Welcome to Adventures in Encryption, a blog where I share some of my musings on various aspects of encryption. Generally, as it relates to disk and “data at rest” encryption but I may branch out occasionally into more motile forms if the whim takes me.
While the deep maths and dark magic of encryption is, at this time, out of my purview, I have gone down many a rabbit hole in the area of disk encryption and data security. Specifically on UNIX platforms (FreeBSD, Linux, OpenBSD) and have released and support a few projects in this area (see the projects area of this blog). As such I have frequently hit up upon some tricky situations involving making various packages play nice together.
More often tho I am found torturing various distributions into disk encryption corners they were not designed for because I have the mistaken impression that this is somehow better.
I leave it to the reader to decide if there is anything of use here, but I hope some of the issues I have faced and solved over the years help others out as some of the issues I have resolved still don’t have a good single solution find-able via google at this time. I hope to tie some of them together here.
I may also have a few opinions on true plausible deniability I would like to share here as well as common misunderstandings people have about how protected or secure from detection their current encryption setup is. TL;DR You’re never as secure as you think you are.
I hope to propose a few desktop encryption schemes for the INSANELY paranoid here and hope you find as much fun in playing with them as I did. Having said that. Lets dive in!
The menu items above should give you a good starting point. Have at it! Huzzah!
About me: I put this at the ends because, like those recipe sites that give you 20 paragraphs about the chefs wonderful time travelling through the Capathian mountains in 2015 before you get to the recipe, no one cares. But for those that do:
I am an IT professional with over 20 years of experience in a variety of areas, Operations (servers and networks), Telecommunications (VoIP and traditional SS7). Over the last 5 years I have shifted to a focus in cyber security and I now work as a Senior Security Analyst in a global cyber security company.
Throughout most of my career I’ve had a side interest in data security, initially in the server space, then mostly just tinkering. I have spoken at several Australian cyber security conferences on topics around security and encryption (these talks will be linked here).