Key point: this isn’t (just) about PGP or SMTP, it’s email as a whole system:
Even after we replace PGP, encrypted email will remain unsafe. Here’s why:
- If messages can be sent in plaintext, they will be sent in plaintext.
- Metadata is as important as content, and email leaks it.
- Every archived message will eventually leak.
- Every long term secret will eventually leak.
Dans cet article, nous allons voir comment craquer une archive chiffrée protégée par un mot de passe en utilisant :
- L’attaque à clair connu de Biham et Kocher sur des archives Zip (PKZIP) basées sur la méthode de chiffrement ZipCrypto Store (peut être étendu à ZipCrypto Deflate).
- Une attaque classique par liste de mots sur d’autres archives chiffrées telle que les archives Zip (WinZip) basées sur la méthode de chiffrement AES (128,192,256), 7-Zip ou encore RAR.
Pour réaliser cette attaque, il faut au moins 12 octets de texte en clair connu et au moins 8 d’entre eux doivent être contigus. Plus le texte connu contigu est grand, plus l’attaque est rapide.
git-remote-gcrypt is a git remote helper to push and pull from repositories encrypted with GnuPG, using a custom format
Supported backends are local, rsync:// and sftp://, where the repository is stored as a set of files, or instead anywhere gcrypt will store the same representation in a git repository
The aim is to provide confidential, authenticated git storage and collaboration using typical untrusted file hosts or services.
Tested: it works fine and is very easy to setup:
git remote add gitcrypt gcrypt::git@...
git config user.signingkey ...
git config gcrypt.participants ...
git push gitcrypt master
To encrypt only SOME files in a git
repo, better look at git-crypt
Détail des informations stockées dans le QR Code du pass vaccinal européen
#!/usr/bin/env python3
import sys
import zlib
import pprint
# Modules tiers (Pillow, Pyzbar, base45, cbor2)
import PIL.Image
import pyzbar.pyzbar
import base45
import cbor2
img = PIL.Image.open("qrcode.png")
data = pyzbar.pyzbar.decode(img)
cert = data[0].data.decode()
b45data = cert.replace("HC1:", "")
zlibdata = base45.b45decode(b45data)
cbordata = zlib.decompress(zlibdata)
decoded = cbor2.loads(cbordata)
print("Header\n----------------");
pprint.pprint(cbor2.loads(decoded.value[0]))
print("\nPayload\n----------------");
pprint.pprint(cbor2.loads(decoded.value[2]))
print("\nSignature ?\n----------------");
print(decoded.value[3])
- HTTP/2
- TLS 1.3
- DOH: DNS over HTTP
- QUIC: a candidate replacement for the TCP protocol
since Google has already deployed QUIC in the Chrome browser and on its sites, it already accounts for more than 7% of Internet traffic.
Also mention this creepy & fascinating attack : http://codebutler.com/firesheep
Instant messaging with many features: voice and/or video calls, screen sharing, file sharing, group chat
Encrypted, open-source
"Tox has no central servers that can be raided, shut down, or forced to turn over data — the network is made up of its users"
Another interesting simple solution, using JS atob base64 decryption function: https://stackoverflow.com/a/41408157/636849