We Just Went Crazy
1. Upgraded the GPG keys that we'll be using to sign (tentatively ; x448) + there's a guide that's going out to everyone regarding how to do the same. We don't trust NIST signatures...at all [there's a hell of a reason for that too]
2. We're back on Twitter ; go ahead and give us a visit - https://twitter.com/librehash (per usual)
+ we have 6 other Twitter accounts that we update on a regular basis that cover various facets of the crypto space
3. We finished our Discord / Riot bidirectional channel setup.
4. What we did in #3 wasn't really good enough, so we decided to go ahead and plug in RSS feeds (using our own RSS feed generator of course) & plugged that into an entirely different community (made up of sub-channels)
5. E-mail is ready for Beta ; We 're not going to go too far into why this is. The e-mail solution is absolutely fine .TLS 1.3 for SMTP + IMAP. Open source components like Dovecot (IMAP) + Postfix (SMTP) + Haraka to help us put things together + Roundcube for the front-end (they upgraded & updated along w php). Argon2id hashing. MTASTS + TLSRPT records created with DANE TLSA records created for our mail server. SHA512 DKIM signature + we PGP signed a DNS record for the mail server admin for further authentication. Key exchange = x25519 on the website + we use EC384 certificates issued by Lets Encrypt (if you've never seen EC-384 strength certificates its because you don't know anyone that's smart enough to generate a certificate like that). Sieve Filter (like a sieve filter port, not a plugin) ; if you don't know what that is - that's how far ahead we are when it comes to spam prevention.
Our email doesn't get sent to anybody's junk mail.
6. Syncthing ; we're running a 'relay server' & then we "federated" it (that's what its technically called, its not decentralized though - keep up). This allows users to sync between two devices. Passwords here stored using Argon2id (just upgraded the go module to replace bcrypt that they had implemented with it). We also replaced the ECDSA keys with x448. Only TLS 1.3 connections allowed to the website. All the goodies for our proxy + a proxy backend, of course, in order to facilitate potential streaming.
7. Standard Notes = Encrypted notes? Yeah, that's packaged & done with as well. Don't know what it is? Google it. It comes with a ton of extensions that make it really awesome (and usable). Its not some shitty "encryption notebook" - we use this to actually edit & publish our articles. Not to use it - but because its convenient. AES 256 / PBKDF-SHA512 ; no keys are kept on server, the keys get split in half and one is used to encrypt, the other to decrypt in parallel as you access the notes. They sync every single second (zero lag whatsoever on any device you're using because we understand how AES NI works). Every single note gets a different encryption key & notes are encrypted before they even reach the server (yeah, its nuts).
8. XMPP server is up = If you don't know what this is (shhh)
9. QUANT COIN MARKET SCANNER IS READY TO GO ; yeah you know that thing that we were talking about? That's good .
1. Upgraded the GPG keys that we'll be using to sign (tentatively ; x448) + there's a guide that's going out to everyone regarding how to do the same. We don't trust NIST signatures...at all [there's a hell of a reason for that too]
2. We're back on Twitter ; go ahead and give us a visit - https://twitter.com/librehash (per usual)
+ we have 6 other Twitter accounts that we update on a regular basis that cover various facets of the crypto space
3. We finished our Discord / Riot bidirectional channel setup.
4. What we did in #3 wasn't really good enough, so we decided to go ahead and plug in RSS feeds (using our own RSS feed generator of course) & plugged that into an entirely different community (made up of sub-channels)
5. E-mail is ready for Beta ; We 're not going to go too far into why this is. The e-mail solution is absolutely fine .TLS 1.3 for SMTP + IMAP. Open source components like Dovecot (IMAP) + Postfix (SMTP) + Haraka to help us put things together + Roundcube for the front-end (they upgraded & updated along w php). Argon2id hashing. MTASTS + TLSRPT records created with DANE TLSA records created for our mail server. SHA512 DKIM signature + we PGP signed a DNS record for the mail server admin for further authentication. Key exchange = x25519 on the website + we use EC384 certificates issued by Lets Encrypt (if you've never seen EC-384 strength certificates its because you don't know anyone that's smart enough to generate a certificate like that). Sieve Filter (like a sieve filter port, not a plugin) ; if you don't know what that is - that's how far ahead we are when it comes to spam prevention.
Our email doesn't get sent to anybody's junk mail.
6. Syncthing ; we're running a 'relay server' & then we "federated" it (that's what its technically called, its not decentralized though - keep up). This allows users to sync between two devices. Passwords here stored using Argon2id (just upgraded the go module to replace bcrypt that they had implemented with it). We also replaced the ECDSA keys with x448. Only TLS 1.3 connections allowed to the website. All the goodies for our proxy + a proxy backend, of course, in order to facilitate potential streaming.
7. Standard Notes = Encrypted notes? Yeah, that's packaged & done with as well. Don't know what it is? Google it. It comes with a ton of extensions that make it really awesome (and usable). Its not some shitty "encryption notebook" - we use this to actually edit & publish our articles. Not to use it - but because its convenient. AES 256 / PBKDF-SHA512 ; no keys are kept on server, the keys get split in half and one is used to encrypt, the other to decrypt in parallel as you access the notes. They sync every single second (zero lag whatsoever on any device you're using because we understand how AES NI works). Every single note gets a different encryption key & notes are encrypted before they even reach the server (yeah, its nuts).
8. XMPP server is up = If you don't know what this is (shhh)
9. QUANT COIN MARKET SCANNER IS READY TO GO ; yeah you know that thing that we were talking about? That's good .