[clue] simplifying linux/gpg encryption question?

Fri Aug 10 15:37:43 MDT 2012

Social engineering ~is~ hacking. In every-day life, it's how we humans, through politics and/or mob rule, steal one another's freedom away, and head blithely into a new dark age of fraternal hate, fear, and vain attempts at control. But enough of my Pollyanna attitude... 

Here's my advice. These three are inter-dependent, but if you take them all together, they'll cover you against 95% of the bad poo that can happen. 

1. Encrypt your entire home-folder. Your keys (and all the other things you care about) should live there. 
2. Password protect your keys. 
3. Take regular, ~unencrypted~ backups to a location that is not on the network. A USB drive in your basement that your wife and one trusted co-worker know about is perfect. 

-- 
David L. Willson 
Trainer, Engineer, Enthusiast 
RHCE Network+ A+ Linux+ LPIC-1 Ubuntu 
Mobile 720-333-LANS(5267) 

This is a good time for a r3VOLution. 

----- Original Message -----

> It might be a poor choice of words. Digital mortality, if you will? I
> took a job at a primarily UX/LX shop that uses certs/keys, rather
> then passwords to authenticate to the servers. But the computers are
> all laptops. It seems to me, the responsible thing to do if not
> using full disk encryption, is to AT LEAST encrypt my certs/keys.

> Since I've been around people who's primary job function is security,
> I get allot of security news, and talk of vulnerabilities and the
> like. Once you see someone show you how to crack a simple password
> in less then 60 seconds you tend to walk away with a slightly
> different understanding of the internet. So I'm trying to be more
> responsible both in terms of how I manage my own digital assets,
> both on and off the clock.

> Oh, and all the high profile hacks I've been hearing about in the
> news aren't helping. Couple weeks ago it was dropbox, then this last
> weekend it was the Mat Honan thing. Although from what I'm hearing
> that wasn't true hacking it was social-engineering the whole way,
> but that doesn't make it any less creepy. Granted, those of us with
> an interest in linux and foss probably aren't heavily associated
> with icloud, but I tend to have to walk the line for fear of never
> knowing which side of the operating-system border I'm going to end
> up on.

> Mike Bean

> On Fri, Aug 10, 2012 at 12:54 PM, David L. Willson <
> DLWillson at thegeek.nu > wrote:

> > What is your objective? You mentioned an increased awareness of
> > your
> > mortality, but I can't think of any way that encryption will help
> > you live longer, or noticeably better.
> 

> > --
> 
> > David L. Willson
> 
> > Trainer, Engineer, Enthusiast
> 
> > RHCE Network+ A+ Linux+ LPIC-1 Ubuntu
> 
> > Mobile 720-333-LANS(5267)
> 

> > This is a good time for a r3VOLution.
> 

> > _______________________________________________
> 
> > clue mailing list: clue at cluedenver.org
> 
> > For information, account preferences, or to unsubscribe see:
> 
> > http://cluedenver.org/mailman/listinfo/clue
> 

> _______________________________________________
> clue mailing list: clue at cluedenver.org
> For information, account preferences, or to unsubscribe see:
> http://cluedenver.org/mailman/listinfo/clue
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue/attachments/20120810/e6c82eb5/attachment.html 