"What can I use to encrypt my Linux filesystem?":

– LUKS/LVM supports full-disk encryption (and optionally 2FA)
– ext4 supports folder-based encryption
– eCryptFS/encfs are outdated/unmaintained
– GoCryptFS uses modern crypto but leaks metadata
– CryFS uses modern crypto and hides metadata but is slower than GoCryptFS

Thanks to Mr. Schumacher from Magdeburger Institut für Sicherheitsforschung

#linux #encryption #crypto #fde #cryfs #encfs #gocryptfs #ecryptfs #infosec #security #cybersecurity

"Don’t trust the locals: investigating the prevalence of persistent client-side cross-site scripting in the wild"

blog.acolyer.org/2019/04/10/do

Always sanitize the content fetched for local-storage before injecting it on any page.

The next-generation WiFi security protocol is already broken. Devices making use of it haven’t even been released yet. thehackernews.com/2019/04/wpa3

Mozilla plans to enable the FIDO U2F API for all Firefox users since U2F is more widespread than WebAuthn at the moment:

blog.mozilla.org/security/2019

– WebAuthn is an official W3C Recommendation for one month and offers more secure authentication
– FIDO U2F (Universal 2nd Factor) offers secure second factor authentication and is roughly the predecessor of WebAuthn
– Firefox 60 brings support for WebAuthn

#webauthn #u2f #firefox #authentication #infosec #cybersecurity #security

@progo

> I thought it was a horrible signal to naive users, to imply that this was a respectable thing to do.

This ^, other than having access to user's passwords (and all the power that comes with that knowledge), it being perceived as normal makes the life easier to malicious agents executing phishing attacks.

"Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem"

snyk.io/blog/malicious-remote-

Project's dependencies are an important attack vector.

Show more
Social feed

This is a personal and private instance.