In previous mission, it is at all times sftp + PGP. this shopper do not like the concept, they are saying, it is sftp, and with SSL layer, knowledge is encrypted, therefore file encryption utilizing pgp isn’t crucial. is there any advantage on this assertion?
Our only URLs are
All other sites are scams – especially be wary of:
benumbs.cards & bennumb.cards & bennumbs.cards & benumb.cc & many more…
(it can be hard to notice the S and extra N if not careful.)
Welcome to the real deal.
Please bookmark this link — the other sites have simply copy/pasted our html and don’t actually have any cards to sell.
They can be easy to fall for if you aren’t cautious!
sftp is a/the transfer method, PGP is used to encrypt the contents being sent.
*”It depends.”*
The extreme scenario that file-level encryption mitigates is preventing someone who has access to the server from spying on your data. This person can be a nosy sysadmin (who is authorized to maintain the system but not necessarily permitted to look at client data), a criminal, or law enforcement working through legal means.
Protocols like SSH, HTTPS, SFTP, FTPS (do people still use FTPS? lol) all encrypt data in transit as it goes over a network. If you trust both the source and the destination as being secure, this is ‘good enough’.
This transport encryption does not apply at either the source end or destination end, such as when it is sitting in storage (‘at rest’). If you have concerns about the data being accessed outside of transport, then encrypting it at rest with PGP/GPG or similar would be a solution. For performance reasons, large files are generally encrypted with a symmetric cipher, and the decryption key for the symmetric encryption is then encrypted with asymmetric encryption. Any compression should happen before the file is encrypted.
Some providers offer a middle ground option that uses file-level encryption using keys they generate and manage for you, allowing you to upload the files as-is and they will encrypt it for you before writing to disk. This still carries some risk since not just you controls the keys (you’re trusting they are securely and separately storing the keys – and this method won’t survive a valid court order)
Example use cases:
* You want to make sure a nosy sysadmin, rogue employee, or spy isn’t peeking at your data after it’s transferred. Even if the provider encrypts their storage volumes, that data can still accessible while the system is running and volumes are mounted, depending on how it was configured.
* You want to make sure your data is safe even if the servers are seized/stolen. A number of years ago in the USA, a small ‘datacenter’ was burgled by a group of criminals who sawed through an adjoining suite’s brick wall and walked out with all of the dedicated and collocated servers and hard drives.
* You’re using a cloud hosting provider that passively scans your data for ToS violations, and you don’t want your account terminated because some of the content happens to be copyrighted material (even though you’re not distributing it), or you don’t want to get permanently banned, lose your job, and be subject to law enforcement investigations because there was a false-positive CSAM match against a *picture of a peculiar species of monkey* or a picture of your child’s skin rashes.
* You want to go above-and-beyond with layered data security, or you have compliance reasons requiring data be encrypted at rest.
Files unencrypted at rest are a target for bad actors. Unencrypted internet traffic is a target for government intelligence services, unless you’re borrowing the neighbors WiFi. Depends on who you’re trying to deter.
Encrypt in transit and at rest when possible.
Can someone help me out here? Is OP asking if he should encrypt locally, upload via sftp, then decrypt on host? For dual transit encryption? I guess the thought never crossed my mind since SSL is considered bulletproof, but it couldn’t hurt for overly sensitive files. But then why would OPs boss care if he’s doubling down on security… doesn’t want to install GPG on server?