Sunday, February 25, 2018
While most people were contemplating what to wear on the way to the newsagent's this morning I was once again tinkering with crypto stuff.
The complex subject of air gapped computing was front and centre at 9am in my world. Unless you write your own OS in a Faraday cage then at some point, some part of your computer will have touched the internet. Getting the computer set up with the many updates you probably want for the new system and then pulling it offline is probably what most people do, but is that good enough? Many will argue that it isn't. There has to be a reasonably secure middle ground.
My solution is to power a Pi Zero W from my Pi Top and SSH into it via my phone acting as a wifi hotspot. In effect the Pi Zero W is connected to the internet but isn't accessing it. The only job it has to do is allow me access to the CLI so that I can use the on board hardware random number generator and then only over a secure connection.
If I sit in my Faraday cage of a car in the middle of nowhere especially with a dire cell tower signal I should be OK doing a couple of minutes work.
It's about as good as things are going to get in an ever increasingly connected world. All I need to do now is map cell tower dead spots.
Wish me luck with that one.
Sunday, February 11, 2018
Outside there are large cold flakes of snow falling to the ground but I don't care really.
Apart from the obligatory 3 mile walk this morning I've been inside all day getting stuff to work on the Pi Top. The Pi Top has a Raspberry Pi under the hood and it's running Ubuntu Mate. It's a decent OS for what I need it for which isn't much. A bit of crypto and a Python playground.
I finally got round to writing the Nano crypto bash script for Ubuntu so I thought I'd port it over to Mate. A fairly easy process but you can't just add a bin directory to Home and have it work in the terminal. Several minutes of getting the script into the correct bin directory as root were needed. Anyway, all done now.
Should you be wondering what the script does, it allows me to write gpg encrypted messages without any of the plaintext being written to disc. Very nifty.
As long as no-one has installed a keylogger or happens to be looking over my shoulder I can safely jot down stuff that I want to remain secret.
If you're going to give it a go yourself make sure you have Nano 3.9.3 installed or it won't work.
Who said protecting your privacy wasn't fun.
Friday, November 03, 2017
I've been doing a lot of crypto stuff lately.
When I say 'a lot' I do mean literally hours upon hours of internet research and reading which then turns into hours of practical experimentation. Sometimes I just get it and sometimes what I'm reading makes no sense at all so I have to break things down and take baby steps.
The latest problem I've been working on is how to, without an air-gapped machine, write a text file, encrypt it and then send it to a desktop machine for further processing. So far I can do that. The vulnerabilities are plain to see. I could be hacked on any network. There could be a key-logger installed on the first machine which compromises everything. Or maybe my end machine could be monitored. Where there's a will there's a way.
Unless someone is actually on my case I've come up with a reasonably secure method which involves the use of SSH. I can switch my Android phone into Aeroplane Mode, write and encrypt and then send by SSH to a machine anywhere in the world once back on the network.
Of course there's still work to do. I can build upon my security which at the moment is OK but not great. The nice thing is that having started this I know where to look and I'm a little wiser to the terminology.
I'm not quite there yet.
Wednesday, November 01, 2017
It's been an interesting day.
I spent the morning in Nottingham City Hospital taking part in medical research. There's lots I could say about what happened, but as the research isn't published I think that on this public forum I shouldn't say much. What I can say is that my heart monitor kept reporting me as dead and that I had a CAT scan. The conclusion of my taking part is that I maybe a dead cat.
You can call me Schrodinger if you like.
The afternoon was spent writing not one but two shell scripts. They'll be useful to me in the coming months and years. I used the 'cat' command quite a lot.
It's been a cat kind of day.
Friday, October 27, 2017
I bought a skateboard today.
I'll give you a few reasons as to why.
- Locking up my bicycle and removing all the luggage every time I want to stop on short journeys is a pain.
- Since getting knocked off my bicycle a couple of years ago my knee injury isn't making hill climbing any easier.
- It's faster than walking.
Skateboarding is both convenient and sustainable. Should I wish to use public transport I can take my deck with me and skate the rest of the way. I can stop anywhere, have a rest, enjoy the view, have a coffee and then be on my way. The only downside is that they're not so good in wet weather, and this is the UK. The thing is that I probably wouldn't want to walk or cycle in the pouring down anyway.
My skateboard is a 'Cruiser' and made for travel rather than tricks although I will have to relearn to Ollie but that's about all. It was bought locally at MagicToast where Joe did a fantastic job of assembling the components that I wanted. He also did a fine job with the grip tape.
The deck itself is a Grizzly with the Spider-Man design.
So at nearly fifty am I to old to ride?
I'll be too old when I'm dead.