Murphy Mac - Screencasts and Tutorials » Page 'Security Posts'

Security Posts

Share

1PasswordMurphy has been thinking about security after discussing the previous post all over the Internet. In case you missed them, here are some security posts you might have missed:

Encrypting files from the command line. This is a quick and easy way to lock up a file tight. Not so great if you’re sending it to a Windows user though. You’ll also get started with making an interactive shell script.

Encrypting files using a widget. This post built on the command line method mentioned above. The widget supports drag and drop, just drag the file and hold onto it before invoking Dashboard.

Create an encrypted DMG. A screencast detailing use of Disk Utility to make a password protected secure DMG file.

1Password. This is a utility for storing the usernames and passwords you use all over the Internet. If you use the same credentials on every site you visit you should probably stop. This tool integrates fully with the OS X keychain and is easy to transfer from Mac to Mac.

Here’s another little tidbit: You can unzip a password-protected zip file using Terminal on your Mac. Open Terminal, type unzip followed by a space. Then drag the zip file from Finder onto the Terminal window and hit return. You’ll be prompted for the password and your file will be unzipped.

Note to Murphy Mac regulars: Murphy needs your help! Visit this link on Digg and Digg the story. Murphy could use the traffic. Thanks !

Help Murphy ! | Permalink

2 comments to “Security Posts”

  1. A quick thought I had – a combination of security and the previous retrieve-file-via-mail post:
    Only allow the file to be returned if the request is GPG signed (or encrypted). That way, it will *only* respond to your requests you have defiantly sent.

    It’s a little complicated. Basically you would make a passwordless key for mailmachine (the machine running the Mail script), and add your regular key.

    Then you would check the output of the gpg command confirmed it was “encrypted with 2048-bit ELG-E key, ID yourkeyid”

    Since it’d would require someone to both know about the system, have control of your email AND have control of your GPG key, it’s very secure.. You could even safely do command-execution as a kind of remote-shell (decrypt the message, execute the command)

    An example encryption/decryption session (sorry it’s a bit long):
    ### To encrypt

    [dbr@laptop:~]$ gpg -e -a -r “yourkeyid-or-name”
    Current recipients:
    2048g/71121E8G 2007-09-05 “mailmachine-key-name-or-ID ”

    get-this-filetxt[return]
    [ctrl+d]

    —–BEGIN PGP MESSAGE—–
    Version: GnuPG v1.4.7 (Darwin)

    hQIOA+Dz2gc1HvMuEAf5AWx/uvAZkc62wcQeMruP9uQtrbXGCix7j7L6/nLsUVoW
    […]
    qAwH9GwKY1jFFofomNTJ06ImSMIt8YUt4eGN
    —–END PGP MESSAGE—–

    ### And to verify

    [dbr@mailmachine:~]$ gpg
    gpg: Go ahead and type your message …
    —–BEGIN PGP MESSAGE—–
    Version: GnuPG v1.4.7 (Darwin)

    hQIOA+Dz2gc1HvMuEAf5AWx/uvAZkc62wcQeMruP9uQtrbXGCix7j7L6/nLsUVoW
    […]
    qAwH9GwKY1jFFofomNTJ06ImSMIt8YUt4eGN
    —–END PGP MESSAGE—–

    gpg: encrypted with 2048-bit ELG-E key, ID 71121E8G, created 2007-09-05
    “mailmachine-key-name-or-ID “

  2. Hi Murphy,

    Have you heard about the Priceton University test of disk encryption softwares?

    They talked a lot about Vista’s BitLocker, and at the end, looks like Apple’s FileVault does not share the same shortcomming.

    What do you think?

    Take a look:
    http://citp.princeton.edu/memory/

    Best Regards.

Leave a comment