Using a VM to poke around with updated #GPG from their repos and it offers hybrid post #quantum key types (ECC/Kyber) now with the following options for Kyber:

(1) Kyber 768 (bp256) *default*
(2) Kyber 1024 (bp384)
(3) Kyber 768 (X25519)
(4) Kyber 1024 (X448)

It's probably already available in Arch and its derivatives, but it probably won't hit the longer lived distributions like Debian or Fedora for a little while yet, but it's a thing now.

#Security #Privacy

#instagram eliminou a criptografia de ponta a ponta.
Evite esse aplicativo mesmo com criptografia. Quer mandar uma mensgem criptografada? Use #gpg .

https://stallman.org/archives/2026-mar-jun.html#2_June_2026_(Instagram_eliminated_end-to-end_encryption)

#spying #espionagem #evilcorp #eviltech #stallman

¿Cómo evita APT que te metan malware al instalar un paquete en Debian (y derivadas)? 🐧🛡️

No es magia, es criptografía asimétrica y hash.

En este video te explico a fondo cómo funciona la cadena de confianza, las firmas digitales y las llaves GPG que validan tus repositorios paso a paso.

Miralo acá:
🚀 https://youtu.be/6f2y_py7Kek

Ideal para SysAdmins y curiosos del hardening! 💻🔥

Espero que les guste y les sirva!
Cualquier duda, como siempre, me comentan 💬

#Linux #Ciberseguridad #GPG #SysAdmin

Happy Anniversary!

Released: 05.06.1991 (35 years)

Phil Zimmermann 10th anniversary message: https://web.archive.org/web/20220309030942/https://www.philzimmermann.com/EN/news/PGP_10thAnniversary.html
Phil Zimmermann 30th anniversary message: https://web.archive.org/web/20220820051001/http://philzimmermann.com/EN/news/PGP_30thAnniversary.html

#PGP #Encryption #E2EE #FreeSoftware #FLOSS #OpenSource #FOSS #SoftwareLibre #Privacy #InfoSec #CyberSecurity #OpenPGP #GPG #GnuPG #Linux #Proton #ProtonMail #Mailvelope #Thunderbird

A stupid question... If I change my GPG passphrase, will I still be able to decrypt all my previously encrypted files with the new passphrase?

#gpg #question #fediverse #security

I have been dragged into the rabbit hole of GnuPG/LibrePGP VS Sequoia/OpenPGP and, boy it is ugly. Yeah, yeah, I know, PGP is bad, but of all the ugly things that could have happened to the FOSS crypto space, this is really unwelcome. I wish people would just sit at a table and talk.

#pgp #gpg #sequoia #crypto #cryptography #security #foss #floss #libre #drama #ietf #privacy #openpgp #librepgp

Maybe it's too hot today and my brain isn't working. Can anyone with experience/insight into Forgejo and Gitea explain to me what the point is of the server signing commits (e.g. merge, initial commit, wiki etc.)? Maybe I'm missing something obvious, but the whole point of signing commits is as an authenticity check. If an attacker would gain access to a user's account that has the permission to trigger any of these actions, the signature mechanism does not allow differentiating between a legitimate and compromised commit. The only case I can think of where this might be useful is if someone would try to pass off an unsigned commit to look like it has been done by the server, whereas legitimate commits by the server have been signed. Without an option to block unsigned commits entirely this seems a bit like security theater though, if my threat model isn't entirely wrong. Thoughts?

#gitea #forgejo #gpg #signing