Search Results

Search found 1485 results on 60 pages for 'encrypted'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 10/60 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • How do create an encrypted system with multiple Linux distributions?

    - by niels
    A few weeks ago I created a completely encrypted system on a notebook and must say I like the idea. It's a little bit annoying to enter the password on every boot, but it's nice to know even if I loose the computer I don't give my data to other people. With the alternate-cd it's easy to do. Now I have to setup a new system where I want to combine the new idea with my usual usage strategy. There I have more partitions: 3 system, Home, Different Data-Partitions for vm-data, photo-data and mp3-data. The background is that I prefer not to update a system. I prefer to install the new version parallel to the old system. So I can easily test it. Obviously the Data-Partitions are used for both systems. My questions is, how can I easily combine both my strategy and the crypto-approach? Or is it impossible. The way to do the crypted stuff by hand is in my eyes to complicated.

    Read the article

  • How do I rescue files from the encrypted home folder via live USB stick?

    - by Alexia
    I know, this has been asked and answered all over the internet already. However, I start feeling stupid, since the informations there are not helping me. Just this morning, I wanted to install the newest update to 13.10. After the download, when it came to the actual installing, the install program froze and didn't do anything for hours. At that time, I was still logged in. The computer was working and everything was accessable to me. However, I made the mistake and didn't immediately make safety copies of everything. Instead, I just rebooted. Long story short: My computer even fails to reset to a previous version via Grub. But I am able to boot from a USB stick and, after starting Nautilus, I see my home folder on the HD. I would now like to copy its contents onto an external harddisk. Problem 1: I have no rights to access the folder like that. Problem 2: It is encrypted. Problem 3: I don't know how to give myself the rights to access the folder nor do I know how to encrypt it. I assume that it might help that I still know these things: - my old login name - my old login phrase - a 32 characters long string of hexadecimal numbers that I copied to my list of passwords as "Ubuntu Encryption Code". I copied it digitally right after installing Ubuntu the first time and encrypting the home folder, so there won't be any typos. I am sure of that. The solutions that I saw so far, tell me that I need the "encryption phrase". But when I follow the instructions and use this phrase that I have in my list, I only get messages of denial. Can anyone help me through this special problem, please?

    Read the article

  • If attacker has original data and encrypted data, can they determine the passphrase?

    - by Brad Cupit
    If an attacker has several distinct items (for example: e-mail addresses) and knows the encrypted value of each item, can the attacker more easily determine the secret passphrase used to encrypt those items? Meaning, can they determine the passphrase without resorting to brute force? This question may sound strange, so let me provide a use-case: User signs up to a site with their e-mail address Server sends that e-mail address a confirmation URL (for example: https://my.app.com/confirmEmailAddress/bill%40yahoo.com) Attacker can guess the confirmation URL and therefore can sign up with someone else's e-mail address, and 'confirm' it without ever having to sign in to that person's e-mail account and see the confirmation URL. This is a problem. Instead of sending the e-mail address plain text in the URL, we'll send it encrypted by a secret passphrase. (I know the attacker could still intercept the e-mail sent by the server, since e-mail are plain text, but bear with me here.) If an attacker then signs up with multiple free e-mail accounts and sees multiple URLs, each with the corresponding encrypted e-mail address, could the attacker more easily determine the passphrase used for encryption? Alternative Solution I could instead send a random number or one-way hash of their e-mail address (plus random salt). This eliminates storing the secret passphrase, but it means I need to store that random number/hash in the database. The original approach above does not require storage in the database. I'm leaning towards the the one-way-hash-stored-in-the-db, but I still would like to know the answer: does having multiple unencrypted e-mail addresses and their encrypted counterparts make it easier to determine the passphrase used?

    Read the article

  • If attacker has original data, and encrypted data, can they determine the passphrase?

    - by Brad Cupit
    If an attacker has several distinct items (for example: e-mail addresses) and knows the encrypted value of each item, can the attacker more easily determine the secret passphrase used to encrypt those items? Meaning, can they determine the passphrase without resorting to brute force? This question may sound strange, so let me provide a use-case: User signs up to a site with their e-mail address Server sends that e-mail address a confirmation URL (for example: https://my.app.com/confirmEmailAddress/bill%40yahoo.com) Attacker can guess the confirmation URL and therefore can sign up with someone else's e-mail address, and 'confirm' it without ever having to sign in to that person's e-mail account and see the confirmation URL. This is a problem. Instead of sending the e-mail address plain text in the URL, we'll send it encrypted by a secret passphrase. (I know the attacker could still intercept the e-mail sent by the server, since e-mail are plain text, but bear with me here.) If an attacker then signs up with multiple free e-mail accounts and sees multiple URLs, each with the corresponding encrypted e-mail address, could the attacker more easily determine the passphrase used for encryption? Alternative Solution I could instead send a random number or one-way hash of their e-mail address (plus random salt). This eliminates storing the secret passphrase, but it means I need to store that random number/hash in the database. The original approach above does not require this extra table. I'm leaning towards the the one-way hash + extra table solution, but I still would like to know the answer: does having multiple unencrypted e-mail addresses and their encrypted counterparts make it easier to determine the passphrase used?

    Read the article

  • What is an efficient way to write password cracking algorithm (python)

    - by Luminance
    This problem might be relatively simple, but I'm given two text files. One text file contains all encrypted passwords encrypted via crypt.crypt in python. The other list contains over 400k+ normal dictionary words. The assignment is that given 3 different functions which transform strings from their normal case to all different permutations of capitalizations, transforms a letter to a number (if it looks alike, e.g. G - 6, B - 8), and reverses a string. The thing is that given the 10 - 20 encrypted passwords in the password file, what is the most efficient way to get the fastest running solution in python to run those functions on dictionary word in the words file? It is given that all those words, when transformed in whatever way, will encrypt to a password in the password file. Here is the function which checks if a given string, when encrypted, is the same as the encrypted password passed in: def check_pass(plaintext,encrypted): crypted_pass = crypt.crypt(plaintext,encrypted) if crypted_pass == encrypted: return True else: return False Thanks in advance.

    Read the article

  • Same Salt, Different Encrypted Password is not working? Using Linq to update password.

    - by Xaisoft
    Hello, I am running into a wall regarding changing the password and was wondering if anyone had any ideas. Here are the database values prior to changing the password: Clear Text password = abc1980 Encrypted Password = Yn1N5l+4AUqkOM3WYO7ww/sCN+o= Salt = 82qVIhUIoblBRIRvFSZ1fw== After I change my password to abc1973, salt remains the same, but the Encrypted Password changes which is supposed to happen: Encrypted Password = rHtjLq3qxAl/7T1GfkxrsHzPsNk= However, when I try to login with abc1973 as the password, it does not login. If I try abc1980, it logs me in. It is updating the database, is it caching the values somewhere? Any ideas?

    Read the article

  • How to convert ext3 partition to use encrypted file system without loosing data?

    - by User1
    My embedded Linux device have 2 partitions: small root partition containing OS. big data partition which uses ext3 I want to encrypt the data partition by using encrypted file system. I don't want loose any data of the partition. Size of the root partition is too small to hold all data of the data partition. It is not possible to use any external data storage. Is there any tools that can convert filesystem of the data partition from ext3 to encrypted fs without copying all files to other place?

    Read the article

  • Is there an encrypted write-only file system for Linux?

    - by Grumbel
    I am searching for an encrypted filesystem for Linux that can be mounted in a write-only mode, by that I mean you should be able to mount it without supplying a password, yet still be able to write/append files, but neither should you be able to read the files you have written nor read the files already on the filesystem. Access to the files should only be given when the filesystem is mounted via the password. The purpose of this is to write log files or similar data that is only written, but never modified, without having the files themselves be exposed. File permissions don't help here as I want the data to be inaccessible even when the system is fully compromised. Does such a thing exist on Linux? Or if not, what would be the best alternative to create encrypted log files? My current workaround consists of simply piping the data through gpg --encrypt, which works, but is very cumbersome, as you can't easily get access to the filesystem as a whole, you have to pipe each file through gpg --decrypt manually.

    Read the article

  • Is there an encrypted write-only file system for Linux?

    - by Grumbel
    I am searching for an encrypted file system for Linux that can be mounted in a write-only mode, by that I mean you should be able to write/append files, but not be able to read the files you have written. Access to the files should only be given when the filesystem is mounted via a password. The purpose of this is to write log files and such, without having the log files themselves be accessible. Does such a thing exist on Linux? Or if not, what would be the best alternative to create encrypted log files? My current workaround consists of simply piping the data through gpg --encrypt, which works, but is very cumbersome, as you can't get easy access to the file system as a whole, you have to pipe each file through gpg --decrypt manually.

    Read the article

  • Is it possible to create a full "encrypted worried about privacy" VPS, but still being externally us

    - by Somebody still uses you MS-DOS
    I've been reading a lot of things about privacy, "being in control of your data" and everything, and now a project called diaspora* is trying to be an OSS Facebook alternative. Fact is: you still have to use a server. Even if you use a VPS somewhere, they still have access do your data, so diaspora* isn't that protective shell people are looking for absolute power over your data unless you create a server on your basement. My question is: is it possible to create a really encrypted usable server using a VPS? From database to source files? If not, what it can be "obfuscated" or encrypted? (And just a mention, not really my question, do you think is diaspora* really possible to be made?) (I know if you really want privacy you shouldn't be even using these services and being social, but I'm asking if it's possible to at least avoid companies using your data)

    Read the article

  • How to handle encryption key conflicts when synchronizing data?

    - by Rafael
    Assume that there is data that gets synchronized between several devices. The data is protected with a symmetric encryption algorithm and a key. The key is stored on each device and encrypted with a password. When a user changes the password only the key gets re-encrypted. Under normal circumstances, when there is a good network connection to other peers, the current key gets synchronized and all data on the new device gets encrypted with the same key. But how to handle situations where a new device doesn’t have a network connection and e.g. creates its own new, but incompatible key? How to keep the usability as high as possible under such circumstances? The application could detect that there is no network and hence refuse to start. That’s very bad usability in my opinion, because the application isn’t functional at all in this case. I don’t consider this a solution. The application could ignore the missing network connection and create a new key. But what to do when the application gains a network connection? There will be several incompatible keys and some parts of the underlying data could only be encrypted with one key and other parts with another key. The situation would get worse if there would be more keys than just two and the application would’ve to ask every time for a password when another object that should get decrypted with another key would be needed. It is very messy and time consuming to try to re-encrypt all data that is encrypted with another key with a main key. What should be the main key at all in this case? The oldest key? The key with the most encrypted objects? What if the key got synchronized but not all objects that got encrypted with this particular key? How should the user know for which particular password the application asks and why it takes probably very long to re-encrypt the data? It’s very hard to describe encryption “issues” to users. So far I didn’t find an acceptable solution, nor some kind of generic strategy. Do you have some hints about a concrete strategy or some books / papers that describe synchronization of symmetrically encrypted data with keys that could cause conflicts?

    Read the article

  • Are there any Microsoft Exchange Clients for iOS and Android that store their local data in an encrypted manner?

    - by Zac B
    I don't feel like this is a product recommendation question, more of a "does this tech even exist and is it feasible" question, but if I'm wrong, feel free to give this question the boot. Context: Our company has a bunch of traveling employees who access the company's Exchange server via thier iDevices or android phones, but because of the data protection laws in the state where our company is based (and the nature of the data our company works with), a recent security audit found that all mobile devices (laptops, phones, etc) operated by our company need to have all company correspondence and related data encrypted all the time. For laptops, that was easy: BitLocker or TrueCrypt, problem solved. For phones and tablets, however, I'm stumped. Sure, you can put lock screens/passwords on the phones, but the data is still accessible via external extraction, as law enforcement authorities already know. Question: Are there any clients for Microsoft Exchange that run on iOS or Android which store local data encrypted? The people using our mobile devices do a lot of their work while offline, so just giving them OWA access with SSL connection security isn't enough. Are there apps/technologies that present an additional login credential prompt to decrypt locally stored data in the app's storage area on the phone? My gut reaction when I started looking into this was "that doesn't sound like something Apple would allow into the App Store", but I've been wrong before...

    Read the article

  • How to best convert a fully encrypted drive into a Virtual Machine?

    - by SiegeX
    I have a Windows XP laptop that uses GuardianEdge's Encryption Plus to fully encrypt the drive from bootup. What I would like to do is install a much larger (unencrypted) hard drive with Windows 7 on it and turn this fully encrypted drive into a Virtual Machine that can be ran in either Virtualbox or VMWare on the Windows 7 host. I've read many howto's that talk about using an imaging tool like Acronis True Image to image the drive then passing that through VMWare's VCenter Converter to turn it into a format that VMWare can understand. Unfortunately this seems to all far apart when you are dealing with a fully encrypted drive because Acronis cannot recognize the file system and attempts to do a sector-by-sector copy of the entire hard drive. This is extremely wasteful since the drive is 120GB but the file system is only using 10GB of that. Even if I were OK with going with an inefficient 120GB sector-by-sector copy, I'm not sure that this would even work under VMWare or Virtualbox. Unfortunately, the Guardian Edge boot-time login comes up only after the hard drive has been selected as the boot device; preventing me from being able to decrypt the drive prior to booting an Acronis True Image CD so that it can recognize the underlying file system. I'm sure I'm not the first person to want to do this but I am having a heck of a time finding solutions to this problem. All suggested/answers welcomed. Thanks

    Read the article

  • How can I make an encrypted email message into a .p7m file?

    - by Blacklight Shining
    This is a bit complicated, so I'll explain what I'm really trying to do here: I have a Debian server, and I want to automatically email myself certain logs every week. I'm going to use cron and a bash script to copy the logs into a tarball shortly after midnight every Monday. A bash script on my home computer will then download the tarball from the server, along with a file to be used as the body of the email, and call an AppleScript to make a new email message. This is where I'm stuck—I can't find a way to encrypt and sign the email using AppleScript and Apple's mail client. I've noticed that if I put a delay in before sending the message, Mail will automatically set it to be encrypted and signed (as it normally does when I compose a message myself). However, there's no way to be sure of this when the script runs—if something goes wrong there, the script will just blindly send the email unencrypted. My solution there would be to somehow manually create a .p7m file with the tarball and message and attach it to the email the AppleScript creates. Then, when I receive it, Mail will treat it just like any other encrypted message with an attachment (right?) If there's a better way to do this, please let me know. ^^ (Ideally, everything would be done from the server, but there doesn't seem to be a way to send mail automatically without storing a password in plaintext.) (The server is running Debian squeeze; my home computer is a Mac running OS X Lion.)

    Read the article

  • Can I enable discards on a LUKS-encrypted ssd drive in RHEL6 (and do I need to)?

    - by Dan Nestor
    I have a RHEL 6.4 workstation, running on a LUKS-encrypted LV residing on a SSD. I found RedHat documentation stating that dm_crypt does not currently support TRIM passthrough, however I also found other sources that state the opposite (albeit for other distributions) and even that discards are not needed for recent SSD drives which use some sort of automatic garbage collection. So: 1) Can I enable TRIM/discards with my setup? 2) Do I need to, for optimal disk performance? Thanks for your thoughts.

    Read the article

  • Is auto-logon on laptop with encrypted hard drive secure?

    - by Tobias Diez
    I have the complete hdd of my laptop encrypted (with the Windows built-in Bitlocker) and thus have to login two times upon booting (Bitlocker and user account). Since I'm the only person using the computer (and knowing the Bitlocker password), I was thinking about automatically login into the user account to make the boot process smoother and quicker. In which cases/scenarios is this a bad idea and the additional login gives a true additionally layer of security?

    Read the article

  • Are You Using Facebook with an Encrypted Session Yet?

    - by The Geek
    If you’re geeky and keep up with all the tech news, you probably already know that Facebook added an SSL feature, but for everybody else: You can make your Facebook profile more secure by turning this option on, and here’s how to do it. All we’re going to do is head into the Facebook profile settings and then check a box that forces the use of SSL encryption whenever possible. Easy Latest Features How-To Geek ETC Here’s a Super Simple Trick to Defeating Fake Anti-Virus Malware How to Change the Default Application for Android Tasks Stop Believing TV’s Lies: The Real Truth About "Enhancing" Images The How-To Geek Valentine’s Day Gift Guide Inspire Geek Love with These Hilarious Geek Valentines RGB? CMYK? Alpha? What Are Image Channels and What Do They Mean? Project M Brings Classic Super Smash Bro Style Gameplay to the Wii Now Together and Complete – McBain: The Movie [Simpsons Video] Be Creative by Using Hex and RGB Codes for Crayola Crayon Colors on Your Next Web or Art Project [Geek Fun] Flash Updates; Finally Supports Full Screen Video on Multiple Monitors 22 Ways to Recycle an Altoids Mint Tin Make Your Desktop Go Native with the Tribal Arts Theme for Windows 7

    Read the article

  • How can a Cisco Aironet wireless card connect to a WPA encrypted network?

    - by Aibara Iduas
    I have a Thinkpad T40 running Ubuntu 10.10. I want to connect to wireless networks with WPA encryption; they appear in the network list, but are grayed out. The card does support WPA, since it works in Windows. In 10.10 the wireless works just fine with unprotected and WEP networks, but cannot connect to any WPA networks. The card is a Cisco Aironet Wireless 802.11b. I've been reading a lot of forum posts trying to find a solution, but either encounter threads where no solution was found or answers longer apply (most date from 2007, since this isn't the newest of computers). Here is the output of sudo lshw -c network: *-network:1 DISABLED description: Wireless Interface product: Cisco Aironet Wireless 802.11b vendor: AIRONET Wireless Communications physical id: 2 bus info: pci@000:02:02.0 logical name: eth1 version: 00 serial: 00:02:8a:78:6a:44 width: 32 bits clock: 33MHz capabilities: pm vpd bus_master cap_list rom ethernet physical wireless logical configuration: broadcast=yes driver=airo latency=64 maxlatency=4 mingnt=4 multicast=yes wireless=IEEE 802.11-DS Thanks, any help would be greatly appreciated!

    Read the article

  • Do passwords used for .htaccess need to be encrypted?

    - by webworm
    I am using .htaccess files to control access to various Apache2 directories. I have a main "password" file that contains usernames and passwords. All the instructions I have found regarding .htaccess talk about how the passwords added are encrypted. The usernames and passwords are created using the following command line syntax ... htpasswd -nb username password What I am wondering is ... do the passwords always need to be encrypted? Could I store usernames and passwords in a plain-text form someonewhere on the system (above the web root)? This would allow me to easily edit user names and passwords via FTP without requiring access to the Shelll (which I do not always have). Thank you.

    Read the article

  • Can I decrypt an encrypted file even if someone modified it?

    - by kiruthika
    Warning: This question has been heavily edited. I tried my best to guess the original author's intentions. Please view the original version. I'm unsure on how to use the GPG command line tool, that we're using to encrypt files. File.txt is a simple text file: Testing hello world My security things. This is how I encrypt the file: gpg --symmetric File.txt This gives me a new, encrypted file: File.txt.gpg If someone else now modifies the encrypted file, I'm no longer able to decrypt it. $ gpg --decrypt File.txt.gpg gpg: no valid OpenPGP data found. gpg: decrypt_message failed: eof How can I get the content of my file, even though someone has modified it?

    Read the article

  • Connect to a DB with an encrypted password with Django?

    - by Liam
    My place of employment requires that all passwords must be encrypted, including the ones used to connect to a database. What's the best way of handling this? I'm using the development version of Django with MySQL at the moment, but I will be eventually migrating to Oracle. Is this a job for Django, or the database? Edit: The encrypted password should be stored in the settings.py file, or somewhere else in the filesystem. This is the password that will be used to connect to the database.

    Read the article

  • How can you use Windows Backup with a TrueCrypt encrypted backup destination?

    - by Burly
    Background There are numerous backup solutions out there for Windows and they come in many different forms. From a file copy and/or syncing tool like SyncBackSE to whole hard drive backup utilities based on Volume Shadow Copy like Acronis TrueImage or Norton Ghost to block level copy tools like dd. Each of these solutions offers different pros and cons versus the "Windows Backup and Restore Center" feature built-in to Windows Vista and Windows 7. I am not interested in discussing alternative backup solutions here however, as that has already been covered by numerous other questions. Contraints There are two "types" of backup supported by the "Windows Backup and Restore Center"(WBRC): - File backup (which Windows calls "Back Up Files") - Full System Backup (which Windows calls "Complete PC Backup) I am interested in a solution which supports either and/or both types of backup with WBRC. Questions How can you use a TrueCrypt encrypted mount point as the destination for the built-in "Windows Backup and Restore Center" feature in Windows Vista and 7? See-Also Volume Shadow Copy based backup that works with TrueCrypt References Backup and Restore Center Windows Vista - Backup and Restore Center Windows 7 - Backup and Restore Center

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >