Practical Security


App, Data, Cloud and IoT Security

Encrypting data on an always-on server

If you have a server that you keep private data on, but it is always on and internet connected, you might want to encrypt that data while you are away. The basic need is to mount data as needed and unmount on timer or log-off. [Read More]

LUKS hidden volume with plausible deniability

There is an option --header <device or file storing the LUKS header>to use a detached (separated) metadata device or file where the LUKS header is stored. This options allows to store ciphertext and LUKS header on different devices. It means that we can have volume full of random crap without... [Read More]

Escaping sudo

First check what your commands and environment limitations are with sudo -l Then check permissions on the files you are allowed to run and on the folders that contain them If you can modify file you already know what to do. If the folder is wide open remove and create... [Read More]