this post was submitted on 13 May 2024
71 points (100.0% liked)
Privacy
32023 readers
1127 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yes GPG should add appropriate padding (random initialization vector) to not reveal whether two ciphertexts have the same plaintext. It makes no real attempt to conceal that the two plaintexts have the same length. If you want that, best bet is to make all ciphertexts the same length, by padding plaintexts out to 1MB or whatever, and turning off compression. Actually you might first check the manual to see if there is already an option for that. There are a lot, and I no longer keep track.
Cryptographer's saying (Silvio Micali, I think): "A good disguise does not reveal the person's height". So you are on the right track.
I also have media and other binary blobs which I'd like to archive in an encrypted fashion, will GPG suffice? ChatGPT mentioned OpenSSL for this but I'm not sure where that's taking me.
Openssl really isn't the right thing for that. GPG is fine for individual files if you don't mind leaking the approximate length. You may be better off with borg backup depending on your exact use case.
I'm using
rclone
, do you recommend I runborg
on top of it to encrypt said files? And doesborg
explicitly do what I'm trying to achieve? I'm going to take a look at the documentation, thanksI'm not really familiar with rclone. I just use Borg and it does about everything I could want. You can even ssh mount a Borg repo as a file system and browse the files, though it is read only (you can't modify anything that way). Obvs you need the decryption key to do that.
I see. I'm using Cryptomator, but I was recently linked to
rclone
's in-built encryption, which is probably what I'll use next. ThanksI will check into rclone again. People keep mentioning it. I think I may have considered it before deciding on borg. But my use case is primarily backup rather than archiving. The two aren't quite the same.