The Snowden revelations have thrown the surveillance climate wide open and some have suggested that the behaviour of the NSA has broken the web’s security model for everyone.
At the 30th Chaos Communication Congress [30c3] Nadia Heninger, djb and Tanja Lange delivered a brilliant talk about The Year in Crypto. Although there are some very technical sections I highly recommend that you watch it.
They cover a lot here.
In this talk it is clear that Commercial encryption software has become generally less secure in the current climate. The strength of open source encryption is that because it is open source many developers can review the code and find any backdoors that anyone is trying to add.
The bettercrypto.org site has a paper outlining practical ways to improve the way you use crypto both personally and in the software you create. It has recommendations and configuration for major web servers and best practice for using software.
If you are developing software for the web or value your privacy you should read it.
Have an update or suggestion for this article? You can edit it here and send me a pull request.
Using HashiCorp Vault with LDAP
How to use HashiCorp Vault to setup an LDAP backed secret store with read-only access for users in groups and read-write access for specific users
Linux and Unix xargs command tutorial with examples
Tutorial on using xargs, a UNIX and Linux command for building and executing command lines from standard input. Examples of cutting by character, byte position, cutting based on delimiter and how to modify the output delimiter.
Copy a file in Go
How to copy a file in Go. The ioutil package does not offer a shorthand way of copying a file. Instead the os package should be used.