2014-10-06
Shellshock
A new Bash vulnerability. Read up on it.
IRC
Get on it! More information next week.
- Server: irc.uwirc.com
- Port: 6667
- Channel: #greyhat
PGP
Pretty Good Privacy, used for email encryption among trusted people.
- Install Mozilla Thunderbird
- Ensure Google Apps is enabled for you UW account
- Ensure IMAP is enabled in your account settings
-
Configure Account
- Install GNU Privacy Guard
- Install Enigmail Thunderbird extension
-
Create a Key
-
Menu>Enigmail>Key Management>Generate Key Pair
- Passphrase: yes, you want one. No, you don’t want to forget it.
- Revocation certificate: Generate one! and save it somewhere else! (such as on a thumb drive or CD)
- Set key to expire within a certain time. One year recommended.
-
Upload your public key
- On Key Management, right click on your own key
- Click on Upload Public Keys to Keyserver
- Select pgp.mit.edu
-
Key Signing
- Used to verify that people are who they say they are.
- Verify someone’s identity and their Key ID before signing
-
How to do it using Enigmail:
- Go to Key Management>Keyserver>Search For Keys
- Enter a Key ID or Email of someone you know
- Select the correct person and import them to your Key Management list
- From Key Management, right click on their name and select Sign Key
- Click Keyserver>Upload Public Keys
- Regularly Refresh All Public Keys to check for revocations and signatures
Next week
-
Key-Signing party
- Bring your new key’s fingerprint
- Setting up AWS microinstance to be used for consistent IRC connection