As advances in cryptography and technology move forward there is a chance that your once secure system may suddenly be relying on outdated (and perhaps now broken) algorithms or implementations. Some good examples of this in recent memory are the breaking of the MD5 hash algorithm and the constant problems plaguing the RC4 encryption cipher. When it comes to PGP it is well known that short keys, keys generated without good entropy to pull from or keys using outdated implementations and algorithms can be far less secure than you would hope they would be.

I recently came across a very good (albeit sort of old) post over at Chris Wellons’ null program blog about increasing the default protections on your stored PGP key. The short hand version is that gpg attempts to protect your PGP key from theft by encrypting it on disk so that if anyone gets access to your secret key file they still don’t immediately have access to your PGP key.

Similar to my previous post about forwarding browser traffic through an SSH tunnel, this time I’ll show you how to do it on Android even without root access. Please note that while I’m sure there are a few ways to accomplish this, the following is just one way that has worked for me. I’m also assuming that you already have an SSH server to tunnel your traffic through. Step 1: Install SSH Tunnel The first thing you’ll want to do is install an application that will actually create the SSH tunnel for you.

I came across a neat website, Hyperpolyglot, the other day that does a really good job of showing off the differences in various programming languages in a side-by-side way. So for instance you can see how to do the same sort of thing in C++, Objective-C, Java and C# all right next to one another. Take a look and compare your favourite languages here.

Came across pgp.asc a while back but finally got around to setting it up here. What is pgp.asc? From their website: What is pgp.asc? pgp.asc is an initiative to decentralize public PGP keys, making it easier to get an up to date and authenticated key. Sounds complicated? It isn’t: Just upload your public PGP key to your websites root folder and you’re good to go! So there you have it.

I have taken the time to create a GitHub repository for my old Hash Verifier software which you can now find here. I’ve even created different releases to reflect the evolution of the software as found on this website. Hopefully this will make it even easier for you to check out and play around with. GitHub repository link: https://github.com/tylerburton/hashverifier Version 0.1.0.0 (Original post) Version 0.2.0.0 (Original post) Version 0.3.0.0 (Original post)

Here are some of my recent posts from over at The Linux Experiment. Force Thunderbird/Enigmail to use a specific signing (hash) algorithm Set up KeePass Auto-Type on Linux Create a virtual hard drive volume within a file in Linux How to migrate from TrueCrypt to LUKS file containers Linux alternatives: Mp3tag → EasyTAG CoreGTK 2.24.0 Released! How to set a static IP address on Ubuntu 14.04 server (and others) Big distributions, little RAM 7

You may have seen something like this before. You go to download your favourite program SuperApp3000 and on the download page they provide you with hashes (usually MD5, SHA1, etc.) for each of the available files to download. Sometimes they even stress that you should verify that the file you downloaded matches the provided hash or that you should never trust anything you download without first confirming the hashesmatch. This is a prime example of people confusing file hashes with digital signatures and it needs to stop.

It has been almost four months since I made a complete switch over to the Linux operating system on my home computers. So how have I managed since switching and what problems have I run into? Am I ready to go back to Windows yet? To be honest the switch has been almost completely uneventful. In fact I wish it was more drama filled because then it would be good fodder for blog posts like this.

The initial version of CoreGTK, version 2.24.0, has been tagged for release today. Features include: Targets GTK+ 2.24 Support for GtkBuilder Can be used on Linux, Mac and Windows CoreGTK is an Objective-C language binding for the GTK+ widget toolkit. Like other “core” Objective-C libraries, CoreGTK is designed to be a thin wrapper. CoreGTK is free software, licensed under the GNU LGPL. You can find more information about the project here and the release itself here.