pending anonymous user
Great to hear. TPM is totally usable if your threat model can tolerate the risk. Sadly Linux is a bit lacking support for TPM in FDE. You can try the Nitrokey with GPG method without pin I wrote in the other thread if you hit the wall. Good luck!
Here’s a guide if you want FDE with TPM: https://blastrock.github.io/fde-tpm-sb.html
If he uses TPM. I’m not aginst OP using it but he needs to understand the drawbacks. At least I hope he will.
By intercepting the key on hardware level
No. With FDE, an adversary can’t just trun it on and copy data unless there are some 0day on the login that allows exectuing arbitrary codes.
If you want some more convenience but don’t want to give up security, you can use hardware tokens like Nitrokey with GPG.
The process would be generate a random file using dd and /dev/urandom. Set this as the key for FDE. Encrypt it using your GPG and store it on /boot. Have a helper script to ask you plugin your Nitrokey and (optional) pin to decrypt the keyfile to have root decrypted. I had read this on some blog for dm-crypt so you will need to research and adopt to your setup.
They give up some security by gaining convenience and slightly better UX.
I can’t vet Apple’s security, but TPM isn’t a silver bullet either.
My point is metadata should be protected as content does. While IM platform needs to know which message should be delived to whom, they don’t need that after being delivered, nor have it profiled.
they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself.
You thought you’re safe and private when the content is encrypted? LOL, no. Metadata are much more useful to Facebook, and to the intelligence services.
“We Kill People Based on Metadata.” – General Michael Hayden, former Director of NSA and CIA
And most anti-cheates won’t play nice with VMs, unless you’re Nvidia.
Isn’t that already done when sending a signed email? Or other types of sent that I’m not aware?
Video upscale can be done with mpv and upscaling shaders. But for the exact config you need to go thorough the trial and error process.
I won’t recommend interpolation, especially AI as they tends to break artistic touches and generate weird artifacts.
You can. I’m not particularly familar with Thunderbird, but you can export your key to system/user keyring then you can sign any data you want using GPG. However, I doubt tool exists for you to embed the signature to a PDF like x.509 signing would.
https://superuser.com/questions/653231/embed-a-gpg-signature-in-a-pdf-file#1361205
Soon require your memory and thoughts to be logged as well
For whatever reason, ppl need SMS OTP. While Telegram is using SMS operators (like Twilio), it can’t covers all users globally (which the truth is more about cost and regulations), thus this program is born to cover (bypass) it.
It uses your number to sent the OTP code to random numbers on Telegram behalf, up to 150 per month including international SMS, where you bear the cost and aknowledging your number will be seen by who recieve it. In return, if your monthly send SMS reaches the quota, Telegram will reward you with a monthly Telegram Premium Subscription (which cost almost nothing to them).
What a joke program.
Edit: express in more clarity (they -> Telegram)
And need a paymemt gateway with a bank which can count as cloud.
Any company funded by VC with a privacy tag is a red flag.
Any thing using my data, leaving my device or not, without my explicit concent, or obtaining my concent by obscure means, is spyware.
So what’s your concern? I’m a bit confused.
The government’s move is in line with a recent policy that has targeted services with end-to-end encryption. A host of encrypted apps were blocked at the start of last year — including the likes of Threema, Element, Wickrme, and Safeswiss — and the government is going after WhatsApp to disable end-to-end encryption, although it isn’t clear how that would even work.
This is why GPG is still an important and valuable tool. You can use it on litteral anything and not relying on single point of failure. Paired with steganography no one will know the message even existed. Yet, not many are willing to learn nor support this anymore.
Edit: use of more conservative wording Edit 2: correct spelling
That I doesn’t know Ubuntu patches it out.