Tag Archives: Security

Testing the Waters: How to Perform Internal Phishing Campaigns

Phishing is one of the most dangerous threats to modern
computing. Phishing attacks have evolved from sloppily written mass email
blasts to targeted attacks designed to fool even the most cautious
users. No defense is bulletproof, and most experts agree education and
common sense are the best tools to combat the problem. more>>

Read More

KMail Bug Sent Encrypted Emails in Plain-Text — for 4 years

email security bugA KMail bug has inadvertently sent PGP encrypted emails in plain-text — for the past four years! A flaw in the ‘Send it Later’ feature, introduced in Kmail 4.11, allows users to schedule the time and date that emails are sent. Unfortunately, the feature was incompatible with the client’s OpenPGP implementation. This resulted in encrypted emails […]

This post, KMail Bug Sent Encrypted Emails in Plain-Text — for 4 years, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

Read More

Secure Text Editor EncryptPad Sees New Release

EncryptPad, a free, open source text editor for sensitive information, was updated to version 0.3.2.5 recently, bringing numerous bug fixes along with some minor new features.


EncryptPad

EncryptPad is a text editor that can be used to save private information, such as passwords, credit card info and so on, and access the files by using a password, key files, or both. It can also be used to encrypt binary files as well, like images or videos, etc. The application is available for Linux, Windows and Mac.
For a bit more about EncryptPad, see our initial article: EncryptPad: Secure Text Editor That Protects Files With Passwords, Keys, Or Both

Changes in EncryptPad 0.3.2.5 include:

  • in the File Encryption dialog, a radio button was added to select between EPD and GPG. Previously the user had to edit the extension manually to output to the GPG format;
  • there are now more properties in the preferences to control default encryption parameters: key file random sequence length, key file encryption properties, default file encryption properties (cipher, s2k, iterations, compression), the number of encryption keys to save or load without prompting the passphrase again;
  • the default number of iterations has been changed to 1015808
  • bug fix: if a decrypted passphrase-only EPD file contained less than 4 characters, the content was ignored and EncryptPad produced an empty file;
  • bug fix: when opening a plain-text file and saving it as encrypted, the encryption parameters did not reset to the default values but used the parameters of the last encrypted file;
  • bug fix: the encryptpad file command line parameter did not support non ASCII characters;
  • bug fix: when multiple EncryptPad instances were opened and preferences updated, the last instance overwrote the preferences changed in other instances on closing;
  • more.

A complete changelog can be found HERE.

Install EncryptPad in Ubuntu or Linux Mint

To make it easier to install EncryptPad in Ubuntu or Linux Mint, I’ve uploaded it to the main WebUpd8 PPA. Since security is very important for an encryption app, you may want to verify the PPA source integrity. The EncryptPad GitHub page explains exactly how to do this (but note that it’s for an older EncryptPad version, hopefully it will be updated soon).
To add the PPA and install EncryptPad in Ubuntu 16.10, 16.04 or 14.04 / Linux Mint 18 or 17, use the following commands:
sudo add-apt-repository ppa:nilarimogard/webupd8
sudo apt update
sudo apt install encryptpad encryptcli
If you don’t want to add the PPA, you can download the binaries from HERE (you’ll need both encryptpad and encryptcli).
To download the source, AppImage, Windows or Mac binaries (as well as the source), see the EncryptPad GitHub page.

Read More