Silk Road forums

Discussion => Security => Topic started by: LouisCyphre on August 27, 2012, 08:20 pm

Title: Cyphre Security Guides (master post)
Post by: LouisCyphre on August 27, 2012, 08:20 pm
Hello,
      This post is just a list of all my GPG or crypto guides in one easy to find location.  I will update it periodically when I add new ones and the guides will be listed in the most useful order (which is not the order they were written in).

The first section is the actual guides, the second is for useful stuff that doesn't really fall into that category and the third is for a few threads started by other users which I consider required reading.


*** The HOWTOs ***

GPG HOWTO: GPG Configuration - The gpg.conf file
http://dkn255hz262ypmii.onion/index.php?topic=34204.0

GPG HOWTO: Creating large keys and mixing algorithms (expert mode)
http://dkn255hz262ypmii.onion/index.php?topic=28474.0

GPG HOWTO: Backing up secret keys securely
http://dkn255hz262ypmii.onion/index.php?topic=28859.0

GPG HOWTO: Introduction to the GPG command line
http://dkn255hz262ypmii.onion/index.php?topic=35022.0

GPG HOWTO: Encrypting to yourself and a vendor, but concealing all recipients
http://dkn255hz262ypmii.onion/index.php?topic=29235.0

PrivacyBox HOWTO: Alternative to Privnote for address data
http://dkn255hz262ypmii.onion/index.php?topic=33117.0

GPG HOWTO: Compiling GPG 1.4.x to Support Larger Key Creation (advanced)
http://dkn255hz262ypmii.onion/index.php?topic=42923.0


*** Advisories and Applications ***

OpenPGP Advisory (PGP/GPG/etc. keys)
http://dkn255hz262ypmii.onion/index.php?topic=28350.0

GPGDropThing: GPG GUI for OS X
http://dkn255hz262ypmii.onion/index.php?topic=35310.0


*** Other important threads/posts ***

squidShepherd:  Welcome to the Security Subforum [READ THIS]
http://dkn255hz262ypmii.onion/index.php?topic=42094.0

Botulism:  Post PGP keys here
http://dkn255hz262ypmii.onion/index.php?topic=174.0

Guru:  Label your PGP/GPG Keys appropriately, please!
http://dkn255hz262ypmii.onion/index.php?topic=33566.0

Guru:  DO NOT USE BROKEN PGP SOFTWARE LIKE PortablePGP!
http://dkn255hz262ypmii.onion/index.php?topic=42253.0

Kind Bud:  PGP Basic Etiquette
http://dkn255hz262ypmii.onion/index.php?topic=1048.0

John Keats:  The Complete All-in-One Guide on How to Anonymously Use Silk Road
http://dkn255hz262ypmii.onion/index.php?topic=15383.0

Digital Alch:  Scrubbing MetaData from Images in Ubuntu - Security Lesson - V2.0
http://dkn255hz262ypmii.onion/index.php?topic=142.0

shepj:  GPG (Step-by-Step: Windows Pictorial)
http://dkn255hz262ypmii.onion/index.php?topic=131.0

kmfkewm:  command line gpg - easier than shit
http://dkn255hz262ypmii.onion/index.php?topic=42031.0

Pine:  PGP Club!
http://dkn255hz262ypmii.onion/index.php?topic=30938.0

Pine:  HOWTO: Pine's Tutorial on stopping LE malware with a virtual machine.
http://dkn255hz262ypmii.onion/index.php?topic=39320.0

BigEasy:  TorBirdy - Torifying Thunderbird & Icedove
http://dkn255hz262ypmii.onion/index.php?topic=39546.0

eJ3k1:  List of useful .onion sites
http://dkn255hz262ypmii.onion/index.php?topic=28725.0

wicked420:  External Site
http://p3lr4cdm3pv4plyj.onion/

wicked420:  GPG4USB guide  [EXTERNAL]
http://p3lr4cdm3pv4plyj.onion/gpg4usb/
Title: Re: Cyphre Security Guides (master post)
Post by: k141 on August 27, 2012, 10:24 pm
Quote
shepj:  GPG (Step-by-Step: Windows Pictorial)

no link.
Title: Re: Cyphre Security Guides (master post)
Post by: LouisCyphre on August 28, 2012, 11:55 am
Quote
shepj:  GPG (Step-by-Step: Windows Pictorial)

no link.

Thanks for that, it's fixed now.
Title: Re: Cyphre Security Guides (master post)
Post by: LouisCyphre on September 15, 2012, 03:47 am
Since these posts can also be useful elsewhere, here are the clearnet links for them.  Using Tor is preferable, but a TLS/SSLv3 connection may be the best of a bad situation sometimes:


Cyphre Security Guides (master post)
https://dkn255hz262ypmii.onion.to/index.php?topic=38861.0


*** The HOWTOs ***

GPG HOWTO: GPG Configuration - The gpg.conf file
https://dkn255hz262ypmii.onion.to/index.php?topic=34204.0

GPG HOWTO: Creating large keys and mixing algorithms (expert mode)
https://dkn255hz262ypmii.onion.to/index.php?topic=28474.0

GPG HOWTO: Backing up secret keys securely
https://dkn255hz262ypmii.onion.to/index.php?topic=28859.0

GPG HOWTO: Introduction to the GPG command line
https://dkn255hz262ypmii.onion.to/index.php?topic=35022.0

GPG HOWTO: Encrypting to yourself and a vendor, but concealing all recipients
https://dkn255hz262ypmii.onion.to/index.php?topic=29235.0

PrivacyBox HOWTO: Alternative to Privnote for address data
https://dkn255hz262ypmii.onion.to/index.php?topic=33117.0

GPG HOWTO: Compiling GPG 1.4.x to Support Larger Key Creation (advanced)
https://dkn255hz262ypmii.onion.to/index.php?topic=42923.0


*** Advisories and Applications ***

OpenPGP Advisory (PGP/GPG/etc. keys)
https://dkn255hz262ypmii.onion.to/index.php?topic=28350.0

GPGDropThing: GPG GUI for OS X
https://dkn255hz262ypmii.onion.to/index.php?topic=35310.0


*** Other important threads/posts ***

squidShepherd:  Welcome to the Security Subforum [READ THIS]
https://dkn255hz262ypmii.onion.to/index.php?topic=42094.0

Botulism:  Post PGP keys here
https://dkn255hz262ypmii.onion.to/index.php?topic=174.0

Guru:  Label your PGP/GPG Keys appropriately, please!
https://dkn255hz262ypmii.onion.to/index.php?topic=33566.0

Guru:  DO NOT USE BROKEN PGP SOFTWARE LIKE PortablePGP!
https://dkn255hz262ypmii.onion.to/index.php?topic=42253.0

Kind Bud:  PGP Basic Etiquette
https://dkn255hz262ypmii.onion.to/index.php?topic=1048.0

John Keats:  The Complete All-in-One Guide on How to Anonymously Use Silk Road
https://dkn255hz262ypmii.onion.to/index.php?topic=15383.0

Digital Alch:  Scrubbing MetaData from Images in Ubuntu - Security Lesson - V2.0
https://dkn255hz262ypmii.onion.to/index.php?topic=142.0

shepj:  GPG (Step-by-Step: Windows Pictorial)
https://dkn255hz262ypmii.onion.to/index.php?topic=131.0

kmfkewm:  command line gpg - easier than shit
https://dkn255hz262ypmii.onion.to/index.php?topic=42031.0

Pine:  PGP Club!
https://dkn255hz262ypmii.onion.to/index.php?topic=30938.0

Pine:  HOWTO: Pine's Tutorial on stopping LE malware with a virtual machine.
https://dkn255hz262ypmii.onion.to/index.php?topic=39320.0

BigEasy:  TorBirdy - Torifying Thunderbird & Icedove
https://dkn255hz262ypmii.onion.to/index.php?topic=39546.0

eJ3k1:  List of useful .onion sites
https://dkn255hz262ypmii.onion.to/index.php?topic=28725.0

wicked420:  External Site
https://p3lr4cdm3pv4plyj.onion.to/

wicked420:  GPG4USB guide  [EXTERNAL]
https://p3lr4cdm3pv4plyj.onion.to/gpg4usb/
Title: Re: Cyphre Security Guides (master post)
Post by: LouisCyphre on December 08, 2012, 03:44 am
Added wicked420's pages, even though they're on an external hidden service and not on the forum.
Title: Re: Cyphre Security Guides (master post)
Post by: astor on December 30, 2012, 01:01 am
This is a fantastic set of guides that has been buried in the forum, so for my 500th post, I'm bumping it.
Title: Re: Cyphre Security Guides (master post)
Post by: scout on January 16, 2013, 09:41 am
Well worth reading these, I agree, astor!
Title: Re: Cyphre Security Guides (master post)
Post by: Delta11 on January 16, 2013, 10:32 am
Good compilation, I'll be sure to add your thread to my FAQ thread.
Title: Re: Cyphre Security Guides (master post)
Post by: Wadozo on January 16, 2013, 01:37 pm
Is there any reason as to why these links are onion.to instead of just onion?  Before Guru left, he was going to look into this but he left before doing so. There are some trust issues with onion.to sites and he was vocal about using such links very cautiously until he had looked at them first. I'm just asking the question and am not trying to alarm anyone.
Title: Re: Cyphre Security Guides (master post)
Post by: scout on January 16, 2013, 09:09 pm
Is there any reason as to why these links are onion.to instead of just onion?  Before Guru left, he was going to look into this but he left before doing so. There are some trust issues with onion.to sites and he was vocal about using such links very cautiously until he had looked at them first. I'm just asking the question and am not trying to alarm anyone.

As LouisCyphre wrote:
"Since these posts can also be useful elsewhere, here are the clearnet links for them.  Using Tor is preferable, but a TLS/SSLv3 connection may be the best of a bad situation sometimes"

So, that's why he posted the .to links equivalent to the onion sites he linked to in the initial post.
Title: Re: Cyphre Security Guides (master post)
Post by: Oompaloompa on January 16, 2013, 09:16 pm
Thanks for posting these in one place Louis.
Title: Re: Cyphre Security Guides (master post)
Post by: Wadozo on January 16, 2013, 09:19 pm
Is there any reason as to why these links are onion.to instead of just onion?  Before Guru left, he was going to look into this but he left before doing so. There are some trust issues with onion.to sites and he was vocal about using such links very cautiously until he had looked at them first. I'm just asking the question and am not trying to alarm anyone.

As LouisCyphre wrote:
"Since these posts can also be useful elsewhere, here are the clearnet links for them.  Using Tor is preferable, but a TLS/SSLv3 connection may be the best of a bad situation sometimes"

So, that's why he posted the .to links equivalent to the onion sites he linked to in the initial post.

Thanks for clarifying this scout.
Title: Re: Cyphre Security Guides (master post)
Post by: whowhatwhere on January 18, 2013, 01:11 am
Wonderful, I'm adding this link to my sig if you don't mind.
Title: Re: Cyphre Security Guides (master post)
Post by: LouisCyphre on March 22, 2013, 09:49 am
Is there any reason as to why these links are onion.to instead of just onion?  Before Guru left, he was going to look into this but he left before doing so. There are some trust issues with onion.to sites and he was vocal about using such links very cautiously until he had looked at them first. I'm just asking the question and am not trying to alarm anyone.

As LouisCyphre wrote:
"Since these posts can also be useful elsewhere, here are the clearnet links for them.  Using Tor is preferable, but a TLS/SSLv3 connection may be the best of a bad situation sometimes"

So, that's why he posted the .to links equivalent to the onion sites he linked to in the initial post.

Yep.  Spot on.
Title: Re: Cyphre Security Guides (master post)
Post by: LouisCyphre on March 22, 2013, 09:50 am
Thanks for posting these in one place Louis.

No problem, though it was in part to make it easier for me when responding to other posts pointing to things I'd already covered.
Title: Re: Cyphre Security Guides (master post)
Post by: signal16 on March 22, 2013, 11:58 pm
do you mess with pgp2ecc at all?  not sure why it isnt more widely used, know any problems with it?
Title: Re: Cyphre Security Guides (master post)
Post by: astor on March 23, 2013, 12:51 am
Hey LC, can you add mine:  http://32yehzkk7jflf6r2.onion/gpg4usb/
Title: Re: Cyphre Security Guides (master post)
Post by: Copycats on March 23, 2013, 02:17 pm
bumping just in case I lose this thread link
Title: Re: Cyphre Security Guides (master post)
Post by: 1mIcedout on March 24, 2013, 12:20 pm
Great post...

Thank you very much for taking the time to put it all together.
Sometimes finding information on a certain topic / subject can be very time consuming.
This list has a heap of very helpful info sometimes overlooked, all in the one thread.

Cheers
Title: Re: Cyphre Security Guides (master post)
Post by: DivineMomentsofTruth on March 30, 2013, 09:03 am
Awesome. Thanks OP.
Title: Re: Cyphre Security Guides (master post)
Post by: railingcapz on April 09, 2013, 03:30 am
very very useful to have them concentrated in one thread. +1 OP
Any links to the best method for permanently deleting specific files, not wiping the entire hard drive?

EDIT: Seems deleting individual files is not recommended according to Astor.

Deleting individual files is unsafe because of filesystem journaling and defragging. Each file has almost certainly been written to multiple places on the disk and is potentially recoverable. The only NIST-approved method of secure file erasure, for example for destroying medical records before decommissioning a hospital computer, is offline and full disk. Boot DBAN or a Linux Live CD and do a single random write across the entire hard drive.