(originally posted on BMAC, where posts are searchable/organized by category; signup for optional account is completely free, includes occasional surprise post/download, has direct messaging, and allows you to receive more important posts by email (if you like))

Important Mention: in addition to other networks, a malicious VPN provider is capable of MITM attacks (one of the networks not commonly mentioned).

Key Security Takehome: Your computer's self hosted, open source encryption/crypto/hash methods are the only reliable encryption you can rely on for data integrity.

What are these? local/trusted checksum comparison programs/commands, ssh/key fingerprints -- all include storing some form of key / crypto related program on your own computer - above any reliance on 3rd party outside servers. Sometimes utilizing form of private key, other times local programs such as sha512sum, sha256sum, GPG, etc for verification.

Recently wrote a checksums tutorial (with screenshots), here on the main BMAC blog. Continuing in line with this important security topic for new Linux users - some may prefer this video over reading the written tutorial: I decided to offer both.

TIP: When checking a download outside the package manager (ie: Linux .img), one way to increase assurance of a checksum is to grab that checksum from a separate domain/server from the download hosting itself.

Example: Compare the hash from the official source, then download from a mirror: in this situation one would have needed to compromise both the mirror and official server to make hash match the download mirror.

I used a real world example of MITM story to introduce checksums and how they can serve to verify integrity of a file, entire package, or set of packages.

With a MITM attack, this can happen more locally, within your home/office LAN, public WiFi. It can happen at a higher level as well. In some countries where Human Rights are not well respected, this type of attack could happen at ISP level. Example: criminals compromising ISP to perform attacks or harm Human Rights activists.

We cover

checksums using commandline, Nextcloud App, and a graphical program called Gtkhash.



What do you find running these commands? Are you seeing anything concerning? Have you inspected any of the "FAILED" results for anomalies?

Let me know in the comments. ๐Ÿ˜€

If you would like to show support work like this, options are listed below, and on Front Page

Thank You to everyone who takes the time to Share and/or Support my videos. As all my channels/pages are completely demonetized.

Thoughts, comments and any questions welcome below.

๐Ÿ˜€ Thank you for Sharing this (Telegram/Social media + everywhere).

๐Ÿง…๐Ÿ” ANONYMOUS GITEA (.onion): Books, Code/Scripts, Wiki, more (make a repository)
๐Ÿง…๐Ÿ” PASTEBIN (.onion): options- password protect, zk-256bit, "Burn After Reading" + more
๐Ÿค— SUPPORT OPTIONS (If you like to):
โœ๐Ÿ—’๐ŸŽž Politictech (BMAC Memberships (monthly supporter option)
๐ŸŽ EXTRAS: Unique extra Services (get something back for your support)
๐Ÿ’ณ Politictech Main Page: (info + current Crypto)
THANK YOU for Sharing this, Liking, and Subscribing.
If you aren't registered for Odysee I'd love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP