by Ben Laurie

The modern world doesn’t look like this at all. All the files on a typical computer belong to a non-expert user (for simplicity I am ignoring shared devices — this doesn’t really undermine the argument as I hope you will see). Indeed, the whole computer typically belongs to a single user. Printers do not need accounting and similarly belong to the same user. The enemy is the software that is running on the machine. Users no longer have a good understanding of the software they run. Software is enormously complex and uses all sorts of resources, many distributed over multiple systems, to accomplish their tasks. And frequently their task is only superficially in service of the user.

In short, the old threat model was untrusted tenants, trusted software, unit of protection is files and devices. The new threat model is trusted tenants, untrusted software, unit of protection is individual data items.

Explains how to Generate two-factor authentication code from your Linux oathtool command line & encrypt totp key with gpg2 for privacy and security reasons.

A collection of command-line and GUI tools for capturing and analyzing audio data. The most interesting tool is called keytap - it can guess pressed keyboard keys only by analyzing the audio captured from the computer's microphone.

When it comes to using computers to steal money, few can come close to matching the success of Russian hacker Evgeniy Bogachev.

The $3 million bounty the FBI has offered for Bogachev’s capture is larger than any that has ever been offered for a cybercriminal—but that sum represents only a tiny fraction of the money he has stolen through his botnet GameOver ZeuS.1 At its height in 2012 and 2013, GameOver ZeuS, or GOZ, comprised between 500,000 and 1 million compromised computers all over the world that Bogachev could control remotely. For years, Bogachev used these machines to spread malware that allowed him to steal banking credentials and perpetrate online extortion.2 No one knows exactly how much money Bogachev stole from his thousands of victims using GOZ, but the FBI conservatively estimates that it was well over $100 million.

toplip - "the best place to hide something is right under your nose." toplip is our command line, very strong encryption and decryption utility with optional plausible deniability, image embedding, and multiple/variable passphrase complexity.

Feature Highlights

• Very strong encryption (XTS-AES256 based, possibly cascaded)
• Optional "plausible deniability"
• Optional image embedding/extraction (PNG/JPG)
• Optional multiple passphrase protection
• Simplified brute force recovery protection
• No identifiable output markers
• Open source/GPLv3
• Commercial support/training

There are numerous file encryption tools available on the market to protect your files. We have already reviewed some encryption tools such as Cryptomater, Cryptkeeper, CryptGo, Cryptr, Tomb, and GnuPG etc. Today, we will be discussing yet another file encryption and decryption command line utility named “Toplip”.

It is a free and open source encryption utility that uses a very strong encryption method called AES256, along with an XTS-AES design to safeguard your confidential data. Also, it uses Scrypt, a password-based key derivation function, to protect your passphrases against brute-force attacks.

A simple shell utility for encrypting and decrypting files.

Looking for a quick, easy, and secure method to protect your files? Well, there is a simple shell utility called “Cryptr” that helps you to encrypt and decrypt files. All from command line, and you...

The easiest way to start building decentralized blockchain apps.

• Get paid mining rewards if you build a popular app.
• Scale your app without limitations of the blockchain.
• Gain a competitive advantage by giving your users data ownership.

Sharing files can be a pain. The larger the file is, the more difficulty it inevitably creates. If you want those files kept private, you're in for a real nightmare. Well, not exactly.

Onionshare is a relatively new application that allows you to share files of any size securely and relatively anonymously over the Tor network without the need for a "midde-man" website. It's completely free and open source, and it's actually easy for anyone to use.

Master Password is a different way of using passwords. Instead of the "know one password, save all others somewhere" way of managing passwords used by regular password managers, Master Password's motto is "know one password, generate all the others".

At the North America edition of the 2018
Linux Security Summit (LSS NA), which was held in late August in Vancouver,
Canada, Kees Cook gave a presentation on some of the dangers that come with
programs written in C. In particular, of course, the Linux kernel is
mostly written in C, which means that the security of our systems rests on
a somewhat dangerous foundation. But there are things that can be done to
help firm things up by "Making C Less Dangerous" as the title
of his talk suggested.

Qubes is a security-oriented, free and open-source operating system for personal computers that allows you to securely compartmentalize your digital life.

The worlds most secure password for websites, games and private data. Researched and developed by leading encryption specialists in Europe

L1 Terminal Fault/Foreshadow explained in ~three minutes For a more detailed technical view of L1 Terminal Fault, please see this deeper dive with Jon Masters.

At the North America edition of the 2018
Linux Security Summit (LSS NA), which was held in late August in Vancouver,
Canada, Kees Cook gave a presentation on some of the dangers that come with
programs written in C. In particular, of course, the Linux kernel is
mostly written in C, which means that the security of our systems rests on
a somewhat dangerous foundation. But there are things that can be done to
help firm things up by "Making C Less Dangerous" as the title
of his talk suggested.

Mobile shell that supports roaming and intelligent local echo. Like SSH secure shell, but allows mobility and more responsive and robust.

10 Years Surveillance Systems and USB Cameras Designer

The Pentbox is a safety kit containing various tools for streamlining PenTest conducting a job easily. It is programmed in Ruby and oriented to GNU / Linux, with support for Windows, MacOS and ever…