Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Using Halite for Privacy and Two-Way Encryption of Emails
Jun 23, 2016 @ 11:18:17

On the SitePoint PHP blog there's a new tutorial posted showing you how to use the Halite package to encrypt the contents of emails. The Halite library sits on top of the libsodium functionality to provide tested, hardened cryptographic results.

Cryptography is a complex matter. In fact, there is one golden rule: "Don’t implement cryptography yourself." The reason for this is that so many things can go wrong while implementing it, the slightest error can generate a vulnerability and if you look away, your precious data can be read by someone else.

[...] Some libraries out there implement cryptography primitives and operations, and leave a lot of decisions to the developer. [...] Nevertheless, there is one library that stands out from the rest for its simplicity and takes a lot of responsibility from the developer on the best practices, in addition to using the libsodium library. In this article we are going to explore Halite.

The tutorial then starts of helping you get the libsodium package installed on your system (assuming it's unix-based). They then start on the sample application - a basic "email" client able to send/receive messages between users. They set up RESTful endpoints to get the messages, use the Doctrine ORM for a database interface and show the use of the Halite Crypto class to encrypt/decrypt the message contents.

tagged: halite privacy twoway encryption email message tutorial libsodium

Link: https://www.sitepoint.com/using-halite-for-privacy-and-two-way-encryption-of-emails/

/Dev/Hell Podcast:
Episode 33: Pol Pot-level Sucks
Jun 17, 2013 @ 12:42:26

The /Dev/Hell podcast (hosted by PHP community members Chris Hartjes and Ed Finkler) has posted its latest episode - Episode #33 - Pol Pot-level Sucks.

Back in the saddle for the double-tres, Chris and Ed rap about the loss of trust in Google and how that affects their perception of the Go language. Then Ed babbles for way too long about vintage gaming and computing. Chris wonders how you could be truly private on the Internet in the light of widespread government surveillance. Finally, we talk about the importance of automation and repeatable processes.

You can listen to this latest episode either through the in-page player or by downloading the mp3 directly. You can also subscribe to their feed so you'll know when the latest episodes are released.

tagged: devhell podcast ep33 google gaming privacy automation

Link: http://devhell.info/post/2013-06-13/pol-pot-level-sucks