It’s that time of year again! Data Privacy Day! What follows after the jump is an aggregation of posts I’ve written about data security as well as a commentary on web-browsers and a how-to guide for using TOR safely.
But, inspired by a the comment “dude, truecrypt is dead” that I saw on IRC, I want to write a short statement about TrueCrypt. Now it’s no secret I’m a TrueCrypt fanboy so this will be a tad biased, but please hang with me.”
Since 2004, TrueCrypt has been the go to OTF encryption tool and has served probably millions of users (myself included). TrueCrypt had been in active development getting to version 7.1a when, on May 28, 2014, truecrypt.org displayed a very odd message warning of the insecurity of the software.
Because I have failed my duties as a blogger who not only aims to philosophical and religious discussions, but also posts about internet security and data privacy by not writing anything formal about the massive “Heartbleed” exploit in the openSSL protocol, I will provide the following videos if anyone is still interested.
So while it is too late for me to write a dedicated post (given the sheer number that exist), there are a few videos that are important for the layperson to see if they want to understand what “Heartbleed” actually is.
The next is a video by Lynda indicating what companies are doing to fix the exploit as well as what you should once a company has fixed the exploit (you can check to see if a company has fixed the exploit using this handy tool by LastPass):
And finally, a wise thing to do is to utilize a password manager (I explain them indepth here) and change them if needed. For instructions on how to use a password manager efficiently, please see my explanation here.