This is a maintained technical guide that aims to provide introduction to various online tracking techniques, online id verification techniques and guidance to creating and maintaining (truly) anonymous online identities including social media accounts safely and legally. No pre-requisites besides English reading are required.
You've possibly just found out you're in a data breach. The organisation involved may have contacted you and advised your password was exposed but fortunately, they encrypted it. But you should change it anyway. Huh? Isn't the whole point of encryption that it protects data when exposed to unintended parties?
No, there hasn’t been any new vulnerability found in SSH, nor am I denying the usefulness of SSH as a building block in the dev toolchain. This article is about why you shouldn’t be (and how you can avoid) using raw SSH sessions for development work.
In summary, how the author discovered screen, tmux, etc.
How to poison phishing sites with fake data.
So you want to learn how to secure WordPress. Congratulations! You are in good company and this post will show you all the right steps!
GNU's framework for secure p2p networking
We’re excited to announce the release of Teleport 4.3 - new UI, API driven, expanded audit capabilities, and still open source.
Maersk is the world’s largest integrated shipping and container logistics company. I was massively privileged (no pun intended) to be their Identity & Access Management (IAM) Subject Matter Expert (SME), and later IAM Service Owner. Along with tens (if not hundreds) of others, I played a role in the recovery and cybersecurity response to the […]
With zero trust, you assume everything on the network is unsafe. You have to check trust explicitly. This stance improves security throughout the SDLC.
Many of us use password managers to securely store our many unique passwords. A critical part of a password manager is the master password. This password protects all others, and in that way, it is a risk. Anyone who has it can pretend to be you… anywhere! Naturally, you keep your master password hard to guess, commit it to memory, and do all the other things you are supposed to do.
Worried about the security of your Linux server? Learn some easy to implement tips on securing SSH and make your Linux server more secure.
Create a pdf with barcodes to backup text files on paper. Designed to backup ASCII-armored GnuPG and SSH key files and ciphertext.
Hashicorp Vault hogs the limelight as cost-effective powerful KMS solutions are hidden in plain sight. Chris McGrath explores the underrated Mozilla SOPS.
This HN thread contains several tips and hints regarding methods, approaches and tools to share secrets across people and systems.
How to SSH properly and easily improve the security of your SSH model without needing to deploy a new application or make any huge changes to UX.
SpicyPass is a light-weight password manager that utilizes state of the art cryptography and minimalist design principles for secure and simple password storage.
The firmware of microcontrollers usually contains valuable data such as intellectual property and, in some cases, even cryptographic material.
This guide explains how to edit remote files with Vim on Linux. Starting from Vim 7.x version, the netrw plugin allows you to edit remote system files.
The C language is still prominent in the industrial embedded world, where “IoT” often refers to platforms much more limited than a Raspberry Pi. Often having to deal with such environments, we wrote the following informal explainer about C for internal company needs, and thought it could be of interest for more readers. This is basic material, mixing C and operating systems knowledge, aimed at readers with no or limited understanding of how you go from C source code to an executable. We could expand on many points, but for now we just share this meandering overview.
Email is unsafe and cannot be made safe. The tools we have today to encrypt email are badly flawed. Even if those flaws were fixed, email would remain unsafe. Its problems cannot plausibly be mitigated. Avoid encrypted email.
Technologists hate this argument. Few of them specialize in cryptography or privacy, but all of them are interested in it, and many of them tinker with encrypted email tools.
Most email encryption on the Internet is performative, done as a status signal or show of solidarity.
KeePass is a free open source password manager. Passwords can be stored in an encrypted database, which can be unlocked with one master key.
Bitwarden is a free and open source password management solution for individuals, teams, and business organizations.
Easy and safe way for individuals, teams, and business organizations to store, share, and sync sensitive data.
A command line interface (interactive shell) to work with KeePass 1.x or 2.x database files.
gopass is a rewrite of the pass password manager in Go with the aim of making it cross-platform and adding additional features. The target audience are professional developers and sysadmins (and especially teams of those) who are well versed with a command line interface.
In a world of evolving and targeted cyber threats understanding your attacker’s intentions and tools has never been more crucial. By deliberately maintaining vulnerable systems, or Honey Pots, and letting the attackers in you can analyse their activity and gather intelligence so you can be ahead of the game if you ever have a compromise. When running an SSH Honey Pot you can gain a full log of the commands an attacker attempts to run on your system and any files which they attempt to download and can be a great way to obtain samples of malicious software for analysis or understand the techniques used by an attacker to scour your data.
BusKill is a Kill Cord for your laptop implementing a Dead Man Switch using $20 in USB hardware + udev rule to trigger your laptop self-destruct if stolen.
These are two small files which are different but have the same SHA-1 sum:
Thirty years ago, Cliff Stoll published The Cuckoo's Egg, a book about his cat-and-mouse game with a KGB-sponsored hacker. Today, the internet is a far darker place—and Stoll has become a cybersecurity icon.
I read this book when I was young. Still remember the atmosphere :-)
What we learned from the spy in your pocket.
The team password manager.
At the heart of decentralized systems today is a demoralizing irony. Vast resources---intellect, equipment, and energy---go into avoiding centralized control and creating "trustless" systems like Bitcoin. But hapless users then defeat the whole purpose of these systems by handing over their private keys to centralized entities like Coinbase.
Would it be nice if there were a truly decentralized system that could do the impossible? I.e.,
I am not going to discuss why you need strong passwords. It is an open secret that strong passwords keep you relatively safer.
Generating strong passwords is something you can do on your own but putting all the combination of lower and upper cases, numbers, symbols can be a tiresome work.
But you need not worry. Linux has got you covered. We’ll see 5 best password generators for Linux that will ease the task for you.
Password management belongs to the command line, deep into the Unix heartland, the shell. Titan is written in C and is available under the MIT license.
Pure Bash script to manage secure archives; simple and clean; uses gnugpg for encryption/decryption, thus can leverage tools like GPG Agent.
Hard disk encryption tool; it stores all setup information in the partition header, enabling easy data transport or migration.
Encrypted filesystem in user-space based on FUSE; mounts an encrypted directory into a clear one.
A robust and efficient password cracking tool that can help you recover lost passwords, audit password security, benchmark, or just figure out what data is stored in a hash.
An Ash module that makes it easy to perform aes-256-cbc encryption for files and directories.
A tiny utility for chrooting into an installed Linux system.
Locally mount a remote file-system through SSH and access files and directory as they would be on the local machine.
"An open source tool that lets you securely and anonymously share a file of any size."
Steganography is the study and practice of concealing communication. It plays a different role to cryptography, with its own unique applications and strengths.
Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities.
In order to use a GnuPG key on a smartcard or Yubikey, a GnuPG key needs to be created. This post will show you how to create a GnuPG key with sub-keys for signing, encryption and authentication. The authentication key can be used later on to authenticate via ssh as well.