|
|
@@ -54,6 +54,12 @@ If you wish to only use ssh keys then log in to the Freedombone and edit */etc/s
|
|
54
|
54
|
* Using Email
|
|
55
|
55
|
** A technical note about email transport security
|
|
56
|
56
|
Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are [[https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks][possible attacks against STARTTLS]] in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties.
|
|
|
57
|
+
|
|
|
58
|
+From http://motherboard.vice.com/read/email-encryption-is-broken:
|
|
|
59
|
+
|
|
|
60
|
+#+BEGIN_QUOTE
|
|
|
61
|
+The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor
|
|
|
62
|
+#+END_QUOTE
|
|
57
|
63
|
** Add a password to your GPG key
|
|
58
|
64
|
If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
|
|
59
|
65
|
|
Bob Mottram
9 gadus atpakaļ