Reserved Words

Anonabox - online security, privacy and anonymity

-
anonabox anonymity privacy security technology

The recent Kickstarter campaign for Anonabox proved to be insanely popular but ultimately unsuccessful after the campaign was suspended by Kickstarter. If you’re unfamiliar with it, it was a small network device that you could plug into an existing network connection and then either use the provided Wi Fi hotspot, or plug in another network cable all traffic routed through the device would go over Tor. The idea behind the device is to make it dead easy for people to use Tor holistically, prevent…

Read more

Opt-in secure email

-
email encryption security

After playing around with creating myself an OpenPGP compatible key and mucking around with sending / receiving some encrypted emails with some mates I’ve been thinking about a few things. The concept of email encryption isn’t new but it has never really taken off because the barriers to using it for everyday users are too great. I’ve ranted before about companies that send out emails with personal information that just shouldn’t happen. Now that companies are rolling out 2-factor authentication…

Read more

Send me a secure message

-
security

Following on from my most recent post with my public key, if you wanted to send me a secure message but don’t understand how to it’s going to be dead simple. Go to this page: https://keybase.io/encrypt#weharc Type in your message Click Encrypt Copy the contents of the dialog and send it to me in a normal email. That’s all. Of course this is only one-way – my reply would be in plain text unless you tell me where your public key is.…

Read more

My public key for secure messaging

-
encryption security

If you ever want to send me a secure message or file you can use my public key to encrypt the contents before sending it to me. My public key has been created and is listed in a new public directory called Keybase. You can find it here. It’s worth checking out Keybase as it looks like an interesting project to create a public directory and API for dealing with public / private key encryption. View my profile here.…

Read more

Storing passwords in a database? You’re doing it wrong

-
music security websites

It’s amazing that in this day and age there are still systems that store passwords in databases in clear text. Passwords should never be stored in a database, you should always store the result of a one-way encryption process known as a Hash (with some Salt!). If you store your users passwords in clear text in a database then you’re just asking for trouble. It’s only a matter of time before a disgruntled employee gets access and keeps a copy, or it gets compromised through other poor security pr…

Read more