|
Antillie posted:When I need to encrypt something in Python before I write it to disk I use the simple-crypt module. Despite its use of PBKDF2 with a 256 bit random salt I still tend to use the SHA256 of some random phrase as the initial password. In my specific use case I am trying to protect data that a user might backup to some sort of external drive or dropbox account. So if the USB drive is lost or the dropbox account is compromised all the attacker gets is a pile of AES encrypted gibberish since the python program that contains the password is stored elsewhere and not backed up by end users. Your use case seems better suited for public-private key crypto rather than symmetric key like AES, and PGP already exists to do this for you.
|
# ¿ Nov 20, 2015 19:23 |
|
|
# ¿ May 7, 2024 03:50 |
|
Antillie posted:If I ever need to change things so that each user's data is encrypted with a unique key then I would certainly go with 2048 bit RSA and generate a unique public/private key pair for each user. However at the moment each user only has access to their own data in their home directly due to filesystem permissions and anyone with root can already see the data I am trying to protect anyway. Sorry, I misread your previous post and thought you were backing up the user data yourself.
|
# ¿ Nov 20, 2015 19:58 |
|
Three-Phase posted:100% sure it was an attachment. Using that to spread a JPEG exploit is possible but based on that CVE it only seems to work with certain software and much older OSes (Windows XP) but on the other hand I am sure throughout the world there are still tons of machines running poorly updated copies of Windows XP. Barracuda spam filters got a mention recently because they don't scan emails above 256kB by default, on the basis that spammers don't send emails bigger than that but scanning large emails is more resource intensive. I'm a sure a spammer using a botnet would be fairly happy to use up more of somebody else's bandwidth to get more emails through to inboxes though. So it might just be to add size to the email while using a file format that isn't suspicious itself.
|
# ¿ Mar 18, 2017 17:18 |