• 1 Post
  • 53 Comments
Joined 1 year ago
cake
Cake day: August 11th, 2023

help-circle


  • Be aware, that trusted Certificate Authority (CA) configuration applies to ALL certificates issued by CA. Thus, if one elects to trust “actalis” CA, then they trust ALL actalis CA users.

    If the process of obtaining certificate was extremely simple, easy and did not involve identity verification steps, then bad actors can take advantage of this process and create identities that your client application will trust.

    By itself the bad actor identity is of little concern to anybody, but it can have a significant impact if trusted identity is used in spam filtering, exploits of email client bugs or other hack attempts. Trusted users may be given higher access privilege at the client application level, which may be just enough for hacker to gain required access. For example, client application may be configured to trust all trusted senders with MIME attachments. An unknown trusted user sends malicious Application as file attachment. Accidental double click lunches the application without “are you sure?” prompt. Congratulations, machine is pwned.

    The problem is easily mitigated by not importing root CA for easy CAs.


  • What I take issue with actalis, is that they don’t just sign your private key but you actually get the private key from them. It then depends on how much you trust the issuer.

    By definition, that key can no longer be considered “private”.

    It is very important to emphasize that the key in this model is not “private” anymore. Thus, all the communication using this key is not secure anymore.

    Private key is the one generated by hardware owned by the user and immediately secured with strong password. Ideally, private key does not leave the hardware that generated it. Thus, every device shall have its own private key.

    In less restricted model, private key gets copied by the user to other hardware using media like USB stick or P2P communication model that does not use cloud services.


  • Yes, it exists.

    S/MIME requires the receiving side to have its own certificate or, to be more correct, a private key represented by the certificate. The recipient’s certificate needs to be known to the sender. The sender’s certificate needs to be known by the recipient. That’s why S/MIME is not used. It requires configuration on both sides, before it can be used.

    Most people don’t know how to obtain certificate and configure email client with it or don’t bother to obtain certificate even if they know. The same problem exists if PGP is used, even if it is a bit different.

    I will cover S/MIME and PGP because of similarities.

    S/MIME or certificate based solution is supported by many clients, so it is easier on end user than PGP. S/MIME is part of the specification, that’s why good email clients have built-in support. S/MIME problems are all around certificate management: how to obtain certificate (free or not), how to import certificate, how to trust certificate, how to import trusted root of the certificate.

    It is easier to manage keys for free in PGP. PGP has no protocol level support in email clients, so it requires additional handling of underlying content. In effect PGP encrypted messages are injected into text message or sent as email attachments. In both cases PGP content has to be handled by external application (PGP encrypted text or image) or email client specific plug-in.

    The technology is very old for both cases. It has not caught on due to friction of key management for both technologies. PGP has additional problem of content handling.

    S/MIME is perfect if you want to communicate with family or friends as you can ensure everyone in your circle has their own private key. Even in this narrow case, I guarantee you will experience some friction to get this through.

    Organizations can have it easier as they can issue certificates to their users. But then problem of trusted certificate authority comes into play, if they use their authority (every email client or OS running this email client has to import new Trusted Certificate Root, that is hard at ORG level and it gets worse when they have to tell their outside contacts how to work with them). If they use well known authority, they avoid Trusted Cert Root problem, but they have to pay for every user certificate.

    So, you can see how there’s friction in S/MIME solution. IMO, S/MIME is a good solution, but friction made it unrealistic in major use cases.

    At this point I recommend Delta Chat. I am not involved with it. I just like what I see. It is uses PGP technology. In the end it is looks like a modern P2P chat application with all the expected Chat functionality, but it is actually an email client sending PGP encrypted messages over email. Delta chat solved private key creation using built-in key generation. Public key exchange is solved via key exchange protocol. The problem of content attachment is solved by the application itself. Take a look at articles about it https://delta.chat/en/references

    Signal vs Delta Chat. Signal metadata exposes your contacts and probably your time of contact. With Delta Chat you get the same level of meta data exposure: your contact and time of contact are in the open, because underlying protocol is email.

    S/MIME protections. S/MIME keeps the same metadata in the open: contact and time of contact. That’s because S/MIME protects the payload (message body), not the email protocol headers.

    I might be a bit off on how PGP or S/MIME is passed around at SMTP headers level, but overall meaning shall stay the same.



  • Signal runs a service. Even if its source code is open source there’s no guarantee that that’s the code running on the server.

    I don’t know the protocol, but I am concerned of man in the middle and how safe it is from man in the middle. In this case signal servers must be considered to be man in the middle.

    The only system to trust is peer to peer with proven track record of sending encrypted data over public channels.

    That’s PGP and Delta Chat utilizing PGP.




  • I own old Chromebook.

    Chromebook software updates are not forever.

    It is my understanding that some Chromebooks might be locked in such a way that installation of Linux might NOT be an option or the might be a high chance of bricking the device.

    At least that was the case with my Chromebook.

    So, once OS updates are unavailable, the machine might become a weak link from security standpoint or stop running some software.

    Chromebook is still a great option, but be careful with very old ones.




  • Kualk@lemm.eetoLinux@lemmy.mlSwitching back to Windows. For now.
    link
    fedilink
    arrow-up
    2
    arrow-down
    2
    ·
    3 months ago

    Dedicated gaming machine or dual boot is a way to go.

    I played steam on Arch and one update of OS and game stops working.

    Despite claims, Windows gets better outcomes. I played a lot of World of Tanks Blitz and the same hardware on Linux was significantly lower graphics quality and FPS compared to Windows.







  • Installer is a big part.

    2nd biggest part is how system is configured.

    Debian is not afraid to create its own version of default configuration. Take some mail software as example.

    Arch on the other hand is most likely just going to ship original application configuration.

    Debian might be nice and easy, until configuration change is necessary. Suddenly, original application documentation doesn’t apply. Debian documentation may be obsolete or absent. And that is the beginning of reading all of the configuration files. Normally, it is not a problem until something like email system configuration is necessary.

    That’s when Arch philosophy of making fewest changes to software comes to shine. Original documentation usually works and applies well.


  • Years ago major upgrades and to lesser degree even minor upgrades made me to give up trying to keep installation running. I don’t even remember if it was Red Hat or Debian.

    Eventually I realized, that I like running newest version of Desktop and I ran into cases of getting frustrated with lack of newer versions, which had fixes for issues I ran into. Then I realized that best wiki was not a snapshot distribution.

    In the end I tried rolling distribution and remain happy for years.

    Debian or derived distribution is easiest to get google help for and it is the simplest choice for me, when running on the cloud.

    Although, Alpine is pushing through containers quite forcefully.