discontinued source-available disk encryption utility
POPULARITY
Wie funktioniert eigentlich die Verschlüsselung unserer Daten und Festplatten bzw. Storages?Viele Elemente deines Lebens spielen sich inzwischen digital ab. Deine Daten werden also immer wichtiger und somit auch sensibler. Niemand möchte, dass die eigenen Daten in falsche Hände geraten. Die eigenen Daten zu verschlüsseln ist da ein wichtiges Mittel zum Schutz dieser.Doch, wie funktioniert das ganze eigentlich, wenn man seine Laptop-Festplatte verschlüsselt? Wird jedes File einzeln verschlüsselt oder die Festplatte als Ganzes? Welche Algorithmen kommen da zum Einsatz? Wo wird eigentlich das Passwort bzw. der Verschlüsselungskey abgelegt? Wie kann ich die Integrität der Daten sicherstellen? Was ist eine Trust Zone? Was sind Evil-Maid- und Cold-Boot-Attacken? Und entschlüssel ich die Daten meines Storage-Devices eigentlich, wenn gar keine Tastatur zur Verfügung steht? Wie es z.B. bei IoT-Geräten der Fall ist?Das alles besprechen wir mit unserem Gast David Gstir.Bonus: Nerds in den Bergen.Unsere aktuellen Werbepartner findest du auf https://engineeringkiosk.dev/partnersDas schnelle Feedback zur Episode:
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russia uses a diabolical Windows flaw to attack Ukrainians. The value of old Security Now episodes. TrueCrypt's successor. Using Cloudflare's Tunnel service for remote network access. How to make a local server appear to be on a remote public IP. How to share an 'impossible to type' password with someone. How to find obscure previous references in the Security Now podcast. What are the parameters for the expected and widely anticipated next generation Artificial General Intelligence (AGI)? What do those in the industry and academia expect? And is OpenAI's Sam Altman completely nuts for predicting it next year? Is it just a stock ploy? Show Notes - https://www.grc.com/sn/SN-1001-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT 1password.com/securitynow canary.tools/twit - use code: TWIT
We're building a completely hidden Linux OS inside an existing system—with no trace left behind.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:
What's the best way to roll central authentication? What's the best Google replacement suite? This week Noah and Steve dig into hosting questions, as always your calls go to the front of the line! -- During The Show -- 01:36 PHP, Kanban etc - Joe Nextcloud Deck Our Note Organizer (https://github.com/JoeMrCoffee/OurNoteOrganizer) 03:40 NIX Feedback - Alexander People time rank/prioritize "What problem does it solve" is a framework Effective evangelizing Making something "sticky" No bad questions 13:22 Caller Tony from Toronto Central Authentication? FreeIPA (https://www.freeipa.org/page/Main_Page) Samaba4 Distros Zentyal (https://zentyal.com/) 20:48 Grimnir from Mumble Volumio (https://volumio.com/) Locking it down SSH Samaba Home Assistant (https://www.home-assistant.io/) Adding music Separate Volumio from the PI 25:00 Nextcloud? - Craig Nextcloud (https://nextcloud.com/) is challenging on iOS Head Scale (https://headscale.net/) SpiderOak Immich (https://immich.app/) SeaFile (https://www.seafile.com/en/home/) Encrypt locally, then upload to "cloud" Fastmail (https://www.fastmail.com/) 36:20 Vivaldi & Hosting questions - Ben Hugo (https://gohugo.io/) Altispeed Hosting Vivaldi 41:25 Database Questions - Anton Argument against DIY OpenEMR (https://www.open-emr.org/) Open Source No lock in Form editor CPT/ICD10 codes WikiJS (https://js.wiki/) Weasis (https://weasis.org/en/getting-started/download-dicom-viewer/) 47:26 News Wire OSI Election Results - opensource.org (https://opensource.org/blog/results-of-2024-elections-of-osi-board-of-directors) Red Hat Nova - lore.kernel.org (https://lore.kernel.org/dri-devel/Zfsj0_tb-0-tNrJy@cassiopeiae/) Linux 6.9 RC - lkml.iu.edu (https://lkml.iu.edu/hypermail/linux/kernel/2403.3/00300.html) Regata OS 24 - betanews.com (https://betanews.com/2024/03/19/regata-os-24-arctic-fox-linux/) Wine 9.5 - gitlab.winehq.org (https://gitlab.winehq.org/wine/wine/-/releases/wine-9.5) Kafka UI 1.0 - GitHub (https://github.com/kafbat/kafka-ui) Firefox 124 - Mozilla (https://www.mozilla.org/en-US/firefox/124.0/releasenotes/) Gnome 45.5 - Gnome (https://discourse.gnome.org/t/gnome-45-5-released/20043) Gnome 46 - Gnome (https://release.gnome.org/46/) Emacs 29.3 - Gnu.org (https://lists.gnu.org/archive/html/emacs-devel/2024-03/msg00611.html) Cmake 3.29 - Cmake.org (https://cmake.org/cmake/help/latest/release/3.29.html) OpenVPN - OpenVPN (https://openvpn.net/community-downloads/) SysVInit 3.09 - Phoronix (https://www.phoronix.com/news/SysVinit-3.09) Docker 26 - Docker (https://docs.docker.com/engine/release-notes/26.0/) Lemur Pro - System76 (https://blog.system76.com/post/lemur-pro-ultraportable-laptops) Devika - Market Tech Post (https://www.marktechpost.com/2024/03/25/meet-devika-an-open-source-ai-software-engineer-that-aims-to-be-a-competitive-alternative-to-devin-by-cognition-ai/) GitHub (https://github.com/stitionai/devika) Ubuntu LTS 12 Year Support - How To Geek (https://www.howtogeek.com/ubuntu-linux-legacy-support-program/) 49:05 Shufflecake Shufflecake (https://shufflecake.net/) Linux encryption tool Makes hidden volumes Spiritual successor to TrueCrypt and VeriCrypt GPG encryption -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/382) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)
We dig into Shufflecake, a tool that lets Linux users hide data with plausible deniability, then let our live stream SSH into our server and see if they can discover our secret data. Plus, we follow up on Brent's never-ending desktop distro search and Chris' new Linux rig.
Este episódio do Podcast traz a terceira parte da conversa sobre privacidade online com o lambda Giovanni Bassi e os convidados André Valenti, Guilherme Siquinelli e William Grasel, com foco em dispositivos e comunicadores. Entre no nosso grupo do Telegram e compartilhe seus comentários com a gente: https://lb3.io/telegram Feed do podcast: www.lambda3.com.br/feed/podcast Feed do podcast somente com episódios técnicos: www.lambda3.com.br/feed/podcast-tecnico Feed do podcast somente com episódios não técnicos: www.lambda3.com.br/feed/podcast-nao-tecnico Lambda3 · #314 - VPN e Privacidade - Parte 3 Pauta: Privacidade nos comunicadores: WhatsApp, Telegram, etc Criptografia de dispositivos: Bitlocker, Samsung Knox, Truecrypt etc, e plausible deniability Proteção em caso roubo de celulares Participantes: André Willik Valenti - @awvalenti Giovanni Bassi - @giovannibassi Guilherme Siquinelli - @guiseek William Grasel - @willgmbr Links: Lambda3 Blog - Dicas de segurança com tecnologia AppLock Helper do AppLock CEO do WhatsApp diz que não deixará governos acessarem mensagens de usuários Edição: Compasso Coolab Créditos das músicas usadas neste programa: Music by Kevin MacLeod (incompetech.com) licensed under Creative Commons: By Attribution 3.0 - creativecommons.org/licenses/by/3.0
Original Air Date — June the 1st, 2014 NEW site: https://www.worldcryptonetwork.com/ WCN CLIPS: https://www.youtube.com/channel/UClCE... WCN MERCH: shop.worldcryptonetwork.com Subscribe to the WCN Audio Podcast on Itunes: https://itunes.apple.com/us/podcast/w... Featuring...Will Pangman (http://bitcoinmke.org) Kristov Atlas (https://twitter.com/kristovatlas) and Thomas Hunt (https://twitter.com/MadBitcoins) THIS WEEK:1. Dish Networks accepts Bitcoinhttp://abcnews.go.com/Technology/wire...2. Tens of thousands of 'Watch Dogs' pirates ENSLAVED by Bitcoin botmasterhttp://www.theregister.co.uk/2014/05/...3. Report Claims Bot Manipulated Bitcoin Price on Mt. Goxhttp://www.foxbusiness.com/markets/20...4. Choose your own topic -- Good News, Bad News and More Bad News:5. Coinffeine to Challenge Centralized Bitcoin Exchanges with Distributed Alternative http://www.coindesk.com/coinffeine-ce...6. Popular Encryption Tool TrueCrypt Mysteriously Shuts Downhttp://www.coindesk.com/popular-encry...7. Darkcoin Price in Turmoil Following Emergency Fork, Network Issueshttp://www.coindesk.com/darkcoin-pric...---------------------------------------------------------------------World Crypto Network https://www.worldcryptonetwork.com/ On This Day in World Crypto Network History https://www.worldcryptonetwork.com/on... WCN: Hosts & Guests https://www.worldcryptonetwork.com/ta... WCN: Topic https://www.worldcryptonetwork.com/ta... WCN Clips - YouTube https://www.youtube.com/channel/UClCE... World Crypto Network Store | Teespring teespring.com/stores/world-crypto-net... --------------------------- Please Subscribe to our Youtube Channel https://www.youtube.com/user/WorldCry..
table td.shrink { white-space:nowrap } New hosts There were no new hosts this month. Last Month's Shows Id Day Date Title Host 3542 Tue 2022-03-01 The Worst Car I Ever Had Beeza 3543 Wed 2022-03-02 Idle thoughts on web browsers dnt 3544 Thu 2022-03-03 All my microphones Andrew Conway 3545 Fri 2022-03-04 How I make coffee Archer72 3546 Mon 2022-03-07 HPR Community News for February 2022 HPR Volunteers 3547 Tue 2022-03-08 Password Managers Some Guy On The Internet 3548 Wed 2022-03-09 Make a custom Git command klaatu 3549 Thu 2022-03-10 Linux Inlaws S01E51: git and static site generators monochromec 3550 Fri 2022-03-11 Format; Copy; Diskcopy; Xcopy Ahuka 3551 Mon 2022-03-14 Bash snippet - some possibly helpful hints Dave Morriss 3552 Tue 2022-03-15 Unboxing a PineTime development kit Rho`n 3553 Wed 2022-03-16 Freedom of speech in open source Some Guy On The Internet 3554 Thu 2022-03-17 Guide to the Science and Technology Section of Bitchute Mechatroniac 3555 Fri 2022-03-18 PopKorn Episode 1: The Fallacy of the Unreasonable Effectiveness of Mathematics in the ETC BlacKernel 3556 Mon 2022-03-21 TTS for HPR takov751 3557 Tue 2022-03-22 A short story about Lenovo and laptop batteries folky 3558 Wed 2022-03-23 How I'm learning Haskell tuturto 3559 Thu 2022-03-24 Linux Inlaws S01E52: The Zig Project monochromec 3560 Fri 2022-03-25 LCh Components Layer Modes Ahuka 3561 Mon 2022-03-28 Employment security Archer72 3562 Tue 2022-03-29 Creating a new project with Haskell and Stack tuturto 3563 Wed 2022-03-30 Home Coffee Roasting, part 1 dnt 3564 Thu 2022-03-31 Removing EXIF data from an image Dave Morriss Comments this month These are comments which have been made during the past month, either to shows released during the month or to past shows. There are 21 comments in total. Past shows There are 7 comments on 7 previous shows: hpr1743 (2015-04-08) "Scale 13x Part 1 of 6" by Lord Drachenblut (R.I.P.). Comment 1: Ken Fallon on 2022-03-05: "Thank you Lord D" hpr1780 (2015-05-29) "16 - TrueCrypt and GnuPG - An Update" by Ahuka. Comment 4: elmussol on 2022-03-27: "mistag" hpr3461 (2021-11-08) "Changes to HPR Branding" by HPR Volunteers. Comment 2: Bentley Sorsdahl on 2022-03-12: "The TTS voice" hpr3496 (2021-12-27) "How I record HPR Episodes" by norrist. Comment 3: dnt on 2022-03-09: "I use it" hpr3515 (2022-01-21) "ADB and scrcpy" by Ken Fallon. Comment 1: Archer72 on 2022-03-03: "On my list" hpr3533 (2022-02-16) "Porridge" by dnt. Comment 4: Windigo on 2022-03-18: "Very informative" hpr3534 (2022-02-17) "Vernier caliper" by Ken Fallon. Comment 3: Michael on 2022-03-10: "Unit missmatch" This month's shows There are 14 comments on 8 of this month's shows: hpr3546 (2022-03-07) "HPR Community News for February 2022" by HPR Volunteers. Comment 1: dnt on 2022-03-09: "Thank you" hpr3551 (2022-03-14) "Bash snippet - some possibly helpful hints" by Dave Morriss. Comment 1: Some Guy On The Internet on 2022-03-20: "Bash for the Win."Comment 2: Dave Morriss on 2022-03-21: "Hi SGOTI" hpr3552 (2022-03-15) "Unboxing a PineTime development kit" by Rho`n. Comment 1: Some Guy On The Internet on 2022-03-26: "Development on Pinetime" hpr3553 (2022-03-16) "Freedom of speech in open source" by Some Guy On The Internet. Comment 1: Trey on 2022-03-16: "Great Intro"Comment 2: Trey on 2022-03-16: "Important topic"Comment 3: Beeza on 2022-03-17: "Free Speech"Comment 4: Ken Fallon on 2022-03-17: "My thoughts"Comment 5: jezra on 2022-03-22: "the show" hpr3557 (2022-03-22) "A short story about Lenovo and laptop batteries" by folky. Comment 1: Some Guy On The Internet on 2022-03-31: "Thank you." hpr3558 (2022-03-23) "How I'm learning Haskell" by tuturto. Comment 1: Some Guy On The Internet on 2022-03-23: "Nicely done."Comment 2: tuturto on 2022-03-24: "Good idea" hpr3563 (2022-03-30) "Home Coffee Roasting, part 1" by dnt. Comment 1: tuturto on 2022-03-31: "Very interesting" hpr3564 (2022-03-31) "Removing EXIF data from an image" by Dave Morriss. Comment 1: Some Guy On The Internet on 2022-03-31: "Much Respect" Mailing List discussions Policy decisions surrounding HPR are taken by the community as a whole. This discussion takes place on the Mail List which is open to all HPR listeners and contributors. The discussions are open and available on the HPR server under Mailman. The threaded discussions this month can be found here: https://hackerpublicradio.org/pipermail/hpr_hackerpublicradio.org/2022-March/thread.html Events Calendar With the kind permission of LWN.net we are linking to The LWN.net Community Calendar. Quoting the site: This is the LWN.net community event calendar, where we track events of interest to people using and developing Linux and free software. Clicking on individual events will take you to the appropriate web page. Any other business Access problems from Argentina An HPR listener from Argentina reports that the HPR site is unavailable from there. This applies both to an ISP connection and on a mobile phone. It's not clear what is causing this. Reportedly the problem was resolved on March 30th but the next day it returned and at the time of writing the HPR site is still unavailable. Older HPR shows on archive.org As reported on the last Community News all shows in the range 1-870 had been uploaded except for shows hpr0001 - hpr0003. Shows hpr0001 and hpr0002 had been "blocked" by existing non-HPR items from over 8 years ago, with the names we were going to assign. Show hpr0003 seemed to have been an early attempt to upload blocks of shows since it contained the audio for shows 1-9, but no notes. We received help with clearing the slots for shows 1 and 2 from Jason Scott of the Internet Archive, and the correct shows have now been uploaded. Show hpr0003 has now been resolved by replacing the contents with the appropriate transcoded audio and the notes have been added to it. We can now consider this project to be complete!
The misinformation spread during the COVID-19 pandemic has made what happened with the 2016 U.S. elections look like the “good old days.” Epidemiologists are on center stage trying to explain complex topics to billions of people concerned for their lives-- and sometimes politicians are aiming to do the same. The multiplier effect is how hopelessly entangled challenging technical issues like end to end encryption and contact tracing via bluetooth on mobile phones are now also being publicly debated.The most natural reaction? Confusion. Kenn White is here to help.During our 60 minute conversation with Kenn, Jack and Dave go past the headlines trumpeting Zoom’s security issues in an attempt to lay bare the real issues with their recent missteps. Their initially misleading claims around end to end (E2E) encryption is our primary focus, but before diving deep into Zoom, Kenn explains exactly how hard it is to make it work by describing his 2 year journey to deliver E2E encryption at MongoDB. We pull apart the remaining concerns and Zoom’s impressive response to provide our take on just how worried you should be, from Johnson Elementary School to the defense industrial base.Kenn has a unique perspective on the idea to use contact tracing via Bluetooth to identify who infected people have been in proximity to in order to slow the spread of a disease. Having spent 10+ years supporting clinical trials, he explains why using our mobile phones to make contact tracing during the COVID-19 pandemic is unlikely to be successful in the near future. We hope this conversation with Kenn brings you clarity and calm at a time when both are in short supply.Note: We spend the first ~15 minutes talking about coping strategies during the pandemic. If you’d like to jump straight to the content focused on E2E encryption it begins right around the 15 minute mark.About KennKenneth White is a security engineer whose work focuses on networks and global systems. He is co-founder and Director of the Open Crypto Audit Project and led formal security reviews on TrueCrypt and OpenSSL. He currently leads applied encryption engineering in MongoDB's global product group. He has directed R&D and security Ops in organizations ranging from startups to nonprofits to defense agencies to the Fortune 50. His work on applied signal analysis has been published in the Proceedings of the National Academy of Sciences. His work on network security and forensics has been cited by the Wall Street Journal, Reuters, Wired, and the BBC. He tweets about security, privacy, cryptography, and biscuits: @kennwhite.
Nel gruppo Telegram Stefano - @FStefanoF - ci parla di Truecrypt (da non usare piu'). Credevo di aver fatto piu' di una puntata ma era una vecchia.Quindi ho aggiornato il tema parlandone di nuovo e suggerendo un altro trucco per far passare inosservato un file.Ricordate pero': qualsiasi cosa si registra su un pc puo' essere sempre ritrovato. Sempre.ps: provate https://www.veracrypt.fr/en/Home.html
The Bitcoin Foundation in trouble? Are hackerspaces government owned? Also, thoughts on recent Silk Road case developments, an incredible Tool of the Week, and much, much more… Special Guest: Dr. Stephanie Murphy (twitter: @S_Murphy_Phd) Stories of the Week:--Random Access: NEW WEBSITE!!, Something the Stallion learned about cable TV this week, Facebook Scrapbook for kids, April Fool’s Week, the Amazon Dash button, Microsoft is 40, TrueCrypt is mostly okay.--“The Bitcoin Foundation” Link: bit.ly/19RPnrG Tech Roulette:--“Hackerspaces, Science, and the Gov That Owns Them” Link: nyti.ms/1j1kTml Important Messages:--”Self-driving cars and insurance companies? New intros?” Tool of the Week:--“minilock.io” Link: minilock.io/ Hacksec:--”Government Silk Road” Link: bit.ly/1awxrUR The Climax:--“The Libertarian Republic” APPENDIX:--”Help get LRN back on in Africa!” Link: bit.ly/1FuObG7--”Telebit” Link: www.telebit.org/--”Libreboot X200” Link: bit.ly/1FI57ew---------------------------------------------------------------------------------------------------Make easy monthly donations through Patreon: www.patreon.com/sovryntechAnd you can tip me at: sovryntech.tip.me---------------------------------------------------------------------------------------------------NXT: NXT-4V3J-VA4W-4EY3-GUWV2NAMECOIN: NHfN1kpj8G9aUCCHuummBKa8mPvppN1UFaLITECOIN: LLUXwfWrKDpuK38ZnPD14K6zc6rUaRgo9WBITCOIN: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d---------------------------------------------------------------------------------------------------Don’t forget you can e-mail the show at: brian@zomiaofflinegames.comAlso at Protonmail.ch at: anarchy@protonmail.chI’m also on Telegram: @SovrynMinilock.io ID: 67JpL89QkmcJHC9KMGjcNy9VrwsNYDpfCQu9gKXGijVVYBitMessage: BM-NBMFb4W42CqTaonxApmUji1KNbkSESki---------------------------------------------------------------------------------------------------You can also visit our IRC channel on Freenode: #SovrynBalnea---------------------------------------------------------------------------------------------------www.sovryntech.comwww.twitter.com/sovryntechplus.google.com/+BrianSovryn1i/liberty.me/members/briansovryn/www.facebook.com/BrianSovryninstagram.com/Bsovryn/steamcommunity.com/id/ninjaprogram/
The Bitcoin Foundation in trouble? Are hackerspaces government owned? Also, thoughts on recent Silk Road case developments, an incredible Tool of the Week, and much, much more… Special Guest: Dr. Stephanie Murphy (twitter: @S_Murphy_Phd) Stories of the Week:--Random Access: NEW WEBSITE!!, Something the Stallion learned about cable TV this week, Facebook Scrapbook for kids, April Fool’s Week, the Amazon Dash button, Microsoft is 40, TrueCrypt is mostly okay.--“The Bitcoin Foundation” Link: bit.ly/19RPnrG Tech Roulette:--“Hackerspaces, Science, and the Gov That Owns Them” Link: nyti.ms/1j1kTml Important Messages:--”Self-driving cars and insurance companies? New intros?” Tool of the Week:--“minilock.io” Link: minilock.io/ Hacksec:--”Government Silk Road” Link: bit.ly/1awxrUR The Climax:--“The Libertarian Republic” APPENDIX:--”Help get LRN back on in Africa!” Link: bit.ly/1FuObG7--”Telebit” Link: www.telebit.org/--”Libreboot X200” Link: bit.ly/1FI57ew---------------------------------------------------------------------------------------------------Make easy monthly donations through Patreon: www.patreon.com/sovryntechAnd you can tip me at: sovryntech.tip.me---------------------------------------------------------------------------------------------------NXT: NXT-4V3J-VA4W-4EY3-GUWV2NAMECOIN: NHfN1kpj8G9aUCCHuummBKa8mPvppN1UFaLITECOIN: LLUXwfWrKDpuK38ZnPD14K6zc6rUaRgo9WBITCOIN: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d---------------------------------------------------------------------------------------------------Don’t forget you can e-mail the show at: brian@zomiaofflinegames.comAlso at Protonmail.ch at: anarchy@protonmail.chI’m also on Telegram: @SovrynMinilock.io ID: 67JpL89QkmcJHC9KMGjcNy9VrwsNYDpfCQu9gKXGijVVYBitMessage: BM-NBMFb4W42CqTaonxApmUji1KNbkSESki---------------------------------------------------------------------------------------------------You can also visit our IRC channel on Freenode: #SovrynBalnea---------------------------------------------------------------------------------------------------www.sovryntech.comwww.twitter.com/sovryntechplus.google.com/+BrianSovryn1i/liberty.me/members/briansovryn/www.facebook.com/BrianSovryninstagram.com/Bsovryn/steamcommunity.com/id/ninjaprogram/
This week's Tools, Tips and Tricks episode talks about VeraCrypt. If you care about protecting your very sensitive data, hard drives, USB drives then VeraCrypt is for you. The successor to the very popular and powerful TrueCrypt (now defunct), VeraCrypt offers the same powerful encryption capabilities for your use. This episode goes into the details on how it can be helpful for your personal IT security. Download: https://www.veracrypt.fr/en/Home.html Be aware, be safe. ------------------------------------ Website - https://www.binaryblogger.com Podcast Page - http://securityinfive.libsyn.com Podcast RSS - http://securityinfive.libsyn.com/rss Twitter @binaryblogger - https://www.twitter.com/binaryblogger iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2 YouTube - https://www.youtube.com/binaryblogger TuneIn Radio - Security In Five Channel Spotify - Security In Five Podcast Page Email - contactme@binaryblogger.com
small business systems and gdpr compliance Why are systems more important for your Small Business than goals? Join us today for episode 173 of the Small Business Show to learn more about this awesome technique to accelerate your success. After the systems discussion, we jump into details of the recently enacted GDPR privacy and data management laws enacted by the EU. Does your Small Business need to worry about the GDPR? You'll want to listen in to find out if you do and how to comply. Listen in for all this and more, then join us on the Small Business Support Group to share your thoughts! 00:00:00 Small Business Show #173 for Wednesday, May 30, 2018 00:01:30 Goals vs. Systems 00:07:12 Breakthroughs come from Systems 00:07:58 Treat the carrot as the byproduct 00:12:00 Your business is not THAT business, it's YOUR business 00:13:40 Contact Shannon and Dave: feedback@businessshow.co or Small Business Support Group 00:13:52 The GDPR Talk 00:18:38 The burden of GDPR Xero.com GDPR Small Business Guide 00:21:02 The eventual poster child 00:26:27 Act in Good Faith, Follow the Instructions 00:28:06 Passwords are insufficient FileVault 2 TrueCrypt is dead! Check VeraCrypt or CipherShed 00:30:00 Protecting Customer Data and Privacy 00:32:53 On the internet, we need speed limits, stop signs, and maybe even speed bumps 00:35:58 SBS 173 Outtro
5 juli-podden goes bokcirkel, typ, och först ut är Kevin Mitnicks bok The Art of Invisibility. Boken blir vår utgångspunkt för ett samtal om personlig it-säkerhet: Truecrypt och Veracrypt, evil maid- och cold boot-attacker, USB rubber ducky och inte minst de ack så viktiga USB-kondomerna. Är boken då läsvärd? Nej. Varför får du höra i avsnittet. Vi nämner även boken Dark Territory: The Secret History of Cyber War av Fred Kaplan. Githubprojektet vi nämner är sshluks - LUKS crypto containers over SSHFS on untrusted remote storage: https://github.com/fw42/sshluks Vi hälsar Karl Ståhl välkommen till 5 juli-podden, som leds av Karl Andersson som en del av 5 juli-stiftelsens arbete för ett fritt internet. Inspelat i Stockholm och Berlin fredagen den 16 februari 2018.
Spielabend mit Nichten und Neffen Schwarzer Freitag Senseo Kaffeemaschine Office 365 Windows Rechner neu installiert HTTPS Fehlersuche TrueCrypt TrueCrypt fürn Mac anpassen Die Landfunker Weihnachtsfeier
Auction professionals spend a lot of time working on their laptops and never know when disaster might strike. In this episode, host Aaron Traffas looks at preventative measures that can save both time and stress when, not if, a computer is broken or stolen. Subscribe on iTunes | Google Play | Stitcher Today’s SponsorsGlobal Auction Guide Episode Linkshttp://www.auctioneertech.com The Fast Talking Podcast is a small business building podcast as seen through the lens of auctioneers and auction professionals. Focusing on social media, marketing strategies, finance, operations, human resources, and time management, we provide focused discussions on important topics weekly. ----- Episode 190: Transcription Hello and welcome to the Fast Talking Podcast. My name is Aaron Traffas and I'm excited to once again be your guest host for today's episode. We auctioneers store large amounts of important and sensitive information on our laptops. What happens to our work if our computer is broken or, worse, stolen? We'll examine two crucial preventative measures that will save us both time and stress in just a moment after a word from our sponsor. [sponsor] I wrote the article that inspired this episode recently for the Colorado Auctioneers Association quarterly newsletter which, this quarter, is focused on technology. After making sure we're using strong passwords, which was the topic of my last appearance on the Fast Talking Podcast, I feel that backup and encryption are the two next steps auctioneers need to make as we strive to make sure our data is secure and our work is safe. It was 2007. NAA Conference and Show was in San Diego. My bags were packed in my truck. I swung by the office to grab my computer and other electronics that I'd need for the week in California. As I walked out the door for my two hour drive from Manhattan, Kansas, to the Kansas City airport, I realized I'd forgotten something. I sat my computer bag on the ground next to my pickup's passenger door and went back inside. When I returned, I got in my truck, cranked the wheel to the left and backed out, only to realize that my front tire just rolled over my laptop bag. My computer — and my mood — was crushed. I had unfinished work for upcoming auctions that I'd planned to do on the plane and I had no time before my flight to prep another computer. It made for an interesting and uncomfortable trip. Broken hardware is one thing, but what if I'd lost the computer? What if instead of picking up pieces off the ground, I was instead unsure of where it was? Had it fallen into malicious hands? Were all the accounts that I'd logged in to now at risk of being compromised? It's always better to know a computer is destroyed than to wonder if someone is combing through the data. The scenario is simple — at any time, you can suddenly lose your laptop. In order to make sure that the only cost to you is the value of the hardware, it's crucial that your computer is encrypted and backed up properly. Encryption Computer encryption can get very technical very quickly, but for our purposes it simply means a way of scrambling the data on the computer's hard drive so it can't be read by anyone who doesn't have the password. The password to login to Windows isn't enough, as it's fairly trivial to bypass. The correct solution is called full disk encryption, where everything on the computer is encrypted for everyone who doesn't have the password. For many years, the right answer for encryption was a product called TrueCrypt. It was free software and the encryption was bulletproof. A few years ago, the TrueCrypt project closed down. Luckily it's successor, called VeraCrypt, is also free and based on much of the same code base as TrueCrypt. Since it's open source, third parties have been able to audit the software to make sure there aren't backdoors or other ways for criminals or governments to bypass the encryption. Operating systems have their own versions of encryption. Windows has BitLocker and Apple has FileVault. While I'll always prefer a free and open source solution over one from an operating system provider, these solutions may be a good fit in some situations. Many modern laptops also provide built-in encryption options on the hardware level. Many of these might work as well as VeraCrypt, though there's no way to guarantee there isn't a backdoor. Sometimes, a laptop's password simply prevents the laptop from booting up and doesn't actually encrypt the data. This means someone could simply remove the hard drive and put it in another computer to access your files. Make sure if you're using a built-in password function on your laptop that it's actually encrypting the data. Only by using full disk encryption can you rest assured that if your computer falls into the wrong hands, all your data about your auctions, customers, clients and personal accounts won't be at risk. Entering a password every time you boot your computer is a small price to pay for that peace of mind. Backup Encryption prevents the bad guys from getting your data, but what about losing your work? If you drive over your laptop with the front wheel of a diesel pickup, how do you get your files off of a hard drive that's in pieces on the ground? In addition to the possibility of losing your computer, new viruses called ransomware actually encrypt your files and make you pay a ransom before giving you the key to decrypt them. A good backup solution can mitigate a ransomware infection by allowing you to restore the unencrypted versions of your files. There is a frequently recited rule of backup called 3-2-1. You need three copies of your data, on two different mediums and one needs to be offsite. Simply buying an external hard drive and copying your files there is better than nothing, but it's also grossly insufficient and inefficient. A good backup solution will run continually in the background, copying versions of your files offsite as you create them, so you don't notice it until you need it. In much the way that TrueCrypt was the best answer for encryption, there was also a best answer for backup called Crashplan. Crashplan allowed users to backup to friends for free. I wrote on my AuctioneerTech blog in 2012 how this was a perfect backup solution that didn't have a monthly fee like most of the backup services. Unfortunately, a few weeks ago, Crashplan announced that it's discontinuing its free version in October 2018. While I've been hunting for a replacement, it's unlikely that anything will be as simple as Crashplan to use without a monthly fee. There are still myriad subscription backup services. Some of the best known are Carbonite, Backblaze and Mozy, and each has a different pricing plan based on the amount of data to store and how many computers will be using the service. As you shop around for the best deal, pay attention to the cost to get your data back. In 2011, I lost 2 terabytes of data that was backed up with Mozy. Only then did I learn that they charged $.50 per gigabyte to restore the data, and I had to come up with the $1000 within 30 days before my files were deleted. In the auction business, like any business, time is money. Some backup solution is better than nothing. In my search for a Crashplan replacement, I've found a lot of negative comments about Carbonite and a lot of positive comments about Backblaze, so if I were looking for a simple turn-key subscription backup service, I'd probably start with Backblaze. Wrap-up In summary, disaster happens when we least expect it. We need to take steps now to ensure that when, not if, we lose a computer, it might cost us money to replace the device but it doesn't cost us time to recreate all our work or, worse, cost us sleep worrying about who might have our data and what he or she might be doing with it. And now, here's a word from our sponsor. [sponsor] I'd like to thank Andy for giving me the opportunity to guest host the Fast Talking Podcast this week. The show is built for you, the fast talking nation. We're always looking for suggestions and feedback, so if you have an idea for great topic or guest you think would be a good fit, leave a comment on fasttalkingpodcast.com or find us @auctionpodcast on Twitter or facebook.com/fasttalkingpodcast. My blog is auctioneertech.com and if you'd like to contact me personally, find me on Twitter @traffas or, better yet, email aaron.traffas@purplewave.com With that, we want to thank you for gifting us with your time. As always, be sure to like, favorite and share this podcast in whichever venue you choose to listen. We enjoy creating this podcast for you and strive to share this industry we love with more and more people each week. I'm Aaron Traffas. Thanks for listening. Now go sell something.
Spreading the DDoS Disease & selling the cure, we have the audit results of TrueCrypt’s replacement & a comprehensive history of the most important events that shaped the SSL ecosystem. Plus your great questions, our answers & much... Much MORE!
Spreading the DDoS Disease & selling the cure, we have the audit results of TrueCrypt’s replacement & a comprehensive history of the most important events that shaped the SSL ecosystem. Plus your great questions, our answers & much... Much MORE!
Spreading the DDoS Disease & selling the cure, we have the audit results of TrueCrypt’s replacement & a comprehensive history of the most important events that shaped the SSL ecosystem. Plus your great questions, our answers & much... Much MORE!
Canonical is not first to the live patching game, but they could have the best take on it. VeraCrypt, the successor to TrueCrypt, audit results are out & KDE shares their long term plans for the Plasma Desktop. Then we bust some brewing Linux FUD and misconceptions & ponder the role of Free Software in a world that doesn't care.
Episode 2 of The Complete Privacy & Security Podcast. We continue our updates from the book and discuss the differences in TrueCrypt vs. VeraCrypt.
Intro / Outro Run The Jewels - A Christmas F*cking Miracle https://www.youtube.com/watch?v=OQ5rI461KNE 0:02:41 Bitcoin's Creator Satoshi Nakamoto Is Probably This Unknown Australian Genius http://goo.gl/uDsciu Satoshi Nakamoto Not Eligible For Nobel Prize - CCN: Financial Bitcoin & Cryptocurrency News https://t.co/bPqMWsznSK?ssr=true Time To Call A Hoax? Inconsistencies On 'Probable' Bitcoin Creator's PhD And Supercomputers Revealed http://goo.gl/6oYsmQ 0:06:16 If you are using TrueCrypt you should stop. Hashcat is now optimized to crack TrueCrypt volumes. http://ow.ly/VGS0O 0:07:03 How the AM hack changed the victims’ lives https://t.co/YFWfXHranh?ssr=true 0:08:14 Hacker Confirms PlayStation 4 Jailbreak! Exploit Could Open Doors for Pirated Games http://goo.gl/hWsbNr Hacking the PS4, part 2 https://cturt.github.io/ps4-2.html 0:09:16 Unauthorized code in Juniper ScreenOS allows for administrative access https://goo.gl/DYccDI 0:11:40 Back to 28: Grub2 Authentication 0-Day http://goo.gl/YPWQfV Критическая уязвимость в загрузчике Grub2 позволяет обходить защиту паролем http://habrahabr.ru/company/pt/blog/273389/ 0:12:46 DDoS on DNS http://goo.gl/PpwO0P Корневые DNS-серверы пережили необычную DDoS-атаку https://goo.gl/oEyQv3 0:16:08 MacKeeper data breach https://goo.gl/pKhzXI 0:20:20 Critical Remote Root Zero-Day In FireEye Appliances https://t.co/eB1h1ERkKc?ssr=true 0:24:08 PCI security standards council revises date for migrating off vulnerable SSL and early TLS encryption (pdf) https://goo.gl/t7cWWX Let's Encrypt says get your free digital security certificates here http://ow.ly/VvsGR Let's Encrypt! Get started. https://goo.gl/obXu3I Certificates for US sanctioned countries https://t.co/YuzRxyoLa5?ssr=true 0:25:55 MIT Creates Untraceable Anonymous Messaging System Called Vuvuzela http://goo.gl/7U7MZD 0:28:35 No root for you! Google slams door on Symantec certs http://goo.gl/QzuuqY 0:29:38 Donald Trump thinks he can call Bill Gates to 'close up' the internet https://t.co/IRSagBPu2S?ssr=true 0:33:45 Shocking! Instagram HACKED! Researcher hacked into Instagram Server and Admin Panel https://goo.gl/nRwG8l 0:35:09 A Different Kind of POP: The Joomla Unserialize Vulnerability https://goo.gl/qhTwbx 0:38:08 A 2008 book by Craig S. Wright contains plagiarism https://goo.gl/WvNluk 0:42:36 Google Search starts indexing HTTPS pages by default https://t.co/0q3PP17SVj?ssr=true 0:43:10 Kazakhstan Announces Plan to Spy on Encrypted Internet Traffic https://t.co/3pyRc5pZFG?ssr=true 0:51:45 Troy Hunt: When children are breached – inside the massive VTech hack http://goo.gl/mnbU6p Hacker Obtained Childrens' Headshots and Chatlogs From Toymaker VTech http://goo.gl/YDd9N7 VTech Hacker Explains Why He Hacked the Toy Company http://goo.gl/6uvFbm 0:52:46 First ever EU rules on cybersecurity https://t.co/Htj7dFDbZx?ssr=true 0:56:36 I included emoji in my password and now I can't log in to my Account on Yosemite http://goo.gl/w1IOi1 0:59:15 Хакера з України, підозрюваного в крадіжці 80 млн, затримали в Кракові http://goo.gl/jDXfcG 0:59:51 Неудачное обновление ПО SAP в Deutsche Post DHL https://t.co/IH2qJS2mFH?ssr=true 1:06:45 Tails 1.8 is out https://goo.gl/AZPeLh 1:06:50 What a nice holiday gift. https://pbs.twimg.com/media/CWJnwrRU8AAT3zo.jpg 1:07:21 Python Extension · rapid7/metasploit-framework Wiki · GitHub https://goo.gl/8uggx6 1:07:58 Craig S. Wright - "The IT Regulatory and Standards Compliance Handbook" Contains Plagiarism http://goo.gl/gKtVMw 1:08:14 The Happiness Advantage: The Seven Principles of Positive Psychology That Fuel Success and Performance at Work http://goo.gl/LUH5T
Horst JENS, Gregor PRIDUN und Denis K. plaudern über freie Software und andere Nerd-Themen. Shownotes auf http://goo.gl/Cofcns oder http://biertaucher.at
Coming up this time on the show, we'll be chatting with Lee Sharp. He's recently revived the m0n0wall codebase, now known as SmallWall, and we'll find out what the future holds for this new addition to the BSD family. Answers to your emails and all this week's news, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSDCan and pkgsrcCon videos (https://www.youtube.com/channel/UCAEx6zhR2sD2pAGKezasAjA/videos) Even more BSDCan 2015 videos are slowly but surely making their way to the internet Nigel Williams, Multipath TCP for FreeBSD (https://www.youtube.com/watch?v=P3vB_FWtyIs) Stephen Bourne, Early days of Unix and design of sh (https://www.youtube.com/watch?v=2kEJoWfobpA) John Criswell, Protecting FreeBSD with Secure Virtual Architecture (https://www.youtube.com/watch?v=hRIC_aF_u24) Shany Michaely, Expanding RDMA capability over Ethernet in FreeBSD (https://www.youtube.com/watch?v=stsaeKvF3no) John-Mark Gurney, Adding AES-ICM and AES-GCM to OpenCrypto (https://www.youtube.com/watch?v=JaufZ7yCrLU) Sevan Janiyan, Adventures in building (https://www.youtube.com/watch?v=-HMXyzybgdM) open source software (https://www.youtube.com/watch?v=Xof-uKnQ6cY) And finally, the BSDCan 2015 closing (https://www.youtube.com/watch?v=Ynm0bGnYdfY) Some videos (https://vimeo.com/channels/pkgsrccon/videos) from this year's pkgsrcCon (http://pkgsrc.org/pkgsrcCon/2015/) are also starting to appear online Sevan Janiyan, A year of pkgsrc 2014 - 2015 (https://vimeo.com/channels/pkgsrccon/132767946) Pierre Pronchery, pkgsrc meets pkg-ng (https://vimeo.com/channels/pkgsrccon/132766052) Jonathan Perkin, pkgsrc at Joyent (https://vimeo.com/channels/pkgsrccon/132760863) Jörg Sonnenberger, pkg_install script framework (https://vimeo.com/channels/pkgsrccon/132757658) Benny Siegert, New Features in BulkTracker (https://vimeo.com/channels/pkgsrccon/132751897) This is the first time we've ever seen recordings from the conference - hopefully they continue this trend *** OPNsense 15.7 released (https://forum.opnsense.org/index.php?topic=839.0) The OPNsense team has released version 15.7, almost exactly six months after their initial debut (http://www.bsdnow.tv/episodes/2015_01_14-common_sense_approach) In addition to pulling in the latest security fixes from upstream FreeBSD, 15.7 also includes new integration of an intrusion detection system (and new GUI for it) as well as new blacklisting options for the proxy server Taking a note from upstream PF's playbook, ALTQ traffic shaping support has finally been retired as of this release (it was deprecated from OpenBSD a few years ago, and the code was completely removed (http://undeadly.org/cgi?action=article&sid=20140419151959) just over a year ago) The LibreSSL flavor has been promoted to production-ready, and users can easily migrate over from OpenSSL via the GUI - switching between the two is simple; no commitment needed Various third party ports have also been bumped up to their latest versions to keep things fresh, and there's the usual round of bug fixes included Shortly afterwards, 15.7.1 (https://forum.opnsense.org/index.php?topic=915.0) was released with a few more small fixes *** NetBSD at Open Source Conference 2015 Okinawa (https://mail-index.netbsd.org/netbsd-advocacy/2015/07/04/msg000688.html) If you liked last week's episode (http://www.bsdnow.tv/episodes/2015_07_01-lost_technology) then you'll probably know what to expect with this one The NetBSD users group of Japan hit another open source conference, this time in Okinawa This time, they had a few interesting NetBSD machines on display that we didn't get to see in the interview last week We'd love to see something like this in North America or Europe too - anyone up for installing BSD on some interesting devices and showing them off at a Linux con? *** OpenBSD BGP and VRFs (http://firstyear.id.au/entry/21) "VRFs (https://en.wikipedia.org/wiki/Virtual_routing_and_forwarding), or in OpenBSD rdomains, are a simple, yet powerful (and sometimes confusing) topic" This article aims to explain both BGP and rdomains, using network diagrams, for some network isolation goodness With multiple rdomains, it's also possible to have two upstream internet connections, but lock different groups of your internal network to just one of them The idea of a "guest network" can greatly benefit from this separation as well, even allowing for the same IP ranges to be used without issues Combining rdomains with the BGP protocol allows for some very selective and precise blocking/passing of traffic between networks, which is also covered in detail here The BSDCan talk on rdomains (https://www.youtube.com/watch?v=BizrC8Zr-YY) expands on the subject a bit more if you haven't seen it, as well as a few related (https://www.packetmischief.ca/2011/09/20/virtualizing-the-openbsd-routing-table/) posts (http://cybermashup.com/2013/05/21/complex-routing-with-openbsd/) *** Interview - Lee Sharp - lee@smallwall.org (mailto:lee@smallwall.org) SmallWall (http://smallwall.org), a continuation of m0n0wall News Roundup Solaris adopts more BSD goodies (https://blogs.oracle.com/solarisfw/entry/pf_for_solaris) We mentioned a while back that Oracle developers have begun porting a current version of OpenBSD's PF firewall to their next version, even contributing back patches for SMP and other bug fixes They recently published an article about PF, talking about what's different about it on their platform compared to others - not especially useful for BSD users, but interesting to read if you like firewalls Darren Moffat, who was part of originally getting an SSH implementation into Solaris, has a second blog post (https://blogs.oracle.com/darren/entry/openssh_in_solaris_11_3) up about their "SunSSH" fork Going forward, their next version is going to offer a completely vanilla OpenSSH option as well, with the plan being to phase out SunSSH after that The article talks a bit about the history of getting SSH into the OS, forking the code and also lists some of the differences between the two In a third blog post (https://blogs.oracle.com/darren/entry/solaris_new_system_calls_getentropy), they talk about a new system call they're borrowing from OpenBSD, getentropy(2) (http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2), as well as the addition of arc4random (http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/arc4random.3) to their libc With an up-to-date and SMP-capable PF, ZFS with native encryption, jail-like Zones, unaltered OpenSSH and secure entropy calls… is Solaris becoming better than us? Look forward to the upcoming "Solaris Now" podcast (not really) *** EuroBSDCon 2015 talks and tutorials (https://2015.eurobsdcon.org/talks/) This year's EuroBSDCon is set to be held in Sweden at the beginning of October, and the preliminary list of accepted presentations has been published The list looks pretty well-balanced between the different BSDs, something Paul would be happy to see if he was still with us It even includes an interesting DragonFly talk and a couple talks from NetBSD developers, in addition to plenty of FreeBSD and OpenBSD of course There are also a few tutorials (https://2015.eurobsdcon.org/tutorials/) planned for the event, some you've probably seen already and some you haven't Registration for the event will be opening very soon (likely this week or next) *** Using ZFS replication to improve offsite backups (https://www.iceflatline.com/2015/07/using-zfs-replication-features-in-freebsd-to-improve-my-offsite-backups/) If you take backups seriously, you're probably using ZFS and probably keeping an offsite copy of the data This article covers doing just that, but with a focus on making use of the replication capability It'll walk you through taking a snapshot of your pool and then replicating it to another remote system, using "zfs send" and SSH - this has the benefit of only transferring the files that have changed since the last time you did it Steps are also taken to allow a regular user to take and manage snapshots, so you don't need to be root for the SSH transfer Data integrity is a long process - filesystem-level checksums, resistance to hardware failure, ECC memory, multiple copies in different locations... they all play a role in keeping your files secure; don't skip out on any of them One thing the author didn't mention in his post: having an offline copy of the data, ideally sealed in a safe place, is also important *** Block encryption in OpenBSD (http://anadoxin.org/blog/blog/20150705/block-encryption-in-openbsd/) We've covered (http://www.bsdnow.tv/tutorials/fde) ways to do fully-encrypted installations of OpenBSD (and FreeBSD) before, but that requires dedicating a whole drive or partition to the sensitive data This blog post takes you through the process of creating encrypted containers in OpenBSD, à la TrueCrypt - that is, a file-backed virtual device with an encrypted filesystem It goes through creating a file that looks like random data, pointing vnconfig at it, setting up the crypto and finally using it as a fake storage device The encrypted container method offers the advantage of being a bit more portable across installations than other ways *** Docker hits FreeBSD ports (https://svnweb.freebsd.org/ports?view=revision&revision=391421) The inevitable has happened, and an early FreeBSD port of docker is finally here Some details and directions (https://github.com/kvasdopil/docker/blob/freebsd-compat/FREEBSD-PORTING.md) are available to read if you'd like to give it a try, as well as a list of which features work and which don't There was also some Hacker News discussion (https://news.ycombinator.com/item?id=9840025) on the topic *** Microsoft donates to OpenSSH (http://undeadly.org/cgi?action=article&sid=20150708134520&mode=flat) We've talked about big businesses using BSD and contributing back before, even mentioning a few other large public donations - now it's Microsoft's turn With their recent decision to integrate OpenSSH into an upcoming Windows release, Microsoft has donated a large sum of money to the OpenBSD foundation, making them a gold-level sponsor They've also posted some contract work offers on the OpenSSH mailing list, and say that their changes will be upstreamed if appropriate - we're always glad to see this *** Feedback/Questions Joe writes in (http://slexy.org/view/s2NqbhwOoH) Mike writes in (http://slexy.org/view/s2T3NEia98) Randy writes in (http://slexy.org/view/s20RlTK6Ha) Tony writes in (http://slexy.org/view/s2rjCd0bGX) Kevin writes in (http://slexy.org/view/s21PfSIyG5) ***
Going Linux #277 · Using VeraCrypt VeraCrypt is High Security Disk Encryption software that picks up from where TrueCrypt left off. The VeraCrypt team has enhanced the security algorithms used for system and partition encryption, improve security and reduced its vulnerability overall. It can mount your old TrueCrypt volumes and allows you to convert TrueCrypt containers and non-system partitions to the VeraCrypt format. Episode 277 Time Stamps 00:00 Going Linux #277 · Using VeraCrypt 00:15 Introduction 00:44 A new-old office suite to try 05:18 Listener David suggested an episode on TrueCrypt 07:34 What is VeraCrypt? 08:03 System requirements 08:33 Overview 09:47 Installing VeraCrypt 10:26 Cautions when sharing VeraCrypt volumes 13:47 goinglinux.com, goinglinux@gmail.com, +1-904-468-7889, @goinglinux, feedback, listen, subscribe 14:51 End
This week on the show, we've got something pretty different. We went to a Linux convention and asked various people if they've ever tried BSD and what they know about it. Stay tuned for that, all this week's news and, of course, answers to your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines LUKS in OpenBSD (https://www.marc.info/?l=openbsd-tech&m=143247114716771&w=2) Last week, we were surprised to find out that DragonFlyBSD has support (http://leaf.dragonflybsd.org/cgi/web-man?command=cryptsetup§ion=8) for dm-crypt (https://en.wikipedia.org/wiki/Dm-crypt), sometimes referred to as LUKS (Linux Unified Key Setup (https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup)) It looks like they might not be the only BSD with support for it for much longer, as OpenBSD is currently reviewing a patch for it as well LUKS would presumably be an additional option in OpenBSD's softraid (http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/softraid.4) system, which already provides native disk encryption Support hasn't been officially committed yet, it's still going through testing, but the code is there if you want to try it out and report your findings If enabled, this might pave the way for the first (semi-)cross platform encryption scheme since the demise of TrueCrypt (and maybe other BSDs will get it too in time) *** FreeBSD gets 64bit Linux emulation (https://lists.freebsd.org/pipermail/svn-src-head/2015-May/072255.html) For those who might be unfamiliar, FreeBSD has an emulation layer (https://www.freebsd.org/doc/handbook/linuxemu.html) to run Linux-only binaries (as rare as they may be) The most common use case is for desktop users, enabling them to run proprietary applications like Adobe Flash or Skype Similar systems can also be found in NetBSD (https://www.netbsd.org/docs/guide/en/chap-linux.html) and OpenBSD (http://www.openbsd.org/faq/faq9.html#Interact) (though disabled by default on the latter) However, until now, it's only supported binaries compiled for the i386 architecture This new update, already committed to -CURRENT, will open some new possibilities that weren't previously possible Meanwhile, HardenedBSD considers removing the emulation layer (https://hardenedbsd.org/content/poll-linuxulator-removal) entirely *** BSD at Open Source Conference 2015 Nagoya (https://mail-index.netbsd.org/netbsd-advocacy/2015/05/23/msg000686.html) We've covered the Japanese NetBSD users group setting up lots of machines at various conferences in the past, but now they're expanding Their latest report includes many of the NetBSD things you'd expect, but also a couple OpenBSD machines Some of the NetBSD ones included a Power Mac G4, SHARP NetWalker, Cubieboard2 and the not-so-foreign Raspberry Pi One new addition of interest is the OMRON LUNA88k, running the luna88k (http://www.openbsd.org/luna88k.html) port of OpenBSD There was even an old cell phone running Windows games (https://twitter.com/tsutsuii/status/601458973338775553) on NetBSD Check the mailing list post for some (https://pbs.twimg.com/media/CFrSmztWEAAS2uE.jpg) links (http://image.movapic.com/pic/m_201505230541335560130d49213.jpeg) to (http://image.movapic.com/pic/m_2015052305145455600ccea723a.jpeg) all (https://pbs.twimg.com/media/CFjPv9_UEAA8iEx.jpg:large) of (https://pbs.twimg.com/media/CD4k6ZUUMAA0tEM.jpg) the (https://pbs.twimg.com/media/CFqn1GXUsAAFuro.jpg) nice (https://pbs.twimg.com/media/CFdIS2IUkAAZvjc.jpg) pictures (https://pbs.twimg.com/media/CFf5mToUIAAFrRU.jpg) *** LLVM introduces OpenMP support (http://blog.llvm.org/2015/05/openmp-support_22.html) One of the things that has kept some people in the GCC camp is the lack of OpenMP (https://en.wikipedia.org/wiki/OpenMP) support in LLVM According to the blog post, it "enables Clang users to harness full power of modern multi-core processors with vector units" With Clang being the default in FreeBSD, Bitrig and OS X, and with some other BSDs exploring the option of switching, the need for this potential speed boost was definitely there This could also open some doors for more BSD in the area of high performance computing, putting an end to the current Linux monopoly *** Interview - Eric, FSF, John, Jose, Kris and Stewart Various "man on the street" style mini-interviews News Roundup BSD-licensed gettext replacement (https://gitlab.com/worr/libintl/blob/master/src/usr.bin/gettext/gettext.c) If you've ever installed ports on any of the BSDs, you've probably had GNU's gettext pulled in as a dependency Wikipedia says "gettext is an internationalization and localization (i18n) system commonly used for writing multilingual programs on Unix-like computer operating systems" A new BSD-licensed rewrite has begun, with the initial version being for NetBSD (but it's likely to be portable) If you've got some coding skills, get involved with the project - the more freely-licensed replacements, the better *** Unix history git repo (https://github.com/dspinellis/unix-history-repo) A git repository was recently created to show off some Unix source code history The repository contains 659 thousand commits and 2306 merges You can see early 386BSD commits all the way up to some of the more modern FreeBSD code If you want to browse through the giant codebase, it can be a great history lesson *** PCBSD 10.1.2 and Lumina updates (http://blog.pcbsd.org/2015/05/hotfix-release-to-10-1-2-now-available/) We mentioned 10.1.1 being released last week (and all the cool features a couple weeks before) but now 10.1.2 is out This minor update contained a few hotfixes: RAID-Z installation, cache and log devices and the text-only installer in UEFI mode There's also a new post (http://blog.pcbsd.org/2015/05/lumina-desktop-status-updatefaq/) on the PCBSD blog about Lumina, answering some frequently asked questions and giving a general status update *** Feedback/Questions Jake writes in (http://slexy.org/view/s25h4Biwzq) Van writes in (http://slexy.org/view/s2AF0bGmL6) Anonymous writes in (http://slexy.org/view/s20Ie1USFD) Dominik writes in (http://slexy.org/view/s20vBtoKqL) (text answer (http://slexy.org/view/s20RjbIT5v)) Chris writes in (http://slexy.org/view/s20USR3WzT) *** Mailing List Gold Death by chocolate (https://lists.mindrot.org/pipermail/openssh-unix-dev/2015-May/033945.html) ***
Horst JENS, Klaus M., Gregor PRIDUN und Horst SIMBÜRGER plaudern über freie Software und andere Nerd-Themen. Shownotes auf http://goo.gl/Dp3b4p oder http://biertaucher.at
In this episode... TrueCrypt security audit results are good news, right? Why are some of the most depended-upon http://arstechnica.com/security/2015/04/truecrypt-security-audit-is-good-news-so-why-all-the-glum-faces/ At Aetna, CyberSecurity is a matter of business risk Jim Routh talks about how he runs a security program Security is a matter of business risk, if not you're doing it wrong http://blogs.wsj.com/cio/2015/03/30/cybersecurity-at-aetna-is-a-matter-of-business-risk/ Why aren't you vulnerability scanning more often? Wrong question. Simple answer -- because scanning doesn't matter if you can't fix the issues you find Example of how security misses the point http://www.csoonline.com/article/2901472/vulnerabilities/why-aren-t-you-vulnerability-scanning-more-often.html SecurityScorecard - a new startup that is exposing 3rd party risks to you -- or is it? Interesting business model How legitimate is this, and what are the risks? http://www.businessinsider.com/securityscorecard-raises-125-million-led-by-sequoia-2015-3 Does removing Windows administrator permission really mitigate 97% of vulnerabilities?! Is this real? If so -- why isn't everyone doing it? Local administrator privileges are starting to fade, but why so slowly? http://blog.norsecorp.com/2015/04/02/removing-admin-privileges-mitigates-97-of-critical-microsoft-vulnerabilities/
TechByter Worldwide (formerly Technology Corner) with Bill Blinn
A smaller version of Microsoft's Surface Pro 3 will soon be available and at a lower price, Adobe continues to release mobile applications that allow designers to stop using scratch pads when they're away from the computer, and most people now agree that data on a computer is more valuable than the computer. In Short Circuits: I have a quick update on Windows 10, which now works on the notebook computer I tried to install it on a couple of weeks ago and if you want a perpetual license for Lightroom 5 but haven't been able to figure out how to get it, I'll show you the way. In Spare Parts, only on the website: TrueCrypt, rumored to be insecure, proves to be safe; an executive order from President Obama to fight foreign cyber-crooks, Yahoo and Microsoft extend negotiations on their future, and looking at activity by high-tech CEOs in battling a law in Indiana.
We look back at this year in TechSNAP. Allan shares his war stories, TrueCrypt shuts down, Heartbleed happens & more!
We look back at this year in TechSNAP. Allan shares his war stories, TrueCrypt shuts down, Heartbleed happens & more!
We look back at this year in TechSNAP. Allan shares his war stories, TrueCrypt shuts down, Heartbleed happens & more!
Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/White-Green/DEFCON-22-Kenneth-White-and-Matthew-Green-The-Open-Crypto-Audit-Project-Updated.pdf The Open Crypto Audit Project Kenneth White CO-FOUNDER, OPEN CRYPTO AUDIT PROJECT Matthew Green RESEARCH PROFESSOR, JOHNS HOPKINS UNIVERSITY Join us for the story of the origins and history of the Open Crypto Audit Project (OCAP). OCAP is a community-driven global initiative which grew out of the first comprehensive public audit and cryptanalysis of the widely used encryption software TrueCrypt®. Our charter is to provide technical assistance to free and open source software projects in the public interest. We serve primarily as a coordinator for volunteers and as a funding mechanism for technical experts in security, software engineering, and cryptography. We conduct analysis and research on FOSS and other widely software, and provide highly specialized technical assistance, analysis and research on free and open source software. This talk will present how we audited TrueCrypt, detailing both the Phase I security assessment, and the Phase II cryptanalysis. Looking forward, in light of GotoFail and HeartBleed, we will discuss future plans for our next audit projects of other open source critical infrastructure. Kenneth White is a co-founder of the CBX Group, and formerly principal scientist and senior security R&D engineer at Social & Scientific Systems. His work focuses on cloud security, machine learning, and distributed database architecture. At SSS, White led the Biomedical Informatics team that designed and runs the operations center for the largest clinical trial network in the world, with research centers in over 100 countries. Together with Matthew Green, White co-founded the TrueCrypt audit project, a community-driven initiative to conduct the first comprehensive cryptanalysis and public security audit of the widely used TrueCrypt encryption software. White holds a MEd from Harvard and is a PhD candidate in neuroscience and cognitive science, with research focusing on expert systems, real-time classification and machine learning. He is a technical reviewer for the Software Engineering Institute, and publishes and speaks frequently on computational neuroscience, signal processing, and security engineering. Twitter: @kennwhite Matthew D. Green, PhD is a professor of computer science at Johns Hopkins University. He teaches applied cryptography and builds secure systems. Green trained under Susan Hohenberger and Avi Rubin, and his research includes techniques for privacy-enhanced information storage, anonymous payment systems, and bilinear map-based cryptography. Green formerly served as a senior research staff member at AT&T Labs. Together with Kenneth White, he co-founded the TrueCrypt audit project, a community-driven initiative to conduct the first comprehensive cryptanalysis and public security audit of the widely used TrueCrypt encryption software. He blogs at Cryptography Engineering, and talks about cryptography and privacy. Twitter: @matthew_d_green Web: https://opencryptoaudit.org/people
Detta är det tjugonionde avsnittet av Säkerhetspodcasten, i vilket panelen förbereder sig för semester i solen, diskuterar TrueCrypt, Microsofts övertagande av No-IP domäner, kör en kort recap på Sans SEC560 och mycket mer.
Horst JENS und Gregor PRIDUN plaudern über freie Software und andere Nerd-Themen. Shownotes auf http://goo.gl/TCyt5v oder http://biertaucher.at
Chester Wisniewski and Paul Ducklin present Sophos's regular weekly security podcast, the "Chet Chat." This week the enthusiatic experts look at: yet more in the TrueCrypt saga; the Towelroot software for rooting locked-down Androids; the ongoing problem of ransomware even after the CryptoLocker takedown; and Canada's long, long, long-awaited anti-spam law.
Usiamo i problemi alla linea di Filippo come pretesto per parlare della discutibile politica di Fastweb in merito alla configurazione dei suoi modem, quindi passiamo a TrueCrypt e cerchiamo di capire cosa sia veramente successo dopo il messaggio...
Analizamos el misterio de la desaparición de TrueCrypt Patreon: https://www.patreon.com/rcracking
Sophos security experts Chester Wisniewski and Paul Ducklin turn their attention on the week's security news. As usual, they extract plenty of useful lessons during their insightful dissection of the issues, including: PF Chang's data breach, which the company has as good as admitted but not yet tracked down; the ongoing saga of vanishing encryption software TrueCrypt; the ethics of creating computer worms; and how much online scammers are actually costing us.
Como avisado, atrasamos em um dia o lançamento deste episódio. Mesmo contra todas as agendas que deram errado, conseguimos gravar um episódio bacaninha para vocês. Neste episódio Ivan e Diego comentam algumas notícias sobre o mundo das tecnologias livres. Links do episódio Provedores deveriam isolar computadores infectados 10 novidades do OS X que já existiam no Ubuntu Smart TV da Samsung com Tizen em breve Vodafone confirma coleta de dados Fim do Ubuntu One TrueCrypt não morreu Modelos hibridos da Dell com Ubuntu Mozilla vai oferecer serviço de conferência em áudio e vídeo nativo no navegador Comparativo clang e gcc Porta dos fundos no expresso Sem porta dos fundos no expresso Meizu mostra Ubuntu Touch na Mobile Asia Expo 2014 Twitter: @tecnologiaabert Facebook: http://www.facebook.com/tecnologiaaberta Google+: Tecnologia Aberta Youtube: Tecnologia Aberta E-Mail: opencast@tecnologiaaberta.com.br Feed do Opencast: http://tecnologiaaberta.com.br/feed/opencast/ --- Send in a voice message: https://anchor.fm/opencast/message
Im Mai 2014 hat die Webseite von TrueCrypt die Weiterentwicklung ihrer Software eingestellt. Wie geht es nun weiter , was gibt es für Alternativen und wie kann man die bestehenden verschlüsselten Daten von TrueCrypt in eine neue Verschlüsselungssoftware übernehmen. Was ist eine Glaubhafte Abstreitbarkeit und was hat das mit Verschlüsselung zu tun? Wie immer alle Antworten im Podcast. Hier die Links zu den jeweiligen Tools und Informationen: http://wiki.ubuntuusers.de/LUKS LUKS Festplattenverschlüsselung Linux http://de.sourceforge.net/project/freeotfe/ Festplattenverschlüsselung Windows https://diskcryptor.net/wiki/Main_Page Festplattenverschlüsselung Windows https://www.boxcryptor.com/de/download Verschlüsselung für verschiedene Plattformen aus Deutschland http://www.withopf.com/tools/securstick/ Verschlüsselung für USB-Sticks und andere http://de.wikipedia.org/wiki/Glaubhafte_Abstreitbarkeit Viel Spass beim reinhören wünscht Dir Joachim Hummel
TechByter Worldwide (formerly Technology Corner) with Bill Blinn
A new version of WordPerfect offers some features that Word can't match. The ability to link smart objects is a welcome new feature in Photoshop CC. In Short Circuits: Once again a comedian explains what clueless bureaucrats miss about Net Neutrality. Have you looked at thumb drives lately? They're no longer anywhere near the size of your thumb. If you're looking an application to replace TrueCrypt, which abruptly disappeared, I have some suggestions. Apple may have run out of cat names for its operating systems, but it continues to add cool new features. And revelations about snooping by the National Security Agency seem to have spurred development of tools for securing e-mail.
Im aktuellen c't uplink geht es zuerst um die anstehende Fußball-Weltmeisterschaft in Brasilien und wie man sie am besten gucken sollte. Dann blicken wir zurück zur WWDC und auf das unerwartete Ende von TrueCrypt. Mit dabei: Hannes Czerulla (hcz, @hannibal4885), Jan-Keno Janssen (jkj, @elektroelvis), Thomas Rudl (tru) und Fabian Scherschel (fab, @fabsh).
Im aktuellen c't uplink geht es zuerst um die anstehende Fußball-Weltmeisterschaft in Brasilien und wie man sie am besten gucken sollte. Dann blicken wir zurück zur WWDC und auf das unerwartete Ende von TrueCrypt. Mit dabei: Hannes Czerulla (hcz, @hannibal4885), Jan-Keno Janssen (jkj, @elektroelvis), Thomas Rudl (tru) und Fabian Scherschel (fab, @fabsh).
Neste episódio partimos do mistério envolvendo o abandono do Truecrypt pelos seus desenvolvedores, trazemos algumas hipóteses sobre o caso e comentamos os problemas envolvendo um novo panorama de segurança da informação em uma era pós-Snowden.Continue reading
Im aktuellen c't uplink geht es zuerst um die anstehende Fußball-Weltmeisterschaft in Brasilien und wie man sie am besten gucken sollte. Dann blicken wir zurück zur WWDC und auf das unerwartete Ende von TrueCrypt. Mit dabei: Hannes Czerulla (hcz, @hannibal4885), Jan-Keno Janssen (jkj, @elektroelvis), Thomas Rudl (tru) und Fabian Scherschel (fab, @fabsh).
The recent events surrounding TrueCrypt spawn the question, "What happens when your favorite Open Source project goes away?
Chester Wisniewski and Paul Ducklin take on the latest security news with their usual mix of enthusiasm, expertise and entertainment. This week, they dig into the bafflement of the disappearing TrueCrypt encryption software: did it jump, or was it pushed? They also look at the takedown of the Gameover and CryptoLocker malware by law enforcement, and Chet sends Duck down memory lane to tell us what we can learn from ten years of mobile malware.
John Shier interviews security expert Chester Wisniewski about the sudden demise of the freeware TrueCrypt project. They discuss what happened and what users should consider when moving on to greener pastures.
DevNews 87 proves that we'll be back, even if we have to leave a resort to do so. Ken and Joel bring you the news in open source development this week, including Cordova being embedded into Visual Studio 2013, Google and Apple settling their patent row for now, Google Fiber not charging for peering services, Internet Explorer roadmap revealed, and much, much more. The post DevNews #87 – JSConf 2014 recap, TrueCrypt bites the dust, Renderman Open Source appeared first on Chariot Solutions.
Ryan and Matt review the WWDC keynote, and discuss Nintendo's agreement with Let's Play producers on YouTube, the demise of TrueCrypt, the closing of Moto Maker factory, the release of Android 4.4.3, the official purchase of Beats and so much more.
In dieser Folge geht es um Firefox Flame, Ebay, TrueCrypt und Google und und und Themen: Firefox Flame kann vorbestellt werden Ebays Sicherheit ist bröckelig Bald schon haptische Tasten im Touchdisplay !? Selbstfahrende Autos in Serie von Google !? TrueCrypt Entwicklung eingestellt TrueCrypt Entwicklung wieder aufgenommen KDE Visual Design Group mit Systemeinstellungsdesignidee Spiel der Woche: The Witcher 2 Sailfish der Woche: Markat Ebay Client Pfeife der Woche: Der Generalbundesanwalt Wie immer wünsche ich viel Spaß beim reinhören ;)
We discussed the case of Edward Snowden today, and whether or not he's a “whistleblower” or a “traitor”. We also mentioned a documentary, “Frontline”, which asks the question whether or not we're “safer” after the events of 9/11. Another thing that has hit the news is TrueCrypt asking its users to go elsewhere because, “WARNING: […]
Google's self-driving car goes a step further with no steering wheel or pedals, a Microsoft Smartwatch could integrate across multiple platforms and Open Source crypto TrueCrypt disappears with a suspicious cloud of mystery. If you're listening on the go, check out munchtech.tv/mobile to find out more about our mobile applications. Enjoy the show? We'd appreciate if you could leave an iTunes rating or review to let us know!
Ein gelungener Mix aus Gadgets, Politik und Buffalo-Schuhen wartet auf euch. Dazu macht Caschy noch den Erklaerbaer und sagt euch, was es mit dem Takkatukkaland wirklich auf sich hat.
Edward Snowden has once again captured the attention of the media. False claims, and ridiculous rhetoric are in full force, and we’ll cut through the crap. Plus: What we suspect is going on with TrueCrypt, Greenwald claims he’s ready to disclose names of the NSA’s targets, the big changes in Afghanistan, and why the director of FBI wants to hire pot smokers.
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Advice from Bob on the importance of an accurate inventory; TrueCrypt meets an unfortunate end; Weak passwords are responsible for the initial intrusion in 31% of breaches; 71% of exploits used Java; 59% of malicious email used an attachment, 41% used a link; NTT’s Global Threat Intelligence Report finds that most incidents are the result … Continue reading Defensive Security Podcast Episode 69 →
Michał Dziwisz demonstruje możliwości tego łatwego w użyciu, dostępnego narzędzia do szyfrowania danych.
Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Keith Watson, CISSP-ISSAP, CISA Articles Is Truecrypt Audited Yet?, The TrueCrypt Audit Project, New effort to fully audit TrueCrypt raises $16,000+ in a few short weeks by Cyrus Farivar (Ars Technica), Let’s audit Truecrypt! by Matthew Green (A Few Thoughts on Cryptographic Engineering) Destructive malware “CryptoLocker” on the loose - here’s what to do by Paul Ducklin (nakedsecurity), CryptoLocker Ransomware Information Guide and FAQ by Lawrence Abrams (bleepingcimputer.com)
Have you heard of those scam phone calls from "Windows" where the person on the other end of the phone claims to know there's a problem with your computer ("Is it running more slowly lately?") and they even have you test it out by running some commands and referring to common files as viruses. Then they're so friendly that if you simply go to their web site and download a couple files, they'll clean it all up for you. Maybe one of the worst people they could possibly call would be the head guy at Black Hills Information Security, John Strand. Yep, and John was only too happy to give them just enough rope to hang themselves. Listen along for how John was also able to irritate the scammers. Then we tried to get going on the stories of the week and were off to a great start but very quickly got derailed with a story from Australia. Apparently the Australian government is looking to put a filter on the internet in their country that would completely block all perceived porn sites. If someone wants to be able to access porn web sites from inside Australia, they'd need to "opt out" of the filter by simply contacting the government. What could possibly go wrong with this idea? I'm certain that there wouldn't be any privacy issues whatsoever. Additionally, wasn't the internet basically invented for the purpose of porn consumption? Ok, back to the rest of the stories discussed. Remember a few weeks ago when we talked about a scumbag who intruded upon a family through their baby monitor and was able to shout at the baby and parents through the monitor. Well, the Federal Trade Commission (FTC) has slapped down a manufacturer of different brand of baby monitor and said they may no longer market their product as being "secure" until they fix these flaws. The flaws being that they say the feeds are private while anyone can view them on the internet at least in part because the authentication from the internet is clear-text and needs to be encrypted. Here we are already seeing where it seems like a great idea for manufacturers to internetify their product but don't completely understand all aspects of that or at least don't understand basic security needs. I don't know which is the chicken and which is the egg yet, but with the promise of IPv6, we're going to eventually see just about everything we own trying to have some sort of presence on the internet and these basic security precautions will need to be met. Allison alerted us to the fact that Burp Suite got an upgrade this week. I'm constantly amazed at how much Burp can do especially when you consider the $300 price. Sure, there's also ZAP available from OWASP for even cheaper (free) but I think Burp is one of those tools that just about everyone uses because of its awesomeness. If I had to pick out just one of the new features, I'd mention the "Plug 'n Hack". According to Portswigger: "This enables faster configuration of the browser to work with Burp, by automatically configuring the browser to use Burp as its proxy, and installing Burp's CA certificate in the browser." We also found out more details this week about another trojan called FinFisher by Gamma. The existence of FinFisher had been previously revealed but in a presentation by Mikko Hypponen, he talked about some of the things that the tool can do, including cracking WPA1 and WPA2, decrypting common email sites and even copying over a whole drive encrypted with TrueCrypt via a USB stick. Reportedly, the tool had only been available to governments in order to conduct their own national intelligence, but by now there's no way of knowing whether this has slipped out into the wild and in the hands of just anyone. At Black Hat this year, Mike Shema from Qualys talked about a new way to possibly prevent CSRF. As we've seen in the past, the only way to reliably prevent the attack is to place a token in the action and have the server validate that token. This requires that the developer of the application understand CSRF and understand an API for creating the token, and to also implement it properly. If you're in the training or penetration testing business, this sounds like a great thing for job security. However there are millions of developers worldwide and training all of them may take a while. Heck, look at how prevalent much simpler attacks like SQL injection and Cross Site Scripting are. Do we really think that we'll be able to "train away" CSRF? This is where Shema has the idea of "Session Origin Security" and put the token in the browser. Now instead of training millions of developers, we simply get about five browser developers to jump on board. But the gang was a little skeptical about other plugins to work around this as well as breaking valid sessions and backward compatibility. We also wondered whether it may make more sense to allow the browser to choose whether it wants the CSRF protection and turn it on by default and let the user turn it off if there's a good reason to. These all seem to be questions that Shema and his team are looking into. Jack told us about a post from Gunnar Peterson and the "Five Guys Burgers Method of Security". I don't think it means where it's so good for the first ten minutes and then you feel like crap about it for the next few hours. It's the idea that when you go to a Five Guys (and if you haven't yet, you should) they have two things, burgers and fries. They do these two things exceptionally well. They haven't morphed into also being a chicken place, and a fish place and a milkshake place and a coffee place and then letting the overall quality slip. They are focused on doing their two things and doing them extremely well. And I wondered if this is where so many in the security industry get frustrated and eventually burned out. As John brought up, the frustration often comes when there is so much compliance and documentation required, which yeah, I can see that as well. Who likes checking boxes and meeting with guys in ties to explain how you meet the PII, PCI, SOX and whatever other acronyms? I also wonder if there's also frustration in that we're hired to be "the security person" and we have areas that we're good at and enjoy. Whether that's network security, mobile security, web security or whichever. But due to budgets and many other reasons, we are expected to be experts in all areas, much unlike Five Guys. The Five Guys philosophy is if you want a great chicken sandwich, go to a chicken place. If you want a great milkshake, go to a milkshake joint. However in our jobs, we are the burgers and fries and chicken and fish and milkshakes and we're expected to be perfect at all of them. Anyway, it's an interesting take. Do you have a Web site? No? Ok, then you're probably safe. Robert "Rsnake" Hansen put together an infographic about all the different things that you need to worry about today when securing your web site. It started out as a joke but then got a bit too close to reality and finally just got head-shakingly scary. Finally, if you haven't already, check to see if your web site is "locked." Simply do a whois on your site and see if you have at a minimum a status of "ClientTransferProhibited." Some have said the recent NY Times hack was able to happen because the domain was not locked and the Syrian Electronic Army (SEA) was able to get the DNS credentials from someone and then change the DNS records to their own server. But if your DNS is locked, it'll take a bit more work to make the updates. Your registrar will go through additional validation steps before the DNS records are updated. This is likely enough that if someone is looking to hijack web sites, they'll realize yours isn't worth the both and move on to an easier target. With Congress possibly authorizing an attack on Syria and with the twelfth anniversary of the September 11, 2001 attacks upcoming, it would not be surprising to see another round of attacks on web infrastructure. So take this very easy step and protect your site.
Horst JENS, Florian SCHWEIKERT, Greor PRIDUN, Harald PICHLER, Johnny ZWENG und Martin MAYR plaudern über freie Software und andere Nerd-Themen. Shownotes auf http://goo.gl/TlDYSu oder http://biertaucher.at Bitte nach Möglichkeit diesen Flattr-Link anlicken: http://flattr.com/thing/1841007/Biertaucher-Podcast-Folge-118
Until recently, password management has been a challenge for TrueCrypt encryption users. Enterprises can now encrypt sensitive data for any Windows application or folder with TrueCrypt and create cryptographically strong passwords with Alliance Key Manager, a FIPS 140-2 compliant key management HSM. In this 15-minute podcast Patrick Townsend discusses: Why an organization would use TrueCrypt encryption Meeting the challenges of managing TrueCrypt passwords What Townsend Security is doing to help organizations manage TrueCrypt passwords
Each Spring, ABA TECHSHOW takes center stage as one of the premier legal technology conferences. While there is great value in attending legal tech conferences, all lawyers can benefit simply by seeing what's on the TECHSHOW agenda. Organizers put a lot of thought into their agendas, so we can all learn where to put our technology focus by seeing what topics these shows cover. Dennis Kennedy and Tom Mighell use TECHSHOW 2012 as an example of how to assess your current technological agenda, talk about the major topics being covered at TECHSHOW, and suggest ways you can use the TECHSHOW topic list to set your technology priorities for 2012. After you listen, be sure to check out Tom & Dennis' co-blog and book by the same name, The Lawyers Guide to Collaboration Tools and Technologies.
TechByter Worldwide (formerly Technology Corner) with Bill Blinn
TrueCrypt is an easy way to protect files that you want to remain secure but the documentation can be intimidating. I've set out to fix that. I'll review some additional options for backup and reasons you should consider them. It's time for the monthly update on Windows 8. And in Short Cirtuits, how to retain an Kindle library book for an extra day or two and how Netflix may have set you up.
Intro: Alexander Pushnoy - Du Taxi Конферанс, реверанс, саундчек Приветствие, статистика, благодарность слушателям Тоска по поре отпусков Facepalm of the month: mysql.com pwnd - http://goo.gl/gsYzi Linux still down, побит рекрд SONY PSN, BSG forever Первая "практическая" атака на SSLv3/TLSv1 - http://goo.gl/8CwUR Аналогии с безопасностью WiFi, советы по защите открытых точек доступа Возвращаясь к SSL: шифруйте данные форм! Exotic Liability, Tiger Team, breakin_in, аудио цензура и поучительня история о безопасности мототранспорта - http://goo.gl/w9ZSn Параллели между разными направлениями в безопасности, смена поколений как путь эволюции безопасности - http://goo.gl/5lqP3, подростки и приватность Типичные ошибки безопасности и приватности online и советы по их исправлению: неправильная маршрутизация сообщений и использование незащищенных соединений - http://goo.gl/dlDE7 Пересмотрите права доступа к вашим сетевым аккаунтам -- прямо сейчас: facebook http://goo.gl/stfl9 - Twitter http://goo.gl/SZTPv - LinkedIn http://goo.gl/sbQ00 - Google http://goo.gl/hkVQq - Dropbox http://goo.gl/U1rrI Использование шифрования и других методов контроля доступа к важным данным: Truecrypt http://www.truecrypt.org - WhisperCore for Android http://goo.gl/GXj5a Приватность в Интернете и вообще Массовый мобильный фрод в Москве и почему это не "кибер"-взлом - http://goo.gl/syCtl Новыя пачка Троянов для Андроида, рост влияния Корпорации добра, тенденции рынка труда разработки ПО, безопасность мобильных устройств и вообще - http://goo.gl/bH4kG Сплетни на околоэйчарные темы Неавторизированная смена пароля пользователя в MacOS Lion - http://goo.gl/tg8yw XSS в Skype под iOS - http://goo.gl/2exfv Надвигающиеся угрозы ИБ: агрегация данных, желание правительств контроллировать неконтроллируемое, гонка кибер-вооружений - http://goo.gl/Dk7fo Финальные замечания, комментарии, жалобы и благодарности Outro: Die Antwoord - I Dont Need You Bonus Track: Интерконтинентальный прямой эфир с 12-часовой амплитудой (Внимание! Очень сильный фоновый шум!)
Sicher haben Sie auch einige Daten, die besonders schützenswert sind, wie z.B. Dateien mit allen Passwörtern, private Dokumente und Bilder. Wenn Sie nicht möchten, dass z.B. nach einem Verlust Ihres Notebooks ein Fremder diese Daten auslesen kann, dann sollten Sie sie verschlüsseln. Daten verschlüsseln lassen sich schnell und kostenlos mit dem Programm „TrueCrypt“. Wie dies [...]
Al desnudo platicamos sobre sexo y tecnologia con temas como usar la Tecnologia para hacer su vida sexual mas “picante”, las redes sociales anticipan el sexo, la tecnologia al servicio de las cougars al acecho entre otros.
This week, Bret and Ovie talk with Jesse Kornblum about...Fun tricks with computer memory. In listener email we hear about a 2 year old April Fools joke that is still fooling people, we discuss how a Texas law requiring private investigator licenses could be putting geek squad and other innocent people in violation of the law. Help is on the way as FBI opens a new RCFL in Houston. In tech topics we discuss an information leakage paper on TrueCrypt. Keep those emails coming at cyberspeak *at* gmail.com.
EU Official: IP Is PersonalBush Order Expands Network MonitoringSwitzerland Tells Antipiracy Group Tactics Violate LawMaritime Security & Domain Awareness ConferenceMilitary Open Source Software Conference - Initiatives, Risks, Opportunities & ChallengesLargest Can-Spam Penalty Levied By FedsPrivacy Laws Make ProgressComputerworld: US Gov’t Seek 10 Percent Hike in IT Security SpendingIBM, Google, Microsoft, Others Join OpenID BoardTrueCrypt 5.0 Released!!!Ex-Boeing engineer charged with theft of Space Shuttle secrets for China - DOJ Small Romanian Town Gets Rich Through eBay Scams HostsGene Naftulyev, CISSPAnatoly Elberg, CISSP
Episode 28: Michael Gdovin shows Jordan Berman Truecrypt, a free on-the-fly encryption application. (07:00)
Richard and Greg talk to Eric Marvets about securing laptop drives and other portable media using TrueCrypt. Along the way they dig into different levels of security and the entropy of passwords.Links:Eric's blogTrueCrypt Web Site
May 12th, 2007- Show number 5 was a blast. I think we're really starting to get comfortable with this "being on the radio" thing and letting loose a bit. I hope we didn't scare anyone away, though. Our main topic today was HD DVD and Blu-ray. We discuss the differences and make some recommendations on whether you should buy either one. Pete and Kevin take jabs at each other again. - Show Notes - We share what’s been going on in the last week. Pete doesn’t watch TV, and Jeff’s been watching Heroes. Kevin shares a crazy story about movie quotes popping into his head. Main Topic: Last week we talked about HDTV and the technology behind high definition television shows, and in this show we discussed HD DVD and Blu-ray. I said last week that 720p was the lowest resolution that is technically considered High Definition. The maximum resolution of a DVD is 480p. So, while it will look better on an HDTV, it isn’t quite high definition. People want to watch high definition movies on their high definition TVs. The problem is that the higher resolution a video is the more space it needs. There isn’t enough room on a DVD for a motion picture length high definition movie. Two new, competing formats were created: HDDVD and Blu-ray. It’s Betamax Vs VHS all over again. Betamax was Sony’s version of the magnetic tape video cassette, and it would not play in a VHS player. As we all know, VHS won this battle and whoever bought a Betamax player had wasted their money. Well, Sony is involved this time, too. Their format is Blu-ray. In the show we discuss the similarities, differences, and costs of these two formats. We also go over the new copy protection on these discs, and conclude with recommendations. Support Calls: Jeff from Scottsdale calls about what to look for in a notebook computer. His options are pretty open: Dell, Lenovo, Toshiba, Apple, or Sony. Look for 2GB of RAM for running Vista. He also asked about hard drive encryption. He can use TrueCrypt, or buy Windows Vista Ultimate edition and use BitLocker. Sandra from Phoenix called in looking for advice on a PDA to buy for medical school. She wants to store lots of information on her PDA. It’s hard to find a PDA these days that isn’t also a phone. Something like the Palm Treo would probably suit her best, and she can upgrade the memory fairly cheaply with an SD card from Newegg.com. Joe in Gilbert wonders why people don’t do their own hardware projects any more. Kevin suggests that he may be interested in Make Magazine. There are still hardware projects, but more people are doing software projects these days. It’s easier and you don’t have to learn to solder… News Stories: World of Warcraft VISA Credit Card DVRs are not all bad Dell's Linux Problem Jobs chided, answers questions at shareholder meeting iPods able to crash pacemakers A Foolproof Way To End Bank Account Phishing? Weekly Website: Newegg.com Software Spotlight: 7-Zip Hardware Highlight: Hitachi Deskstar 7K1000 1TB Hard Drive Direct MP3 Download iTunes Subscription RSS Feed
Book winners - Tomek & Ralph, E-mail from Kevin P. / WGA, JHymn, Gizmo free calls, Skype protocols, NTFS Support Under Linux, Auto defragmenting in Vista, ZFS, Thumper, Microsoft Windows private folder, TrueCrypt, Firefox 2.0 Beta, Shiira, OmniWeb, Opera, Virtual PC 2004, Yahoo DRM-free songs, Microsoft foils Web spammers, YouTube's new policy, Amazon Ad-Free video service, Photo.net, Creative Commons, Optimus Three
Geek Muse Frappr Map, Newsvine invites, Play-Doh fools Fingerprint systems, BIOS Rootkits, Extensible Firmware Interface (EFI), The IT Crowd, Full Drive Encryption, SafeBoot, Pointsec, PGP, SecurStar, CompuSec, WinMagic, Linux Disk Encryption, Folder and File Encryption, TrueCrypt, Cypherix, AxCrypt, FileVault, Mac OSX sparse secure image, Knox, Linux Encryption links, OpenSolaris xlofi, "The Contest": Dual Boot XP/OSX on a MacBook Pro, Geek Muse 10K contest