Index ] [ Anonymity ] [ Privacy ] [ Security ] [ Search ] [ Feedback ] [ Index ] [ Anonymity ] [ Privacy ] [ Security ] [ Search ] [ Feedback ]

Security: Index

Electronic privacy can usually be achieved by means of encryption. To make sure that private communications or files are not accessed by unauthorized persons, you have to make sure the line (or disk) is secure for snoopers.


[+] Security: Encryption: Encryption crackers
There are many encryption programs out there, and several word processors, editors and similar applications also have encryption features built in. Due to various reasons (one of which is the US ITAR export regulation on encryption programs) their encrypted files can easily be decrypted without the password.
[+] Security: Encryption: Pretty Good Privacy
PGP is a file encryption program which is generally considered unbreakable. It is used extensively on the Internet, available for almost every platform and is required for anonymous remailers. It can also create digital signatures, which makes it easy to detect forgeries.
[+] Security: Encryption: Disk encryption
While a program such as PGP is good to encrypt e-mail or individual files, it is less useful to protect the contents of your entire hard disk. Even if you never forget to re-encrypt and wipe every file after use, editors and other programs may leave temporary files behind. If you encrypt the whole hard disk at once (similar to how Stacker or DriveSpace compress it), you don't have to worry about that anymore.
(+) Browser security problems
Offers several programs (such as IEClean and NSClean) to get rid of 'cookies' in browsers, as well as information on other browser security holes.
[=] SATAN - Security Analysis Tool for Auditing Networks
A popular tool to examine networks and services for potential security problems. It has a large database of known security holes and can try them all. This can be a great help to see if your network is secure.
[=] Security Protocols
Covers topics such as IP security, SSL, S-HTTP, public key cryptography and more. Very informative.
[=] SSH - Secure Shell
Secure Shell is a replacement for rsh, rlogin and telnet for remote logins over insecure networks. It encrypts the communication to the remote host, so a line snooper can no longer see the characters you are sending. Also see the Secure Shell FAQ
[?] UNIX Security FAQ
A good introduction to security on UNIX multi-user systems. Covers most frequently asked questions about this topic.
[=] TrustedWeb
TrustedWeb protects Intranets from unauthorized access using role-based access and up to 128-bit encryption.
[+] Security: File wiping
A normal "delete" does not actually erase files. The data itself remains on the disk, it's just not part of a file anymore. By using a wiper, the data is replaced with random junk first. This prevents people with undelete utilities to get your erased files back.
[*] Secure Split
This program divides a file into n pieces, such that any k of them are sufficient to reconstruct the original file, but that k-1 pieces give NO information about the original file (except its length). This can be very useful if you want to save a passphrase or similar very sensitive and important code somewhere without giving one person access to it. Now all (or some of) the persons who have one piece have to work together to reconstruct the original file.
[?] Pass phrase FAQ
An important aspect of security is to make up good, hard-to-guess passwords. With the level of security that encryption can offer, the easiest way to 'crack' an encrypted file is usually by guessing the password. This FAQ helps you to pick a passphrase (or a password) in such a way that it will be very hard to guess.
[=] Crypto Law Survey (By B.J. Koops)
In the interest of "national security", several countries have put restrictions on the use of cryptography, or even the mere possession of such programs. This survey lists the legality of cryptography in various countries.
(+) International Cryptography pages
A very big document listing a large number of cryptographic resources.
[=] Crypto export cases
The USA has export laws restricting the export of strong cryptographic products. This site provides a list of cases where export controlled cryptographic material was exported, and proves that these laws are useless.

HTML 3.2 Checked!
Last modified: 26 May 1997
Author: Arnoud "Galactus" Engelfriet
This document was generated with Orb v1.3 for OS/2.