Threads for Mirabellette

4

myfreeweb 1 month ago | link | on: Important principles in cybersecurity - 1

A lot of people recommended to store data in Google, Microsoft or Amazon cloud services. When you asked them about privacy, they just replied by encrypting it and it is ok. I am sorry, but it is not ok, not ok at all. Do you really think a file encrypted with nowadays technology could resisted in 5 years, 10 years or 20 years to the technology improvement?

I think it’s reasonable to assume that e.g. AES won’t be broken in 10 years. (and IIRC quantum attacks are against public key crypto, not symmetric.)

An actual concern with the cloud services would be trusting them to do server side encryption. Don’t :) This is a feature for compliance, when stuff “must be encrypted” but you don’t care about not trusting the service.
1. 1
  Mirabellette edited 1 month ago | link
  I read multiple papers who said it is very secure to use AES-256 for encryption and we are far, if I trust them to break AES-256. However, who could really know about that except except scientist or government agency?
  
  However, for me, when the task is not easy, mistakes could appears and expert needs just one weakness to break you in. It is not easy to encrypt something with the highest security parameter and using the best practice. You also need to have a correct management of the key which could be compromised.
  
  For example:
  
  encrypt it with low security parameter (small key size, not the best encryption algorithm chose)
  
  vulnerability or back door in the software which implement it
  
  during the key generation, entropy wasn’t big enough
  
  compromised system which encrypts the files
  
  And with time:
  
  increase of the power of computers
  
  improvement of technology
  
  improvement of mathematics

1

Mirabellette 3 months ago | link | on: Host your own Firefox booksmarks with syncserver

The website wasn’t accessible for one day. It is fix now, sorry for the disturbance.

2

whjms 5 months ago | link | on: Advertising domain name blocking with Unbound

Pretty nifty. Are automatic updates the main benefit of this over /etc/hosts?
1. 2
  
  Mirabellette 4 months ago | link
  
  Thank you!
  
  The main interest of this set up is that you can use your own DNS server with all your devices. That means configure it only once. If you want to do it on /etc/hosts, you have to do it for each of them. Sometime you can’t do it, for example on a non-root Android Smartphone

2

fs111 edited 5 months ago | link | on: Advertising domain name blocking with Unbound

I do the same with a raspberry pi and dnsmasq on my home network. I am not using pi-hole, since I am not a fan of these curl | bash installers + I do not need the web-interface.
1. 1
  
  Mirabellette 5 months ago | link
  
  I was thinking about Pi-hole for a time but I heard that it is not so clean that it looks like. Only install what you really need and it is better if you can exactly understand what it does.
  
  It is a good advice, thank you for sharing.

1

zge 7 months ago | link | on: Ubuntu 17.10 - tools and configuration

If you want a simple, easy and fast ebook reader for .epub files (.mobi sadly aren’t support), I can really recommend mupdf.
1. 2
  
  Mirabellette 7 months ago | link
  
  Thank you for your advice, however, I prefer Calibre which is on GPLv3 contrary to mupdf which is owned by Artiflex company.

1

friendlysock 7 months ago | link | on: Ubuntu 17.10 - tools and configuration

Miraki thinks this is malware-related (probably some dumb work setting), but also Firefox is kvetching about SSL.
1. 1
  
  Mirabellette 7 months ago | link
  
  Hello friendlysock,
  
  Could you please tell more about that by private message? How do you get the report?
  
  Thank you very much, Mirabellette