Search the Community

Salutations Hak5, I'm S0AndS0 a long time watcher (and big fan) of the various shows that have been made available by the Hak5 teem. What is shared here maybe thought of as a "tricky treat" for the holiday. https://github.com/S0AndS0/Perinoid_Pipes The above project has been documented in detail (because we've heard that the show hosts of Hak5 like that out of project authors) and as of latest local & remote tests is operating as expected. Simply put this project facilitates common encryption & decryption options of GnuPG via a named pipe (similar to anonymous pipes `|` but addressable via file path) and a customized listening loop that parses incoming data. Think of it as a *short-cut* for operations involving public key crypto; for example of normal encryption echo "some secret" | gpg -a -e user@email.host >> out.file And for comparison an example of encrypting via named pipe file echo "some secret" > /var/log/named.pipe This allows any service to utilize encryption by way of output redirection; logging daemons, web host logging, and/or your own custom services. So far three usage scenarios have been written but we're hoping that with this communities' help we can write at least two more together; perhaps a guide on using this tool with Rubber Ducky to automatically encrypt data off a target to either a second storage device or to the Ducky it's self. Notes for beginners; If you (the reader) are new or unfamiliar with encryption via GnuPG then ya may want to start with the documents in above code repo that begin with `Gnupg_` after coming to terms with the options available then check the script's help documentation via the following commands chmod u+x Paranoid_Pipes ./Paranoid_Pipes --help Use the output from above to modify your next commands, add `--help` at the end to check your settings prior to committing to them. Easy as pie. Notes for Moderators; If this has been posted in the wrong section please move or notify the OP's author to move it to the proper section. This tool has been shared with the this community in the hopes that readers will find it useful but without warranties of any kind. Notes for Show Hosts; If you wish to include this tool within a publication then you have permission, prematurely given, to utilize any of the tools found in the above code repository for either your own projects or for featuring the main project itself.

Hey, everyone! I recently joined the Keybase.io Alpha test. Hak5 has done 2 shows highlighting them so far. Social Encryption with Keybase.io, Hak5 1715 Easy File Encryption with Keybase - Hak5 1904 They also recently launched their own encrypted filesystem. Anyway, I have a handful of invites available and I wanted to share them here before anywhere else. Its one small way I can give back to a community who has taught me so much! Reply here and I'll PM you an invite.

After reading up on how Mailvelope works there *appears* to be (at least) one fatal flaw - if you use it with gmail, google automatically saves a draft of your email before you send it.... and I'm guessing that mailvelope does not take this in to account... ie, before you encrypt your message a draft of your unencrypted message is forever saved on google's servers and you're back to square one. Obviously in transit the message is ok but what if you don't want Google sniffing your personal emails for sales opportunities? Maybe Mailvelope does take this in to account and I am uninformed - can anyone talk intelligently regarding this?

Hi guys. After watching the eppisode on pgp encryption for email and taking notice of all the unlawful spying going on these days I have been using gpg to encrypt what mail I can.. However, I cant get anyone else to give a rats @$$ about it. So, this got me to thinking the best I can do is secure my own account. Like so many I have mail on a gmail server that will sit there prettymuch for ever incase I need it; much longer than 180 days for it to become public property. SO.. I have been trying to find a way to encrypt all the message already received and sent ect.. Its far to painful to manually use thunderbird to move messages to draft then edit/encrypt and move back to inbox. I tried the IMAP crypto.jar which should convert all stored IMAP messages. While this would be prefect, I can not get it to work; never connects. I was hoping that through some piping and what not there would be a way to use linux to download each messag, gpg only the body of the message then upload/replace the stored message OR resend it to myself. However, having only jumped off the windows ship receienty I do not seem to have the skills to make this work, yet. I have been able to use getmail to download all my emails into files, but I really would like to have it take the files as they come in and then resend the gpg version back to me all in one shot. Since you find joy on the shell can you tell me how I might make this happen? I want to download and take each file then copy the subject over to a new message, encrypt the body of the email only using public key, then send the subject with the encrypted body to myself. getmail > gpg "user key" and other crypto junk > coppy subject of email > append to> grep body-of-email > sendmail to meself ??????????? Thanks for doing what you do!