[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 16/03/2022 08:46, Giles Coochey wrote:
On 16/03/2022 08:18, maceion@xxxxxxxxx wrote:How do you transfer files securely?The way I do it, which is probably pretty lame, is to use two channels, both with some sort of authentication and hope of privacy. In one channel I describe the method, hopefully encrypted, of how they can access the information. Then I use the second channel where I provide the key or password, without any context as to what it is for, which completes their access requirements.I do not profess this to be entirely secure, often I use email as one channel and SMS as the key provision. This is obviously not good if you have a single device that has access to both these channels (e.g. a smartphone).We rely on trust so much in our everyday lives nowadays, trust in software, and also trust in hardware, which means unfortunately, truly the most secure method of exchanging information is still an envelope with a wax seal, and hopefully a good Diffe-Hellman exchange.
Method I have used depends on both a private email exchange, a normal email exchange and a wholly owned domain (by me) in a safe place.
An email name address and its password are known to both recipient and sender so both parties can write FROM that email address but do not SEND
Draft on email server in UK for a few seconds. One writes one 'copies'. Drafts deleted , no sending within seconds of copy being taken. Both parties log off scrub computer caches. all logs, etc. In one case he remote person uses Windows, so not so safe.In another the user is using a Live Linux distribution or a machine where they overwrite and reformat disc and re-install their Linux system after transmission.
Problem, using TOR or such like gets instant police attention, so it is avoided. Sometimes signal passes through up to 8 in-country servers in transmission of which at least 3 are monitored 365/24/7.
See also [Remove blanks to get URL] https:// huridocs .org/ Email server has fully encrypted end to end connection when drafting.Secondly the 'draft' is written in text and saved as an encrypted file before attachment to that draft email.
Passwords being exchanged via a 'Public' totally encrypted email service. Somewhat a hassle, but works. -- regards Eion MacDonald -- The Mailing List for the Devon & Cornwall LUG https://mailman.dcglug.org.uk/listinfo/list FAQ: https://www.dcglug.org.uk/faq/