Skip to content

Instantly share code, notes, and snippets.

View alexrudd's full-sized avatar

Alex Rudd alexrudd

46 followers · 30 following
  • CCP Games
  • Glasgow
  • 18:43 (UTC +01:00)
View GitHub Profile
@cjyar
cjyar / pgp.md
Last active March 19, 2024 17:13
Secure OpenPGP Configuration

Discussion

You can have many different levels of security with PGP. For lots of people, keeping your master key on your computer is good enough, and it's better than no PGP at all. But this guide is my max-security PGP setup. Here are the threats and mitigations that I'm concerned with:

  • Quantum cracking: It's likely that someday people will be able to crack RSA and DSA keys using quantum computers. ECC keys are likely also crackable, but can be faster, shorter, and possibly more secure. There's some controversy about which type of ECC keys to use; I settled on Curve 25519.
  • Key reuse: It's a bad idea to reuse your encryption key for signing. (It's safe with current algorithms, but it
@joepie91
joepie91 / vpn.md
Last active June 28, 2024 09:27
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.