Re: a bit off topic, how to find encrytped files (ransom attack)

[Karl Auer]

On Thu, 2022-08-04 at 18:58 +0200, Uwe Brauer via Gnupg-users wrote:
> How can I find say encrypted files in my home directory?

What an interesting exercise! Got me thinking. I'm a total crypto
ignoramus, so take all this with a grain of salt...

I don't think there is any truly reliable way, but a combination of ent
and a relevant expectation might work. For example, if you run ent on a
.txt file, you do not expect to see high entropy, so you would throw
that file up as suspicious. If you run file on a .jpg file, you expect
to see it identified as a JPEG file, so if it is not, you throw it up
as suspicious. Then you manually check files that your system has
identified as suspicious.

Another way to approach it would be to take hashes of all your files
and store the hashes securely (read-only!). You can then compare a
current hash with the known hash, and if the hash has changed, the file
has changed. This is not that good for frequently changing files, but
frequently changing files that are suddenly encrypted are probably
going to be very obvious.

And a third method would be a "canary" or two. Put some tasty-looking
files in your home directory, and regularly check them for changes. If
they ever unexpectedly change, you know to take action.

Anyway - if you come op with a good method, let us know!

Regards, K.

PS: I remember reading a while ago someone writing that as a
technological society advances, its communications become more and more
like random noise, because they will tend to be encrypted and
compressed. The writer was saying this might be one reason we haven't
found life out there - because we can't tell their transmissions apart
from random noise :-)

-- 
~~~~~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.au/kauer

GPG fingerprint: 61A0 99A9 8823 3A75 871E 5D90 BADB B237 260C 9C58
Old fingerprint: 2561 E9EC D868 E73C 8AF1 49CF EE50 4B1D CCA1 5170




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Announcing paperbackup.py to backup keys as QR codes on paper

[Karl Auer]

On Mon, 2020-09-14 at 08:16 -0400, bexnews--- via Gnupg-users wrote:
> import qrencode
> ImportError: No module named qrencode

You may need something like the python3-qrencode package.

Regards, K.

-- 
~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.au/kauer

GPG fingerprint: 2561 E9EC D868 E73C 8AF1 49CF EE50 4B1D CCA1 5170
Old fingerprint: 8D08 9CAA 649A AFEF E862 062A 2E97 42D4 A2A0 616D




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Enforcing password complexity for private keys

[Karl Auer]

On Tue, 2019-04-30 at 18:50 +0530, Cyaniventer wrote:
> On Tue, 30 Apr 2019 06:55:07 -0400
> David Milet  wrote:
> > We’re considering rolling out GnuPG at work for developers to sign
> > git commits.
> > [...]
> imo long term solution will be to tell them more about passwords and
> why choosing a good password is important.

Might also be worth asking yourself why you feel you need to sign git
commits. Also, if the people you are asking to sign with a GPG key are
not savvy enough or interested enough to choose good passwords (I
assume you mean good passphrases?) then you might have problems that
GPG won't solve.

Regards, K.

-- 
~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: 8D08 9CAA 649A AFEF E862 062A 2E97 42D4 A2A0 616D
Old fingerprint: A0CD 28F0 10BE FC21 C57C 67C1 19A6 83A4 9B0B 1D75



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users