Linux hobbyist, Machinist and tinkerer
Public Key 405B46E81DCCDB2B310DEF0DA5F0B998E8AC3752
- 5 Posts
- 63 Comments
You would need to know the whole key to know. If there are blocks missing you cant get anything from a key. And you would half to see in in real life to corelate my user alias to my real identity. Which i originally going to use a key that i have for online accounts (a key for steamy) But i then realized that would then have my online account linked to my real identity
It should be if there is chunks missing its unusable. At least thats my thinking, since gpg is usually a binary and ascii armor makes it human readable. As long as a person cannot guess the blacked out parts, there shouldnt be any data.
Kinda like binary if your missing bits of binary in a program it should be unreadable
–edit
im full of shit Its base64 and you can somewhat decode it
Yes im aware of how asymmetric encryption works. Theres a public and private key The public key encrypts the private decrypts. You make a web of trust off of signing others public keys verifying there identity.
I wanted a specific key pair for the hat for separation of online and in real life. I know you can’t learn much from an email, but still, Its my preference and it was i font that i liked and ended up picking. I understand it may not be your preference, please do not "yuck my yum’ there are BILLIONS of fonts out there and i picked the one i liked.
Which on a separate note, i originally made a hat patch with a public key but it was DSA 3036 (the max size key i dont know if thats the right number.) And i etched it on the leather, each letter was 0.04 of a inch and was basically unreadable. So i ended up going with the default gpg preset for ecc
From going do the rabbit hole with recently learning freebsd. Is that every good brand nvme ssd has a default password for hardware encryption and you can use certain software to change the default encryption key. However basically everywhere i read online said that hardware based encryption is rarely/never implemented correctly. So an attacker still can most likey retrieve data from the ssd, so basically software encryption will always be more bulletproof. Because people can steal your ssd or clone it and all data on it is useless without a header and key. If using full disk encryption, So basically software based encryption will always be alot harder to break than hardware encryption.
It depends on the model of the computer. I have personally librebooted a t440p thinkpad and although perhaps a usb controller can be reprogrammed. Id fine that highly unlikely, i had to buy a specific programmer, then realized the kind people on the libre boot form recommended a raspberry pi to program the ROM chips on the thinkpad. I then had to deconstruct the thinkpad to get acess to the 2 chips on the motherboard housing 2 firmwares. For the BIOs, i believe that it is highly unprobable for a usb port to re-program a usb HID device like a keyboard, mouse or camera. There a specific chips that are ESP programmers they are designed in a very particular way and exclusively are for programing and reading. Most chips are read only chips on USB devices for long jevity. And technically you can reprogram them, however you need an ESP programmer to connect to them and flash. And lets say theoretically you reprogram them with malware, it would be extremely hard to guess the manufacture of the usb controller chip as well as the layout of what pin does what. It was very complex to program an bios chip and certain models of computers have multible chip for certain things like firmware blobs. I think the artical is highly theoretical and never showed any real exploits being used in the wild. Im not an electronics engineer or anything but from what i know about playing with libre boot and arduinos it sounds unrealistic like 1995s hackers/watch dogs to reprogram usb bus’s with a built in usb bus.
“If a malware flashes a ROM then you buy their laptop and erase the hdd or ssd or buy a new hdd/ssd, then you flash coreboot to the computer. After all this the malware can still remain in the firmware and you would never know unless the malware makes itself obviously known by a ransom attack or stealing all your crypto or something.”
This is untrue, the previous owner can theoretically get a virus that if the virus takes advantage of architecture exploits or zerodays. It could install a malicious firmware blob within your bios. The odds of this a rather rare and would rather half to be a widespread issue with the chipset. Or a threat actor would need to know the exact firmware and model of your motherboard. Flashing a new bios or updating your bios clears the chip that stores your boot firmware.
Malware lives on storage, an ssd or hardive can harbor malware as an infected OS. Some malware can live in RAM, but ram is cleared on a power cycle. If you got a used laptop and you update the bios and reinstall your os your fine, the OS should have proper sandboxing and seperated permissons. The cpu being old in certain models can be mitigated with patches and bios updates. However newer also doesnt mean more secure, certain am4 cpus had architectural flaws. At pwn-to-own buch of hackers using zero days to unlock heated seats on a tesla without paying the stupid subscription because of the CPU flaw and ram buffers.
And if you want to get tin foil hatty. How do you know you werent man in the middled when you bought a laptop from a retailer. What if a bad actor installed or tampered with the new laptop you bought. And now is less secure than a second hand laptop because joe down the street doesnt care what you do with the laptop as long as he gets paid. Or vice versa, how do you know joe didnt install malware on the pc so he can sell your information on the dark web??
And realistically there are alot of an attack surface for any device. Lets say you have your laptop and sombody steals it. Your using LUKS full disk encryption right? Lets say you did for this example, your headers for decryption are plaintext on boot. So a threat actor can use brutforce to crack your disk. You can setup LUKS to have your headers on a separate disk that you take with you. Its the equivalent of taking away a lock and a key. So all the threat actor is left with is a door. I can go on for hours about potential attack surfaces, TPM, secure boot, Intel management engine, ISP’s, SSD’S vs HDD’s.
“Privacy and Security are a mindset not a tool, device or service”
Openwrt on my flint 2 With adgaurd/pihole I know its not technically an app, but lots of people forget there routers exist and are a very big security hole
You would not believe what my samsung tv pings
Tiktok (somehow came preinstalled)
Hulu(we dont have a hulu account)
Tubi(we dont use tubi)
Amazon(it seems to be for samsung tv plus)
I ended up blocking everything except amazon, samsung tv, and netflix on the dns level
Its also really good for stopping non power users (aka family member’s) from getting malware/phished
–edit fixed formatting
And that one other time the US goverment built a super computer out of Ps3’s (no im not joking)
https://www.warhistoryonline.com/war-articles/ps3-supercomputer.html
My theory is that apple wont let the developer share there code for IOS because of “security”
I remember an emulator (retro arch i think?) Got on ios at one point and was later removed because it showed apples file system layout. Which apples reason was “because it could be used to make malware for IOS”
I feel like there is some similar thing with signal IOS
im am aware its a test taking browser, im was making a joke