> ChrisAcheson.net_

Posts Tagged ‘encryption’

CryptoParty

Saturday, September 29th, 2012

This sounds familiar:

What is CryptoParty? Interested parties with computers, devices, and the desire to learn to use the most basic crypto programs and the fundamental concepts of their operation! CryptoParties are free to attend, public, and are commercially non-aligned.

I don’t have time these days to set something like this up for Rochester, but if someone does end up doing so, please ping me.

Cryptocat

Friday, June 8th, 2012

Well, this is cool:

Cryptocat lets you instantly set up secure conversations. It’s an open source encrypted, private alternative to other services such as Facebook chat.

Messages are encrypted inside your own browser using AES-256. Encrypted data is securely wiped after one hour of inactivity.

Cryptocat also runs as a Tor hidden service (http://xdtfje3c46d2dnjd.onion) and works on your iPhone, Android and BlackBerry.

It’s not the most secure means of doing encrypted communication, but it is the most accessible that I’ve seen so far.

PGP: Migrating Away from SHA-1

Saturday, May 9th, 2009

The SHA-1 hash that PGP and GnuPG use by default is now looking even
less secure than previously thought. It’s recommended that users begin
using SHA-2, and generate new keys to replace their 1024-bit DSA keys
which are dependent on SHA-1:

http://www.debian-administration.org/users/dkg/weblog/48

If you understand the instructions in the link above, you should
probably follow them soon. If you don’t understand them, don’t worry
too much, as your keys and signatures are still mostly safe for now,
they’re just not future-proof. You’ll probably want to wait until new
versions of your software are released with updated default settings,
and then generate new keys.

I’ve generated a new key for myself, which I’ve signed with the old key
and will be using from now on.

Firefox Portable + GnuPG + FireGPG = CryptoFox

Tuesday, May 5th, 2009

I’ve been talking about this for a while, but I finally got around to doing it.  I’ve put together a software package consisting of Firefox Portable, GNU Privacy Guard, and FireGPG.  I’m calling it “CryptoFox”.  You can download it here.

The idea behind this is to lower the barrier to entry for using PGP encryption.  If you want to communicate privately with someone, instead of having to guide them through the install process for 3 different components, you can just have them download CryptoFox and run it.  No installation is required.

It’s also a little tricky to set FireGPG and GnuPG up to function portably.  If you want to run them from a USB stick on any computer, I’ve already done the hard part for you.

PGP Keysigning Party at BarCampRochester4

Thursday, March 26th, 2009

I’m organizing a PGP keysigning party at this year’s BarCamp Rochester.  For those of you who are unfamiliar with PGP, it’s a system for sending encrypted messages.  More information can be found in this guide.  The purpose of a keysigning party is to integrate yourself into and expand PGP’s web of trust, which prevents participants from being tricked into addressing their messages to a clever eavesdropper rather than to their indended recipient.

BarCamp will take place on April 18th, on the third floor of the GCCIS building (#70) on RIT campus.  The keysigning party will happen at 2:00 PM.  If you’re interested in attending, you’ll need to do a little bit of preparation:

Before the Party

  1. Send me an email to let me know you’ll be there.  This isn’t absolutely necessary, but I’d like to get a rough estimate of how big the party will be.  You’re also encouraged (though not strictly required) to sign up for BarCamp and give some kind of presentation.
  2. If you don’t have one already, create a PGP keypair.
  3. Print out slips of paper with your key’s fingerprint, along with your name and the email address associated with the key.  You should be able to fit several of these onto a single sheet of paper (18 if you lay them out like so).  As of this writing I don’t know what the turnout will be like, but I’m guessing one sheet will be enough.
  4. Bring a pen and the slips of paper with you to the party.  Also bring identification, preferably two forms, at least one of which is a photo ID and one of which is government-issued.  Driver’s license, passport, etc.  Don’t bring a computer (or if you do, leave it powered off), you won’t need it.

(more…)