more md formatting

This commit is contained in:
anarsec 2023-07-08 20:49:47 +00:00
parent b6bbc36b6f
commit 11986c34cb
No known key found for this signature in database
10 changed files with 237 additions and 88 deletions

View file

@ -20,9 +20,11 @@ A backdoor in software or hardware allows an unauthorized party to bypass access
An attacker who “simply” tries every possible key to access a service or decrypt a file uses “brute force.” This process is called a brute-force attack. More efficient computers make brute-force attacks more feasible. Modern cryptographic protocols are designed to force an adversary (not in possession of the cryptographic key) to spend (close to) as much time as it would take to try every possible key to break the code. The parameters of a good protocol are chosen so that this amount of time is impractical.
### Checksums / Fingerprints
Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been introduced. For example, when you download an operating system .iso file, a checksum will be listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like sha512 to create fingerprints. Essentially, this mathematical operation converts the 0s and 1s of the file into a unique "fingerprint". If a single 1 or 0 is changed, a completely different fingerprint will result, and it is often important to know whether a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g., in certificates or to verify [public keys](#public-key-cryptography) in general). [GtkHash](https://tails.boum.org/doc/encryption_and_privacy/checksums/index.en.html) is a program that allows you to calculate checksums without needing to use a command line interface.
### Command Line Interface (CLI)
The 'command line' is an all-text alternative to using the graphical 'point and click' tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Oftentimes, either a GUI or CLI would work and which you use is a matter of preference. For example, in [Tails](#tails), you can verify the [checksum](/glossary/#checksums-fingerprints) of a file with a GUI (the GtkHash program) or a CLI command (`sha256sum`).
[Tech Learning Collective's "Foundations: Command Line Basics" course](https://techlearningcollective.com/foundations/#foundations-command-line-basics) is our recommended introduction to CLI/terminal use.
@ -32,9 +34,11 @@ The 'command line' is an all-text alternative to using the graphical 'point and
CVE stands for “Common Vulnerabilities and Exposures”. It is a globally unique identifier for [security vulnerabilities](#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year included in the identifier is the year when the CVE ID was assigned, not the year when the vulnerability became publicly known.
### DDoS Attack
A DDoS attack (Distributed Denial of Service attack) tries to overload or crash services on the targeted system by sending a large number of requests from numerous sources. The goal of DDoS attacks is to affect the availability of a service or system, e.g., making a web server unreachable for web browsers.
### Digital Signatures
Digital signatures are based on [public-key cryptography](#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to validate the signature. Before a public key is used to verify a signature, its authenticity should be verified.
To learn more, [check out this video](https://invidious.sethforprivacy.com/watch?v=s22eJ1eVLTU&listen=false). For a more detailed look, see [Defend Dissent: Authenticity through Cryptographic Signing](https://open.oregonstate.education/defenddissent/chapter/cryptographic-signing/) or our [GPG explanation](/posts/linux/#gpg-explanation).
@ -186,6 +190,7 @@ Symmetric cryptography is the opposite of [public-key cryptography](/glossary/#p
Both parties need to be online simultaneously, in contrast to [asynchronous communication](#asynchronous-communication). This does not require any servers specific to the communication and is often referred to as "peer to peer".
### Tails
Tails is an operating system that makes secure and anonymous computer use accessible to anyone. Tails runs from a USB drive, and is designed to leave no trace of your activity on your computer, unless you explicitly ask it to.
Tails relies on the [Tor anonymity network](/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, the connection is automatically blocked for security.