Tag: openpgp

Qubes Tip: Making Yubikey OpenPGP smart cards slightly more usable

Posted December 1, 2016 in qubes openpgp

Qubes 3.2 has support for USB passthrough. This one feature has made Qubes so much more useful for me. It means that a wide variety of devices — from my laptop’s internal webcam, to plugging in smartphones to transfer data or do Android development — are finally supported. I used to have to use a separate non-Qubes computer for several tasks that I can now more conveniently and securely do within Qubes.

Continue reading →

Backdoored Linux Mint, and the Perils of Checksums

Posted February 20, 2016 in hackers linux openpgp security

Someone hacked the website of Linux Mint — which, according to Wikipedia’s traffic analysis report is the 3rd most popular desktop Linux distribution after Ubuntu and Fedora — and replaced links to ISO downloads with a backdoored version of the operating system. This blog post explains the situation.

Continue reading →

Usable Crypto Capture the Flag Challenge

Posted February 6, 2016 in hackers openpgp

Last week, during USENIX’s first Enigma conference, EFF hosted a small Capture the Flag hacking competition. I designed one of the challenges myself, entitled Usable Crypto. It requires you to use PGP as an attacker rather than a defender. It’s on the easy side, as far as CTF challenges go, and I think many people who have absolutely no hacking skills but some fumbling-around-with-PGP skills could beat it without too much trouble. And it might even demonstrate why verifying fingerprints really is rather important.

Continue reading →

Why I say Linux instead of GNU/Linux

Posted September 18, 2015 in drama linux openpgp

I’ve been writing a computer security column for the Intercept. In most of my columns I mention Linux. Even when it’s not directly relevant (though it often is), most of my columns are in the form of tutorials, and I’d like my tutorials to be equally useful for Linux users as they are for Windows and Mac users.

Continue reading →

How Mailpile can implement opportunistic PGP email encryption

Posted December 2, 2013 in crypto openpgp security

For those wanting to decentralize the Internet and encrypt all the things, Mailpile is a hot topic.

Continue reading →