Friday, November 03, 2017
I've been doing a lot of crypto stuff lately.
When I say 'a lot' I do mean literally hours upon hours of internet research and reading which then turns into hours of practical experimentation. Sometimes I just get it and sometimes what I'm reading makes no sense at all so I have to break things down and take baby steps.
The latest problem I've been working on is how to, without an air-gapped machine, write a text file, encrypt it and then send it to a desktop machine for further processing. So far I can do that. The vulnerabilities are plain to see. I could be hacked on any network. There could be a key-logger installed on the first machine which compromises everything. Or maybe my end machine could be monitored. Where there's a will there's a way.
Unless someone is actually on my case I've come up with a reasonably secure method which involves the use of SSH. I can switch my Android phone into Aeroplane Mode, write and encrypt and then send by SSH to a machine anywhere in the world once back on the network.
Of course there's still work to do. I can build upon my security which at the moment is OK but not great. The nice thing is that having started this I know where to look and I'm a little wiser to the terminology.
I'm not quite there yet.