Sunday, February 25, 2018
While most people were contemplating what to wear on the way to the newsagent's this morning I was once again tinkering with crypto stuff.
The complex subject of air gapped computing was front and centre at 9am in my world. Unless you write your own OS in a Faraday cage then at some point, some part of your computer will have touched the internet. Getting the computer set up with the many updates you probably want for the new system and then pulling it offline is probably what most people do, but is that good enough? Many will argue that it isn't. There has to be a reasonably secure middle ground.
My solution is to power a Pi Zero W from my Pi Top and SSH into it via my phone acting as a wifi hotspot. In effect the Pi Zero W is connected to the internet but isn't accessing it. The only job it has to do is allow me access to the CLI so that I can use the on board hardware random number generator and then only over a secure connection.
If I sit in my Faraday cage of a car in the middle of nowhere especially with a dire cell tower signal I should be OK doing a couple of minutes work.
It's about as good as things are going to get in an ever increasingly connected world. All I need to do now is map cell tower dead spots.
Wish me luck with that one.
Sunday, February 11, 2018
Outside there are large cold flakes of snow falling to the ground but I don't care really.
Apart from the obligatory 3 mile walk this morning I've been inside all day getting stuff to work on the Pi Top. The Pi Top has a Raspberry Pi under the hood and it's running Ubuntu Mate. It's a decent OS for what I need it for which isn't much. A bit of crypto and a Python playground.
I finally got round to writing the Nano crypto bash script for Ubuntu so I thought I'd port it over to Mate. A fairly easy process but you can't just add a bin directory to Home and have it work in the terminal. Several minutes of getting the script into the correct bin directory as root were needed. Anyway, all done now.
Should you be wondering what the script does, it allows me to write gpg encrypted messages without any of the plaintext being written to disc. Very nifty.
As long as no-one has installed a keylogger or happens to be looking over my shoulder I can safely jot down stuff that I want to remain secret.
If you're going to give it a go yourself make sure you have Nano 3.9.3 installed or it won't work.
Who said protecting your privacy wasn't fun.
Subscribe to: Posts (Atom)