Monday, August 26, 2013

Using openssl to encrypt/decrypt text

Here's a simple example of using the Linux openssl command to encrypt typed text data into a file and then extract it back from the file afterwards. We'll use the AES-128 encryption algorithm for this example and ask openssl to base64 encode the encrypted data afterwards, so it can be happily stored in a text file.

First, let's encrypt a test string into the file /tmp/myEncryptedData.txt:

$ openssl enc -aes128 -a -out /tmp/myEncryptedData.txt
enter aes-128-cbc encryption password: your-desired-password-here
Verifying - enter aes-128-cbc encryption password: your-desired-password-here

This is the data I'm protecting ya know!


Note: To terminate the input type a couple of Ctrl-D characters.


Now, let's read the encrypted text from /tmp/myEncryptedData.txt and display the original string back:

$ openssl enc -d -a -aes128 -in /tmp/myEncryptedData.txt
enter aes-128-cbc decryption password: your-desired-password-here
This is the data I'm protecting ya know!


Cool, huh?

Wednesday, August 21, 2013

Privacy in the digital age

A favorite author of mine has posted an interesting perspective on privacy that's worth a read. The topic's been on my mind, too. I'll be adding some discussion about it ahead, too.

Thursday, August 15, 2013

I'm so happy someone else wonders about these things, too

It's occurred to me on multiple occasions that if a hacker or agent can spoof software update processes, they can easily gain complete control of an end user system. So far, no such exploits have been seen to my knowledge, though.

Anyway, here's a serious yet ultimately humorous discussion of potential software update system exploitation - and how it might perceptually relate to cloud computing.