Do most websites that record and store users' IP addresses encrypt IP data?

Popular websites like Facebook, Twitter, Reddit, etc. encrypt the IP addresses of the user's data (that is, the creation of accounts, publications and comments) when they are stored in their databases for privacy and security reasons?

aes – encrypt / decrypt using openssl

Hello, I have a wonderful script that uses seems
cmd1 = "echo $ {really_long_key}"
ssl_cmd = openssl aes-256-cbc -md md5 -nosalt -a-pass pass: $ {encryptPassword} dec "

process def = cmd1.execute () | ssl_cmd.execute ()
process.waitFor ()

It works for smaller keys, but if the key has more than 2900 characters, it can not be decoded.

also if done in the command line (echo "really_long_key" | openssl aes -…..
Ended up with:
badly deciphered
140150542661448: error: 0606506D: digital enclosure routines: EVP_DecryptFinal_ex: incorrect end block length: evp_enc.c: 589:

encryption: is it too late to encrypt my USb unit already used?

Assuming it is a solid-state USB drive and not a USB external hard drive, leveling the wear, overprovisioning and other features of solid-state media make it difficult to overwrite existing data securely. While any new the data written on the unit will be encrypted, it is likely that parts of the previous unencrypted file system remain on the device for some time. The only sure way to mitigate that problem is to buy and encrypt a new USB device and transfer data, then destroy the old one.

lets encrypt – Configuring Apache2 in pi3 with certbot and letsencrypt

I am running Raspbian GNU / Linux 9 (stretching) on ​​a raspberry pi3. I have apache2, which I want to use to connect a domain to the Gitea server in the same raspberry, port 3000.

I have apache redirect http to the Gitea server, no problem.
I tried to use certbot to update http to https, but when I run certbot "sudo certbot –apache" I get:

  • Can not install the certificate
  • Congratulations! Your certificate and chain have been saved in:

As I understand it, I managed to create the certificates, but Apache did not modify the VirtualHosts configuration.

I tried to configure them on my own (I have Letoncrypt installed on another Ubuntu server), but to no avail. I found that no one has the same configuration. This is what I have now:

/etc/apache2/sites-available/000-default-le-ssl.conf


  
  
  
  Server name web.page.com

SSLEngine in
SSLCertificateFile /etc/letsencrypt/live/web.page.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/web.page.com/privkey.pem
SSLCertificateChanFile /etc/letsencrypt/live/web.page.com/chain.pem

ProxyPreserveHost On
ProxyPassMatch ^ / . Well  -known!

ProxyPass / http: // localhost: 3000 /
ProxyPassReverse / http: // localhost: 3000 /
DocumentRoot / var / certif / gitea

The error log of Apache2 says nothing, it shows:

[Sat Apr 27 11:03:43.650383 2019] [mpm_event:notice] [pid 20569:tid 1996288240]    AH00491: trapped SIGTERM, shutting down
[Sat Apr 27 11:03:43.829615 2019] [mpm_event:notice] [pid 22424:tid 1996398832]    AH00489: Apache / 2.4.25 (Raspbian) configured - resuming normal operations
[Sat Apr 27 11:03:43.830084 2019] [core:notice] [pid 22424:tid 1996398832]    AH00094: Command line: & # 39; / usr / sbin / apache2 & # 39; / usr / sbin / apache2 & # 39;

To my knowledge it lacks a bit, and certbot changed since the last time I configured it. Any clue about what I could try is very welcome!

Cloud computing: can ransomware encrypt Google Drive files with OAuth credentials?

I created a script (which acts as a backup system for a directory) that uses OAuth credentials (offline authentication) from Google Drive to upload files from a directory to Google Drive, automatically when content is added to that folder . But it does not synchronize it (without data duplication), to protect the backed up data from the ransomware attack.

I have a folder that contains the credential files of my Google Drive account (this folder is used by my script to authenticate me in my Google Drive account)

My question is that, since ransomware can affect network drives and data that are synchronized through the cloud, could I use those credentials stored on my computer to access my drive account and start affecting my files there? ?

Encryption: When using openssl to encrypt a file, how would you create a key composed of specific letters?

I want to create a 128-bit AES key made up of specific letters. I think I would need to use something like

openssl genrsa -aes128 -out privkey.pem

or

openssl genrsa -out privkey.pem

but I'm not sure how to make an AES with a 128-bit key made up of specific letters that I choose. Am I thinking about this in the wrong way?

Edit: I wonder if I do something like
openssl enc -aes-128-cbc -k secret -P -md sha1
would work

Hello to encrypt the 2i nova phone?

enter the description of the image here

I have the Huawei Nova 2i phone. I need to sell my phone but I want to encrypt that phone before delivering it. I do not see any option within the security settings to encrypt the phone. Please help.

encryption: transactional replication through VPN, do I need to encrypt the connection?

New in security

We are planning to configure transactional replication of SQL Server through a VPN to Azure over the Internet. The source server is inside our data center and the destination will be an instance managed in Azure.

Initially, we thought that VPN should provide enough security to pass data through the Internet, but now our security team also wants to encrypt the connection between the SQL servers. Is it really necessary or are we paranoid and that is redundant?

Cheers

letsencrypt – The SSL certificate of Let's Encrypt Wildcard does not match the domain name

I have a problem after the installation of the Let's Encrypt Wildcard Certificate, maybe someone can help me.

I installed a wildcard certificate generated by sslforfree.com in cPanel.

The domain is fluidpower.pro and in the hosting, this is an additional domain.
Certificate works for fluidpower.pro but it does not work for any subdomain that you created in cPanel.

In the cPanel Certificate Details I see that the certificate is generated for both the subdomains and the domain:

Certificate ID: _wildcard__fluidpower_pro_b5553_5b59f_1560821893_33f836cd985519af6b2aec555b1a5f0d
Domains:
* .fluidpower.pro
fluidpower.pro
Issuer: Let's encrypt
Key Size: 2,048 bits (b5553b52 ...)
Expiration: June 18, 2019 1:38:14 AM

But when I try to go to some subdomain, for example test.fluidpower.pro I have a mistake NET :: ERR_CERT_COMMON_NAME_INVALID

I checked in `whynopadlock.com` and found this explanation:

Your SSL certificate does not match your domain name!
Protected domains:
* .prod.iad2.secureserver.net
prod.iad2.secureserver.net

Can anyone explain why it happened? Why does the certificate protect strange domains when running any subdomain, but does it protect the primary domain well? How to solve the problem?