/tags/encryption/ Recent content in Encryption on zoph.me https://zoph.me/posts/resources/images/code-social.png https://zoph.me/posts/resources/images/code-social.png Hugo -- 0.148.2 en-us Tue, 29 Sep 2020 13:37:00 +0200 /posts/2020-09-19-levelup-your-data-privacy-using-pgp/ Tue, 29 Sep 2020 13:37:00 +0200 /posts/2020-09-19-levelup-your-data-privacy-using-pgp/ <h3 id="tldr">TL;DR</h3> <blockquote> <p>I&rsquo;m now using PGP for archive file encryption.</p></blockquote> <h2 id="the-trigger">The trigger</h2> <p>This summer, I read <a href="https://www.amazon.com/Permanent-Record-Edward-Snowden-audiobook/dp/B07VZWH6NB/ref=sr_1_1?dchild=1&amp;qid=1600524366&amp;refinements=p_27%3AEdward+Snowden&amp;s=books&amp;sr=1-1">Permanent Record</a> from <a href="https://en.wikipedia.org/wiki/Edward_Snowden">Edward Snowden</a>, &ldquo;Ed&rdquo; for those in the know. I was pretty impressed at how a government organization with a multi-billion dollar budget can organize a mass surveillance program at a worldwide scale in only a few decades.</p> <blockquote> <p>“Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.”</p> /posts/2019-06-10-ebs-default-encryption/ Mon, 10 Jun 2019 13:37:00 +0200 /posts/2019-06-10-ebs-default-encryption/ <p>Following the <a href="https://aws.amazon.com/blogs/aws/new-opt-in-to-default-encryption-for-new-ebs-volumes/">announced</a> new opt-in option regarding the default encryption of EBS volumes a few days ago, I&rsquo;ve made a small Python script to enable this feature on all AWS regions within an AWS account. Quick and <del>Dirty</del> Simple.</p> <p><img alt="ebs default encryption" loading="lazy" src="https://media.amazonwebservices.com/blog/2019/ed_always_on_2.png"></p> <blockquote> <p>This is an example. Use it at your own risk, and test it before applying to production, as usual :)</p></blockquote> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt" id="hl-0-1"><a class="lnlinks" href="#hl-0-1"> 1</a> </span><span class="lnt" id="hl-0-2"><a class="lnlinks" href="#hl-0-2"> 2</a> </span><span class="lnt" id="hl-0-3"><a class="lnlinks" href="#hl-0-3"> 3</a> </span><span class="lnt" id="hl-0-4"><a class="lnlinks" href="#hl-0-4"> 4</a> </span><span class="lnt" id="hl-0-5"><a class="lnlinks" href="#hl-0-5"> 5</a> </span><span class="lnt" id="hl-0-6"><a class="lnlinks" href="#hl-0-6"> 6</a> </span><span class="lnt" id="hl-0-7"><a class="lnlinks" href="#hl-0-7"> 7</a> </span><span class="lnt" id="hl-0-8"><a class="lnlinks" href="#hl-0-8"> 8</a> </span><span class="lnt" id="hl-0-9"><a class="lnlinks" href="#hl-0-9"> 9</a> </span><span class="lnt" id="hl-0-10"><a class="lnlinks" href="#hl-0-10">10</a> </span><span class="lnt" id="hl-0-11"><a class="lnlinks" href="#hl-0-11">11</a> </span><span class="lnt" id="hl-0-12"><a class="lnlinks" href="#hl-0-12">12</a> </span><span class="lnt" id="hl-0-13"><a class="lnlinks" href="#hl-0-13">13</a> </span><span class="lnt" id="hl-0-14"><a class="lnlinks" href="#hl-0-14">14</a> </span><span class="lnt" id="hl-0-15"><a class="lnlinks" href="#hl-0-15">15</a> </span><span class="lnt" id="hl-0-16"><a class="lnlinks" href="#hl-0-16">16</a> </span><span class="lnt" id="hl-0-17"><a class="lnlinks" href="#hl-0-17">17</a> </span><span class="lnt" id="hl-0-18"><a class="lnlinks" href="#hl-0-18">18</a> </span><span class="lnt" id="hl-0-19"><a class="lnlinks" href="#hl-0-19">19</a> </span><span class="lnt" id="hl-0-20"><a class="lnlinks" href="#hl-0-20">20</a> </span><span class="lnt" id="hl-0-21"><a class="lnlinks" href="#hl-0-21">21</a> </span><span class="lnt" id="hl-0-22"><a class="lnlinks" href="#hl-0-22">22</a> </span><span class="lnt" id="hl-0-23"><a class="lnlinks" href="#hl-0-23">23</a> </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="kn">import</span> <span class="nn">boto3</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="n">AWS_REGION</span> <span class="o">=</span> <span class="s1">&#39;eu-west-1&#39;</span> </span></span><span class="line"><span class="cl"><span class="n">session</span> <span class="o">=</span> <span class="n">boto3</span><span class="o">.</span><span class="n">Session</span><span class="p">(</span><span class="n">region_name</span><span class="o">=</span><span class="n">AWS_REGION</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="n">ec2</span> <span class="o">=</span> <span class="n">session</span><span class="o">.</span><span class="n">client</span><span class="p">(</span><span class="s1">&#39;ec2&#39;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">main</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">ec2_regions</span> <span class="o">=</span> <span class="p">[</span><span class="n">region</span><span class="p">[</span><span class="s1">&#39;RegionName&#39;</span><span class="p">]</span> <span class="k">for</span> <span class="n">region</span> <span class="ow">in</span> <span class="n">ec2</span><span class="o">.</span><span class="n">describe_regions</span><span class="p">()[</span><span class="s1">&#39;Regions&#39;</span><span class="p">]]</span> </span></span><span class="line"><span class="cl"> <span class="c1"># For all AWS Regions</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">region</span> <span class="ow">in</span> <span class="n">ec2_regions</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">conn</span> <span class="o">=</span> <span class="n">boto3</span><span class="o">.</span><span class="n">client</span><span class="p">(</span><span class="s1">&#39;ec2&#39;</span><span class="p">,</span> <span class="n">region_name</span><span class="o">=</span><span class="n">region</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="nb">print</span> <span class="p">(</span><span class="s2">&#34;Checking AWS Region: &#34;</span> <span class="o">+</span> <span class="n">region</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">status</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">get_ebs_encryption_by_default</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> <span class="nb">print</span> <span class="p">(</span><span class="s2">&#34;====&#34;</span><span class="o">*</span><span class="mi">10</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">result</span> <span class="o">=</span> <span class="n">status</span><span class="p">[</span><span class="s2">&#34;EbsEncryptionByDefault&#34;</span><span class="p">]</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">result</span> <span class="o">==</span> <span class="kc">True</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="nb">print</span> <span class="p">(</span><span class="s2">&#34;Activated, nothing to do&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">else</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="nb">print</span><span class="p">(</span><span class="s2">&#34;Not activated, activation in progress&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">conn</span><span class="o">.</span><span class="n">enable_ebs_encryption_by_default</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">if</span> <span class="vm">__name__</span> <span class="o">==</span> <span class="s1">&#39;__main__&#39;</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">main</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span><span class="mi">0</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p>That&rsquo;s all folks!</p>