According to the latest speculation, Intel may be planning to implement code signing and whitelisting into their future lines of processors. On first glance this sounds like a good idea to help alleviate the disaster that has been Windows security for so long, but there is one little detail that I am not sure Intel has considered: what about those of us that don't run Windows?
Friday, September 17, 2010
Wednesday, September 1, 2010
PPA (if on Ubuntu) or from SourceForge.
Saturday, August 7, 2010
I see posts on the Ubuntu forums quite often about keyloggers in Linux. Many people are under the impression that a keylogger can merely download itself onto a machine without any user intervention (like through a browser exploit) and suddenly begin logging keystrokes. Eventually, as the theory goes, the user will elevate privileges and the keylogger will steal the root password and send it back to some shady eastern European hacker. I call BS on this.
Monday, July 19, 2010
A new Washington Post piece was just released which details just how large the intelligence community has become post 9-11. We all knew that intelligence spending had increased dramatically, but this piece really sheds light on just how chaotic, unorganized, compartmentalized, and under-supervised the whole intelligence community is, despite efforts to improve it.
The program is finished and I hope it is of use to the many Linux newcomers who need an easy to use password generator with a GUI.
Sunday, July 18, 2010
Every e-mail that you send across the Internet is sent in plain text, meaning any individual sitting at one of the many hops between you and your recipient can read the message. And sniffing e-mail is not hard to do even for amateurs. Many ISP's have data retention policies where they retain every e-mail and website visited by every subscriber for a period of months (and sometimes years). Furthermore, the FBI is lobbying Congress to pass a law making such practices mandatory and expanding the length of time ISP's must retain data to 2 years. The NSA, as we all know, was caught spying wholesale on Internet communications at the various backbones (AT&T being one culprit that helped with the spying). If you live in the UK or many other countries, you already have Orwellian laws on the books making data retention mandatory. So, one must ask oneself: "Do I really want my ISP having access to all of the personal e-mails I have sent for the past couple of years?" I don't know about you, but I don't.
Therefore, I will use this post to cover e-mail encryption using the best tool for the job: GnuPG.
Friday, July 16, 2010
A lot of people post to the Ubuntu forums wondering about encryption options, or, more generally, how to secure their data in a number of different scenarios. There's a lot of questions one must ask oneself: do I want asymmetric or symmetric encryption? Do I want to encrypt a whole disk, container, or a single file? How about e-mail and IM encryption? Luckily all of these things can be done in a fairly straight-forward way with software your distro came with out of the box. This post will cover only encrypting files, folders, partitions and whole disks. It will not cover e-mail (I will save that for another post since it deserves special attention).