Nine easy security tools

Slashdot it! Delicious Share on Facebook Tweet! Digg!

Signal

Developed by the non-profit Open Whisper Systems, Signal [6] encrypts voice and text messaging on Android and iOS phones (Figure 3). Signal Desktop, a Chrome app, is currently in beta, allowing users to take advantage of a laptop or workstation's larger screen and full-sized keyboard when using a linked phone.

Figure 3: Signal encrypts voice and text conversations through its centralized servers.

The phone apps are drop-in replacements for the default apps, installing seamlessly despite the warning issued by the phones. Conversations are carried by Open Whisper's servers, with the exchange of encryption keys done invisibly for the users. All participants in a conversation must have Signal installed for encryption to be possible, but if they do not, then Signal still works unencrypted.

Signal itself should be protected by a passphrase. You also have the option of setting an expiry date for each conversation and adding graphic and audio attachments to messages.

However Signal's use of centralized servers could be a potential security risk. There are also some proprietary components on the backend. You might prefer similar but decentralized solutions such as Ring [7].

umask

umask [8] is the standard command in Linux for setting the default permissions for a new directory or file. It sets the permissions for the owner, the owner's group, and other users, setting whether each can read, write, or execute a file.

By default, most distributions set umask laxly, giving users all these permissions, while the owner's group and others can read the file. By denying the group and others read permissions, you substantially limit an intruder's navigational abilities within your system. Read the man page for chmod to refresh your memory about other ways to use permissions.

Buy this article as PDF

Express-Checkout as PDF

Pages: 4

Price $0.99
(incl. VAT)

Buy Ubuntu User

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Playing with Parrot Security OS

    The latest release of Parrot Security OS has some extremely colorful plumage, which will appeal to both hackers and lay users interested in their systems' safety.

  • Encrypting email with GnuPG

    US intelligence agencies tap into billions of call data and electronic messages monthly – reason enough to consider encrypting your email traffic.

  • Anonymous and secure surfing with Tails

    If you need an anonymous connection to the web, Tails 0.19 is just what you need. The Live system conceals all traces of surfing and mailing.

  • Installing and testing Nextcloud

    Leading ownCloud developers, including the project founder Frank Karlitschek, became dissatisfied with the direction of the project, so they started Nextcloud, a fork of the code and a new company. The goal is to create a better balance among the company, clients, and users. We take a look at how Nextcloud is faring.

  • GNOME Cleartext Passwords: Bug or Feature?

    The current discussion in the Ubuntu forums is about a possible security hole in GNOME, specifically about GNOME registered users having their passwords appear as cleartext on the keyring. Not a bug, say its defenders, but the security concept behind the GNOME keyring.