[ Index ]
[ Anonymity ]
[ Privacy ]
[ Security ]
[ Search ]
[ Feedback ]
Security: Index
Electronic privacy can usually be achieved by means of encryption. To
make sure that private communications or files are not accessed by
unauthorized persons, you have to make sure the line (or disk) is
secure for snoopers.
-
Security: Encryption: Encryption crackers
- There are many encryption programs out there, and several word
processors, editors and similar applications also have encryption
features built in. Due to various reasons (one of which is the US
ITAR export
regulation on encryption programs) their encrypted files can easily be
decrypted without the password.
-
Security: Encryption: Pretty Good Privacy
- PGP is a file encryption program which is generally considered unbreakable.
It is used extensively on the Internet, available for almost every platform
and is required for anonymous remailers. It
can also create digital signatures, which makes it easy to detect forgeries.
-
Security: Encryption: Disk encryption
-
While a program such as PGP is good to
encrypt e-mail or individual files, it is less useful to protect the
contents of your entire hard disk. Even if you never forget to re-encrypt
and wipe every file after use, editors and
other programs may leave temporary files behind. If you encrypt the
whole hard disk at once (similar to how Stacker or DriveSpace compress
it), you don't have to worry about that anymore.
-
Browser security problems
- Offers several programs (such as IEClean and NSClean) to get rid
of 'cookies' in browsers, as well as information on other browser
security holes.
-
SATAN - Security
Analysis Tool for Auditing Networks
- A popular tool to examine networks and services for potential
security problems. It has a large database of known security holes and
can try them all. This can be a great help to see if your network is
secure.
-
Security Protocols
- Covers topics such as IP security, SSL, S-HTTP, public
key cryptography and more. Very informative.
-
SSH - Secure Shell
- Secure Shell is a replacement for rsh, rlogin and telnet for
remote logins over insecure networks. It encrypts the communication
to the remote host, so a line snooper can no longer see the characters
you are sending. Also see the Secure Shell FAQ
-
UNIX Security FAQ
- A good introduction to security on UNIX multi-user systems. Covers
most frequently asked questions about this topic.
-
TrustedWeb
-
TrustedWeb protects Intranets from unauthorized access
using role-based access and up to 128-bit encryption.
-
Security: File wiping
- A normal "delete" does not actually erase files. The data itself
remains on the disk, it's just not part of a file anymore. By using a
wiper, the data is replaced with random junk first. This prevents
people with undelete utilities to get your erased files back.
-
Secure Split
-
This program divides a file into n pieces, such that any k of them are
sufficient to reconstruct the original file, but that k-1 pieces give
NO information about the original file (except its length). This can be
very useful if you want to save a passphrase or similar very sensitive
and important code somewhere without giving one person access to it. Now
all (or some of) the persons who have one piece have to work together to
reconstruct the original file.
-
Pass phrase FAQ
- An important aspect of security is to make up good, hard-to-guess
passwords. With the level of security that encryption can offer, the
easiest way to 'crack' an encrypted file is usually by guessing the
password. This FAQ helps you to pick a passphrase (or a password) in such
a way that it will be very hard to guess.
-
Crypto Law Survey (By B.J. Koops)
- In the interest of "national security", several countries have put restrictions on
the use of cryptography, or even the mere possession of such programs. This
survey lists the legality of cryptography in various countries.
-
International Cryptography pages
- A very big document listing a large number of cryptographic resources.
-
Crypto export cases
- The USA has export laws restricting the export of strong cryptographic
products. This site provides a list of cases where export controlled
cryptographic material was exported, and proves that these laws are
useless.
Last modified: 26 May 1997
Author: Arnoud "Galactus" Engelfriet
Comments: galactus@stack.nl
This document was generated with Orb v1.3 for OS/2.