Encrypted

Encryption is a way to encode data so that people that might intercept it can't decipher the original message (often called the "plaintext").

End-to-end encryption is the best, because there need be no trusted intermediary.

Some software projects are always fully end-to-end encrypted. Examples include NNCP[1], Syncthing[2], Yggdrasil[3], and Gemini[4].

For more on encryption, see:

• OpenPGP tools:

* GnuPG (GPG)[5]

* Sequoia PGP[6]

• Age (Encryption)[7]
• signify[8] (not encryption, but cryptographic authentication)
• Signal messenger[9]

--------------------------------------------------------------------------------

Links to this note

• Easily Using SSH With FIDO2/U2F Hardware Security Keys[10]

A lot of new hardware security keys (Yubikey, Nitrokey, Titan, etc.) now support FIDO2 (aka U2F aka Webauthn aka Passkey; yes it's a mess).

• Why You Should (Still) Use Signal as Much as Possible[11]

As I write this in March 2025, there is a lot of confusion about Signal messenger[12] due to the recent news of people using Signal in government, and subsequent leaks.

• Signal Messenger[13]

Signal messenger is an end-to-end Encrypted[14] instant messaging app for phones and desktop. Among such apps, it has one of the strongest security models[15] available. The EFF has written about Signal[16] and how little data they can collect and divulge.

• Easily Accessing All Your Stuff With a Zero-Trust Mesh VPN[17]

Probably everyone is familiar with a regular VPN. The traditional use case is to connect to a corporate or home network from a remote location, and access services as if you were there.

• Using Yggdrasil as an Automatic Mesh Fabric to Connect All Your Docker Containers, Vms, and Servers[18]

*An older version of this is also available on my blog[19].*

• Building an Asynchronous, Internet-Optional Instant Messaging System[20]

I loaded up this title with buzzwords. The basic idea is that IM systems shouldn't have to only use the Internet. Why not let them be carried across LoRa radios, USB sticks, local Wifi networks, and yes, the Internet? I'll first discuss how, and then why.

• Dar[21]

dar is a Backup[22] and archiving tool. You can think of it as as more modern tar. It supports both streaming and random-access modes, supports correct incrementals (unlike GNU tar's incremental mode), Encryption[23], various forms of compression, even integrated rdiff deltas.

• Gnupg (GPG)[24]

GnuPG (also known by its command name, gpg) is a tool primarily for public key Encryption[25] and cryptographic authentication.

• Introduction to Filespooler[26]

It seems that lately I've written several shell implementations of a simple queue that enforces ordered execution of jobs that may arrive out of order. After writing this for the nth time in bash, I decided it was time to do it properly. But first, a word on the *why* of it all.

• Encrypting Filespooler Jobs With Age[27]

Like the process described in Encrypting Filespooler Jobs with GPG[28], Filespooler[29] can handle packets Encrypted[30] with Age (Encryption)[31]. Age may be easier than GnuPG in a number of cases, particularly because it can use a person's existing SSH keypairs for encryption.

• Encrypting Filespooler Jobs With GPG[32]

Thanks to Filespooler[33]'s support for decoders, data for filespooler can be Encrypted[34] at rest and only decrypted when Filespooler needs to scan or process a queue.

• Using Filespooler over NNCP[35]

NNCP[36] is a powerful tool for building Asynchronous Communication[37] networks. It features end-to-end Encryption[38] as well as all sorts of other features; see my NNCP Concepts[39] page for some more ideas.

• Filespooler[40]

Filespooler lets you request the remote execution of programs, including stdin and environment. It can use tools such as S3, Dropbox, Syncthing[41], NNCP[42], ssh, UUCP[43], USB drives, CDs, etc. as transport; basically, a filesystem is the network for Filespooler.

Filespooler is particularly suited to distributed and Asynchronous Communication[44].

• Computer Security[45]

Keeping your (digital) bits secure.

• Tools for Communicating Offline and in Difficult Circumstances[46]

When things are difficult -- maybe there's been a disaster, or an invasion (this page is being written in 2022 just after Russia invaded Ukraine), or maybe you're just backpacking off the grid -- there are tools that can help you keep in touch, or move your data around. This page aims to survey some of them, roughly in order from easiest to more complex.

• Privacy[47]

"Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively." - Wikipedia

• Yggdrasil[48]

Yggdrasil is a Mesh Network[49] that is fully Encrypted[50] and provides an IPv6 IP on the network to anyone.

• Meshtastic[51]

Meshtastic is a Mesh Network[52] consisting of low-power, long-range (many miles/km), small communicators. These are little battery-powered boxes that can optionally link to a phone with Bluetooth or Wifi. The communicators form an automatic mesh and can share text messages or GPS coordinates. All traffic on meshtastic is end-to-end Encrypted[53].

• Quux.Org NNCP Public Relay[54]

According to the NNCP documentation[55], NNCP[56] is intended to help build up small size ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant[57] networks for fire-and-forget secure reliable files, file requests, Internet Email[58] and commands transmission. All packets are integrity checked, end-to-end Encrypted[59], explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Also there is multicasting area support.

• NNCP[60]

NNCP lets you securely send files, or request remote execution, between systems. It uses asynchronous communication[61], so the source and destination need never be online simultaneously. NNCP can route requests via intermediate devices -- other NNCP nodes, USB sticks, tapes, radios, phones, cloud services, whatever -- leading to a network that is highly resilient and flexible. NNCP makes it much easier to communicate with devices that lack Internet connectivity, or have poor Internet.

• Interesting Topics[62]

Here are some (potentially) interesting topics you can find here:

More on www.complete.org

(c) 2022-2024 John Goerzen