X_Cli @x_cli@infosec.exchange

#Secure Large File Decryption using #Linux, #Go and #Nacl

Decrypting large files that do not fit in RAM is a very old problem and unfortunately, there are no good solutions for them.
Streaming is certainly NOT a good solution.
In this article, I try to explain the challenges and I present a possible solution that I believe is secure, using a bunch of Linux syscalls and an excellent crypto library written in Go: Nacl.

https://www.broken-by-design.fr/posts/large-file-decrypt-en/

Déchiffrement sécurisé de gros fichiers, grâce à #linux

Je sais que le titre ne fait pas rêver, mais en réalité, chiffrer/déchiffrer des gros fichiers de manière sécurisée est beaucoup plus difficile qu'il n'y parait. J'ai mis des années à trouver cette recette, inspirée de mes échanges à l'ANSSI, mais aussi de mon expérience sur le terrain depuis.

Et quand je dis "grâce à Linux", je ne bluffe pas. C'est truffé de syscalls et d'astuces système :)

https://www.broken-by-design.fr/posts/large-file-decrypt/

Déchiffrement sécurisé de gros fichiers, grâce à #linux

https://www.broken-by-design.fr/posts/large-file-decrypt/

#Go #nacl

I just wrote a tiny Go library to decrypt large files with nacl/box.
The goal is to illustrate how to do it, more than provide a real library. Maybe I'll add support for box.Open, for instance.

I have a blog post (in French, at the moment) on the way to explain the reasons behind this library.

Obviously, this is only compatible with Linux and other compatible kernels.

https://github.com/X-Cli/large-file-decrypt

Reviews appreciated :)

#Go #cryptography

A few months ago, they told us to never get to the vaccination center more than 5 minutes before the appointment to limit the people you would cross path with. And now that we are facing Omicron, the most contagious of all the variants we have seen to this day, they ask us to queue for hours to get the vaccine. How dumb are they?

What blogging software do you recommend?

I am currently using a static site generator (hugo). While I appreciate it a lot, I am a bit frustrated by the workflow, because I cannot blog easily from my phone, or a chromebook, except if I setup an email hook, or something similar. I would love a simple solution to recommend to non-techies.
I considered Writefreely and @writeas_dev that are excellent, but it looks like the developer burned out 6 months ago and there are no activity since then 😣

Yes, I appreciate the irony of posting this on a microblogging platform.
I believe that unfortunately, a transition period is necessary for people to organize their departure of the microblogging platforms and to build a collection of feeds that we keep them informed once they are no longer fed automatically by the timelines.

Do you share that opinion? If not, I would love to read your opinion on this topic.

After a decade of social media and microblogging, I am now convinced that microblogging is no different than comment sections: a toxic environment full of people that have nothing meaningful, relevent nor positive to say.
I believe that to restore our mental health, to reduce the influence from political propaganda, conspirationism and other sources of misleading "information", we ought to avoid social media at all costs and go back to media that are more composed, thoughtful: full-blown blogs

Never heard about this before, but it looks like a good idea to me https://toneindicators.carrd.co/

/srs
#ToneIndicators

La presse n'est indépendante que si elle a des financeurs indépendants ou de profils variés (lecteurs ou mécènes).

@blast_info a besoin de votre soutien pour continuer d'exister. Ils sont dans la phase de recherche de stabilité financière.
À titre perso, je crois en Blast et a son utilité publique ; je suis abonné, et j'ai donné 360 euros en don (défiscalisable), soit l'équivalent de 5 abonnements de un an, en plus du mien.

Pourriez-vous contribuer si vous le pouvez ?

Je crois qu'il y a qqn qui a besoin d'apprendre ce qu'est l'effet Streisand. Quelqu'un a une copie du dessin, svp ?

Gilets jaunes : deux personnes interpellées à Paris après un dessin jugé «outrageant» contre Macron

Deux personnes présentes à la manifestation parisienne des «Gilets jaunes» ont été placées en garde à vue le 20 novembre en raison d'un dessin jugé «outrageant» mettant en scène Emmanuel Macron, le préfet de police et Joe Biden.

https://francais.rt.com/france/92829-gilets-jaunes-deux-personnes-interpellees-apres-dessin-outrageant-contre-macron

https://infosec.exchange/media/wiqLBeMkIcUi5zHxGDQ