check if the new software has been generated by a "trusted" source, ie me.

Based on my understanding of asymmetric cryptography I understand that I can embed a public key on all my devices and then any new software that needs to be updated on the device, needs to have a signed hash in a header that I could check against. I’m all onboard until this part, and it sounds great for secure updates, but I’m wondering how one would securely store the private key. Say I built 1M units. All have the public key programmed on them. If my private key is lost for whatever reason, I lose the ability to update any of these devices. It sounds like the jugular vein. Should I accept storing private keys very safely as a cost of doing business, or is there a better way to handle this case?

SMIME email decryption using a private key – what am I doing wrong?

I have an encrypted .eml file and a private key. I’ve looked it up a lot on the internet but couldn’t find a way to decrypt the email using OpenSSL. I’ve tried this command:
smime -decrypt -in encrypted.eml inkey privatekey.key -out decrypted.eml
and each time I get this error:

OpenSSL> smime -decrypt -in encrypted.eml inkey privatekey.key -out decrypted.eml
No recipient certificate or key specified
smime: Use -help for summary.

I have also tried converting the private key to a .pem file but it still displays the same message. both files are in the same folder as the openssl.exe application is, before that I couldn’t get it to work at all.

I clearly am doing something wrong, what is it exactly?

Is secureboot of any use if I keep my private key in a root accessible file?

According to the Debian wiki on SecureBoot,

This removes the risk of userland malware potentially enrolling new keys and therefore bypassing the entire point of SB.

So SecureBoot stops users from installing keys without UEFI confirmation (outside of the OS) and verification with a passcode. That makes sense.

However, nothing there ever says to remove the key so root doesn’t have access to it. Does SecureBoot serve any purpose if I keep my private key in a root-accessible file?

Can I find a private key for a known encrypted file?

Let’s say I create a 100KB file only containing 1234567890, that is, a known value. This file would be sitting on several folders as bait.

Once a Rasomware hits the folder and encrypts this file (considering all other forms of anti-rasomware protection failed), could I generate which is the private key that would decrypt that file, and all other files, by knowing the previous file contents?

Does also having the Public Key captured in memory help?

Does having a large known file help?

I know this goes against the asymmetrical key theory, but usually there’s a difference between cryptography theory and practice, like hashes should be unique for every entry, but in practice there’s always the possibility of collisions.