Post AJC2KVktJceWnGUpgO by archit3ct@social.ssbx.dev
(DIR) More posts by archit3ct@social.ssbx.dev
(DIR) Post #AJBi4u2xEdBMPoE1pI by mike@fosstodon.org
2022-05-06T21:28:21Z
0 likes, 0 repeats
Hm, client is concerned a 4096bit PGP encryption key isn't secure enough. They want me to put the file into a password protected Zip file and then PGP encrypt it.Ummm, OK. 🙄
(DIR) Post #AJBiLuKnPziqEMg9y4 by ghost_letters@fosstodon.org
2022-05-06T21:31:25Z
0 likes, 0 repeats
@mike better send it base64 encoded!
(DIR) Post #AJBisQgoerCxqSUDBI by selea@social.linux.pizza
2022-05-06T21:37:17Z
0 likes, 0 repeats
@mike time for ECC
(DIR) Post #AJBmuCZ8XaZkR7zkCu by adamsdesk@mastodon.technology
2022-05-06T22:22:27Z
0 likes, 0 repeats
@mike Thanks for the good laugh 😄
(DIR) Post #AJBn5WLFM2a4xKtZ1E by pete@fedi.pimoore.ca
2022-05-06T22:22:40Z
0 likes, 0 repeats
@mike Good grief, are these people working for the Department of Defence or something?
(DIR) Post #AJBn5Ww78y4Ung90U4 by mike@fosstodon.org
2022-05-06T22:24:30Z
0 likes, 0 repeats
@pete Naw, nothing like that. Pharmaceuticals. You know, nothing that would matter if it ended up on the Internet or anything. 🙄
(DIR) Post #AJBnzOR1wFSIeOF5xQ by pete@fedi.pimoore.ca
2022-05-06T22:34:35Z
0 likes, 0 repeats
@mike Maybe it’s the chemical breakdown of their new drug that confers Superman-like powers to mere mortals?
(DIR) Post #AJC2KVktJceWnGUpgO by archit3ct@social.ssbx.dev
2022-05-07T01:15:13Z
0 likes, 0 repeats
@mike Here is a potential use case, let's say recipient of that information can't run PGP, so they involve their IT staff, but do not want them to see information, so 4096 bit key to cover transmission, and then simple zip pass to prevent IT from picking into it.
(DIR) Post #AJC4gCmejQJaEXnI1o by mike@fosstodon.org
2022-05-07T01:41:37Z
0 likes, 0 repeats
@pete Heh, that would be cool! Unfortunately, it's more likely to be someone's..... uhh..... "blood pressure medication"....
(DIR) Post #AJC4uKlXqpvj2m0luq by mike@fosstodon.org
2022-05-07T01:44:11Z
0 likes, 0 repeats
@archit3ct I sincerely hope it's something that reasonable.
(DIR) Post #AJC7hs8EmltKcmNJVg by splatt9990@fosstodon.org
2022-05-07T02:15:32Z
0 likes, 0 repeats
@mike "hah a 4096 bit RSA key!? Child's play. Oh no... No... It can't be. They put it in a zip file with a password! No technology on earth can crack this!" --the client imagining how it would play out (probably)You could always tell them (like *every* annoying VPN ad) that you're using "military grade encryption". It's technically true.
(DIR) Post #AJDDI2NgqmvLlXcwUK by ankitpati@mastodon.social
2022-05-07T14:52:48Z
0 likes, 0 repeats
@mike At least they’re not asking you to run a randomly changing Windows-only .exe delivered over plaintext HTTP, and duly flagged by 20 antivirus engines as ransomware.https://krebsonsecurity.com/2021/06/adventures-in-contacting-the-russian-fsb
(DIR) Post #AJDR7dXjk1EpC8GFdI by borisv@fosstodon.org
2022-05-07T17:27:49Z
0 likes, 0 repeats
@mike that’s awesome in purely grotesque ways
(DIR) Post #AJDdfWO43JKSIRf1v6 by mike@fosstodon.org
2022-05-07T19:48:24Z
0 likes, 0 repeats
@ankitpati Not so far anyway. :blobcatscared:
(DIR) Post #AJECHIuG1DvpvruGP2 by ankitpati@mastodon.social
2022-05-08T02:16:11Z
0 likes, 0 repeats
@mike At a former place of employment, this is exactly what we had to do to send large files to coworkers, because all sane file-sharing methods known to mankind were banned by policy (but not by technical controls, go figure) in the name of SeCuRiTaE!!!!Oh well. At least the sending and receiving Windows machines involved were company-issued.
(DIR) Post #AJF5kfaSGbA89TexJA by wswartzendruber@fosstodon.org
2022-05-08T12:37:46Z
0 likes, 0 repeats
@mike Use RSA-4096 for the public key algorithm, and then set the symmetric algorithm to NULL.