Sandboxing FTW

Posted on March 30, 2015 by bluedepth

After I reminded people that I offer a complimentary attachment checking service through my office I got a submission from one of our warehouse operators in Texas. It was an oddly-named attachment called UmjSJCk.zip. I saved it to my Mac and opened Terminal. Then unpacked the zip file and it unpacked to Quotation.exe. I giggled a bit when I ran the file command on it and saw that it was a Windows executable. Exactly what I expected. So I put it in a folder called sandbox and started my copy of Windows XP that I have in VirtualBox. The OS has it’s hard drive set to immutable, so any changes or write activities that the OS does is not sent to the VHD image, but rather to a “snapshot” VHD image on the side. Each time I start the OS, it’s as if I am starting it for the first time, because when an immutable VM finds something (anything) in the snapshot folder, it dumps it first then creates a new snapshot image for writes. I make sure the sandbox can’t see anything beyond my Mac by assigning it’s LAN connection as a Host-Only Adapter. That means that the VM can only see VirtualBox’es fake network host and nothing else.

So start this sandbox Windows XP, mount the sandbox folder as a drive to the sandbox – set as Read Only also, by the way, no baby-backwash here… and then double-clicked on Quotation.exe. It loaded a process and started to grope the network connection. Of course it did. So, with the bug trying it’s best to reach out and fetch it’s payload I clicked on the little red close control and told VirtualBox to power off the virtual machine.

Poof. All gone. Changes and everything. Then I dumped the sandbox contents.

I think whats more concerning here is that my scan using ClamAV on my Mac in regards to this data showed no infected data. Well, it certainly was trying to be nasty.

Then I start to wonder about the inherent usefulness of VirtualBox when it comes to airgapped computing when it comes to privacy and really being paranoid about encryption. But then I realize that when I turn off my Airport on my MBP, that it’s just as good as anything I could screw around with in VirtualBox. An infection in my MBP? Heh… piff.

Better Credit Card Security

Posted on March 17, 2015 by bluedepth

While talking with a friend, who is enduring some unpleasantness the conversation turned to issues with using credit cards to buy things, like food for example. That got me thinking, how would I design a really strong way to prevent data breaches?

Encrypt everything!

Well, perhaps not that, but hash everything. Here’s what I talked myself into, of course none of this is rational because nobody will effect a planetwide shift in payment processing based on what this yokel has to say, but still, here goes.

Issuing Bank sets up credit account, there are four key fields that are important for the classic transaction, name, number, expiration date, and CVV2. I think one could also establish a timebased one-time-password secret as well, it would operate like Google Authenticator functions. So you’d need a secret that the bank generated for their systems and the physical card too. You’d need a smart chip on the card so it could forward the TOTP code to the credit terminal at the point of sale.

The bank sets up a TOTP secret, so it’s named JQP Credit Card (or account number or whatever) and the secret is: 6B57078FB88A4DD73E447D2647DCEC7D04C3D887951BA6A2D8DBA294E0B60579. This number is forwarded to the credit card terminal. Right now it’s 726995, but in thirty seconds it’ll be something else. Since the credit card terminal and the bank share sync’ed time via time.nist.gov, there is no risk that there would be some sort of mismatch between the two.

The customer goes to the credit card terminal and swipes, a value is entered and a timestamp is recorded, all of this is already parts of a credit transaction. The terminal can read the name, expiration, CVV2, whatever from the magnetic stripe and the smart chip forwards the TOTP code, then the terminal assembles this into a EDI transaction:

JOHN/Q/PUBLIC#1111222233334444#1015#170#726995 and applies SHA256 to it, to create:

621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba

This is stored in a database and then forwarded to the bank with the timestamp, so it’ll look like this:

987654321#621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba#15.09#1426615839

So the bank will be presented with a Customer ID, SHA-256, they’ll have the total dollar amount, and they’ll have Epoch time, or the number of seconds from 00:00:00 UTC, January 1, 1970. This could be easily done by a Linux kernel by the output of date -j -f “%a %b %d %T %Z %Y” “date” “+%s”

The bank would then have everything they need, they’d have the secret key, which with the Epoch time from the transaction would give them the TOTP calculation, which would generate the answer 726995. Then they’d have the card details from the customer ID, the SHA-256, and the amount. They could then calculate the hash on their own:

621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba

And authorize the transaction.

Even if the card details were stolen by someone copying the numbers off the card, they wouldn’t get the TOTP secret. Plus the TOTP secret is changing every 30 seconds. If someone tried to run this transaction and guessed at the TOTP code, they’d generate this:
987654321#a1b714fba988632200c78a5b9021bca5b48f149b036aa901c03173f0f2de5399#15.09#14266158 and the bank would instantly detect this incorrect SHA hash and cancel the card and ship a new one.

This is rather involved but the practical upshot is, if a vendor kept these transactions in a database and someone stole the database to use for their own nefarious needs, the presence of the TOTP and SHA-256 would make the data in the database worthless because the TOTP has no predictable pattern if you don’t know the secret, and SHA-256 is very sensitive to even the smallest change in the input data that it’s hashing. This would free vendors, banks, and customers from risking PII leakage or identity theft.

I’ve also thought that this would be a great way to secure SSN’s as well for use with the government, they know your SSN and you know your SSN, so when communicating over a possibly compromised channel you can authenticate not with your SSN, but with the hash of your SSN.

John Q. Public, 123-45-6789 -> 01a54629efb952287e554eb23ef69c52097a75aecc0e3a93ca0855ab6d7a31a0

Prep Porn

Posted on February 27, 2015 by bluedepth

I’ve found myself taking little diversions into geek town. There’s always been this pervasive suspicion that privacy is dead, but since Edward Snowden came out and said, “Yes, everything you feared is real and it’s much worse than you know and far worse than you could ever imagine.” That statement only added fuel to the fire for me.

How did I spend my spare time? Exploring digital security measures. After a while I started to sense that I was very much on my own, the technology of privacy is a desert. I accepted that I would never likely be able to put all of this into actual practice, so it became a kind of exploration into digital privacy for the geek thrill of finding something new and watching it work. Kind of like getting a complex rube-goldberg machine and using it just to watch it clink and clank away.

Diving into privacy has had some remarkable side-effects. It is very easy to quickly slide into paranoia. The idea that everyone is out for what you know and what you are talking about, measuring you and evaluating the things you communicate and the data you create and store. Honestly speaking, that’s a mirage — it only seems that way because you have new toys to make it all super secure, so in a way, creating super secure methods invites the notion that Eve is out to get you. Who is Eve? In crypto circles whenever people want to discuss how a crypto system works, they need names to give people to humanize the interaction and make it more relevant for people. Alice is always the initiator of the secret communications, Bob is always her recipient or contact, and Eve (which I have always mused stands for “Eavesdropper” sits in between Alice and Bob wanting their secrets and breaking through their veil of privacy.

I started with PKI, Public Key Infrastructure. It’s a fully fleshed out system which uses a pair of keys to secure anything digital, from files, to text, to even entire telephone conversations. This system has two parts, a Public Key and a Private Key. When you create your key, and key generation is actually laughably trivial, you keep your Private Key held close to your bosom and you send your Public Key to everyone you know who is using PKI. They tried to address this by creating things called Keyservers. These are systems that are run by various places that you can post your Public Key to and they’ll keep it in their database. You and anyone else can use these services to look up others and get their Public Keys. These Public Keys have fingerprints, so you can verify that the keys aren’t mangled, damaged, or shanghai’ed by some nefarious other party (Eve). So, Alice would seek out Bob’s Public Key and cast her message using the key to encrypt it. Once that’s done, the data is complete gobbledegook to everything in the Universe except Bob’s Private Key. Bob gets the message, because he has his Private Key, he can decode the message and benefit from it’s contents. Eve could of course get her hands on the secure message herself by wiretap or eavesdropping, but the message will only unlock to a very specific Private Key, so without it, Eve just has so much noise. Alas, this system only works when everyone is using the infrastructure. Everyone needs to have a keypair, otherwise there is no way to address your message, because there is an absolute lack of Public Keys to be had for anyone! And this is my headache. Even if I wanted to use PKI, it’s worthless because nobody I want to communicate with has a Public Key. This PKI, this one thing, is currently one of a handful of things that Eve cannot actually break into. And when I say Eve, I really mean the nebulous fog of the Men In Black, so the FBI, the NSA, GCHQ, those types. They are always in black suits and black sunglasses and we hope they are nice and mean us no harm, ahem, sure.

If PKI won’t work, which boggles my mind since it costs nothing at all to actually use any part of it, the next step is exploring conventional cryptography. There are algorithms that go by codenames that everyone can use. There are two different realms for these sorts of tools. There are the trade names of the tools like Rigndael, Serpent, Twofish, Blowfish, Threefish, and so on. These are the mechanical parts that make conventional cryptography possible. Alice and Bob have a secret only they know, a nice long password. They can use these tools to make their sensitive data useless for anyone who doesn’t have their password. It’s somewhat like PKI, only that both Alice and Bob need to share that secret ahead of time for any of this to work. These tools are all submitted to the government for their consideration and when a tool is submitted and chosen, like Rigndael it loses it’s authors name and picks up a big impressive name from the government, in this case AES. Advanced Encryption Standard. As a curious sidelight, Serpent was a competitor for AES with Rigndael, one won, the other did not. All of these tools have a number associated with them, these are the key length measurements and in a general way can be equated with the strength of the encryption. AES-128 is “weaker” than AES-256. These numbers indicate the number of bits used to form the secret key used in the encryption. The longer the key, the harder it is to attack the encrypted message with brute force attacking it. Having the message is easy, guessing every possible key combination when there are 256 bits in play? That’s a huge keyspace! A keyspace is an imaginary construct that tries to tie physical size to the sheer number of combinations that a key can have. A key with one bit has only two possible values, either zero or one, so it’s keyspace is 2^1, or two. If it isn’t zero, it’s one. The keyspace for AES-256? It’s 2^256, or 1 with 77 zeroes after it. That’s an insanely huge keyspace, so the idea of being able to brute force it is laughably meaningless. It’s worthless to try. The nice thing about these tools is they can be used solitarily. Yes, you could use them to share secrets with other people, but a more useful approach is to use these tools to keep your data secure while it’s stored somewhere. If you don’t have that somewhere always under your conscious control, you really need these tools to make sure it’s secure from Eve and her minions. This starts an arms race of a sort. The tools themselves compete along with their key lengths, and cryptologists, fueled by paranoia perhaps are always trying to come up with clever ways to break these tools. To prove the strength of your tools, you push them until they break, then you know what kind of pressure they can withstand. Where we are now, AES-256 is considered secure, even against Eve, but that is eroding with time. Why? It comes down to that keyspace I mentioned earlier. There is another batch of tools called hashers, they convert something into something else and that conversion is one way only. You can hash a phrase “This is a secret” using a hash and it spits out a long strip of character data. These hashers can be used to turn your password into a key that the tools use to make your data secure. Currently we have much like the encryption tools, a series of named tools from their creators and the government’s renamed tools. What used to be MD5 became SHA-1, SHA standing for “Secure Hashing Algorithm”. The problem is that hashes can sometimes collide. If you put in “something A” and get a hash, the only way you can feel truly safe is if there is nothing else that works to create that result. A collision is when something else also works. When the hash of “something A” and “something B” are the same is a collision. When you have a hash that is a victim of collisions, the keyspace that hash can help you create is decimated. Much like a burning barn, whenever there is talk of a detected collision, people flee the old tools because they broke. Eve and her minions are onto us! This is why SHA-0 was abandoned for SHA-1, and that was abandoned for SHA-2, and now Keccak was chosen for SHA-3, that’s where we are now.

The paranoia doesn’t stop with Alice, Bob, and Eve. The paranoia snakes its way into the government. Ever since Edward Snowden shared his Pandoras Box with us all, the arbiter of national standards, NIST, is now just as suspect as Eve and her minions are. NIST is the organization that adopts tools into their formal-sounding government rebranded tool names. Rigndael became AES through NIST. Do we really trust AES? NIST has their hands in it, and we don’t trust NIST, so… thankfully when these competitions are held for the vaunted position of NIST winner, the other competitors don’t simply disappear. This led me from AES to Serpent, which was not selected by NIST. Honestly I think AES-256 is still trustworthy, but there is a part of me that prefers Serpent-256 more.

These algorithms are all eventually going to break. Every tool has it’s breaking point. Even Serpent-256 will eventually fail when some clever person figures out an attack that works against it. There is only one algorithm in the entire Universe that is perfect and cannot possibly fail, and that is the one time pad. Cryptology started there and oddly enough created its pinnacle first. The requirements for the one time pad are really steep and its incredibly inconvenient to use. The first thing is to create the pad, and you need a truly random key. If the key has some pattern or design to it, your key can be derived later and it’s worthless. Also, you need enough key-meat to cover your entire message – and if your message is big, you need a lot of key-meat. Plus with big keys there is another problem, how to share that sucker! The key for the one time pad is everything, so you have to do it person to person and you have to make sure that the key doesn’t leak out or get stolen. That’s the danger of the one time pad, the key is a thing not a calculation. What makes it immune from attack opens it up for theft. If you are certain that your key is safe and sound and truly random then the data you encode with the key will adopt the randomness from the underlying key and be impossible to attack using any method, cleverness or brute force. My explorations took me down the path of the one time pad, but it only works to secure data solitarily, sharing data? You need to have the key in multiple places and you can’t be in two places at the same time to make sure that the key is always secure, and you can’t stay awake and vigilant to ensure it either. So what is perfect is ironically total crap. In the end, you are back to the algorithms themselves and until someone can fix the problems with the one time pad, we’re always going to be in an arms race over the strength of our toolkits.

After all this data security geeking that I got myself wound up with I started to branch out and looked into places where cryptography intersects other parts of life. One of the most compelling and frustrating places where this is occurring is cryptocurrencies. Bitcoin was invented by Satoshi Nakamoto. Who is Satoshi? Nobody knows. He may be real or he may be a group of people or he may be an alias. What he created though is amazing. Bitcoin is a currency, you can use it like money, store value, transmit it, and it appears to have all the conditions to be equivalent to fiat, which is a codeword for “cash”. The US Dollar is fiat, Bitcoin is not fiat. Bitcoin is not like the US Dollar, it isn’t based on faith but rather on mathematics. The US Dollar used to be linked to gold, called the gold standard. For every dollar that was in existence it was tied to so much physical gold that you could in theory exchange whenever you wanted to do so. In October 1976 the US Government abandoned the gold standard and US Dollars were then simply an instrument of faith that the US Government was “worth it”. It also helped that everyone here uses the dollar for everything, so it’s natural to use it and not think too hard about what value lies behind it – because the only thing behind it is a big group of old white men smiling and staring at you.

The way Bitcoin works is both involved and really quite elegant. There is a central record of all transactions that have occurred since the currency was invented and that public ledger is called the blockchain. It is a list of transactions in blocks and those blocks are in a way, chained together. As people use Bitcoin, they create new lines in the ledger and share that with every Bitcoin node. A node is the full Bitcoin client, it’s run by anyone and everyone, you can run one too. What keeps the blockchain authentic and honest lies in its ubiquity. It’s in copies worldwide on hundreds of thousands of machines. It transcends national borders, gender, race, creed, orientation, and economic class. Because there are so many perfect identical copies, any “wrong” copy, made that way by trying to be clever gets rejected. As people use Bitcoin, the transactions pile up in the blockchain, and it’s the job of Bitcoin miners to calculate hashes of all the transactions, a feat that is made hard-to-accomplish so as to create a valuable proof-of-work. The Bitcoin miners have to sweat it out to get their reward. When a miner succeeds in adding a new block of transactions to the blockchain they get a reward of 25 bitcoins. This is how the currency injects new “bitcoin matter” into the trading space. Miners secure and codify the blockchain, the blockchain rewards them with value and the miners then use that value in the marketplace. Over time this reward will be halved, so it’ll be 12.5 bitcoins, and then after a time this will be halved again until all the Bitcoins that will be created through mining are expressed into the marketplace by miners. Bitcoin will have this mining subsidy in place up until 2140, but by that time the protocol may change, so it might end then or it may never end. Another thread of value for miners is the transaction fee. When you issue a payment in terms of bitcoin you pay what you owe plus a customary transaction fee payment as well. This fee is 0.1 millibits or roughly 3¢ USD. This transaction fee is a static fee no matter how big the bitcoin transaction is.

Using bitcoin itself can be a little bit daunting, because the public address for bitcoin is a rather ugly long string of characters, such as this one, which is one of mine: 1KxM4U6Q5hYdfi9aSEeS7vj9cBZyrnADJJ. Typing this in manually is an epic pain in the ass, however there is another technology that already exists called QR codes. These graphical representations can represent these long strings of characters in a single easily printable symbol:

Bitcoin is formed much like PKI conducts business, there are Public Keys and Private Keys. The code above is a Public Key address for a Bitcoin account. This address can hold value, it can receive value and I can look up its value in the blockchain and see how much value is there expressed in Bitcoin. If I want to move the value somewhere else or use the value stored there for any purpose, I need that codes companion Private Key. When you have a software wallet, one of its core features is the creation of these accounts. They are free and easy, as they are calculated from the pseudorandom number generator in all contemporary computers. The core of a Bitcoin account is based singly on the Private Key. That is created first using pseudorandom sources and then the Public Key is calculated from the Private Key, it’s a hash, so you can’t reverse the Public Key and derive the Private Key. Modern smartphones are where Bitcoin really shines, iPhone or Android devices have apps that can manage these wallet codes, both Public Keys and Private Keys, so they operate just like a real wallet. You can get money using them and you can pay using them too. It’s in the QR code that makes the transactions simple. Your device takes a picture of the QR and decodes it and then acts on that data. You don’t need to (but you could) hammer out the Public Key address to make everything work the way you expect it to.

I spent a while exploring Bitcoin, and playing with various wallets. There are online wallets, there are device-based wallets, and there are paper wallets. The online sites are a crapshoot, some of them work okay, and others are bitcoin roach motels. I don’t like the hosted online wallets, they are just too fragile and sketchy for my tastes. On device wallets are really quite good, iOS more than Android only because iOS is a really well secured platform. You can also download the client for Bitcoin, the reference client and download a copy of the entire blockchain and use that to record bitcoin transactions if you like, but the blockchain was about 20GB the last I saw it, and that was too big for a machine like my Macbook Pro to store. Some wallets that are for computers use a variant of transaction confirmation called SPV, which depends on a reliable string of confirmations to ensure that the current shape of the blockchain is correct. The nice thing about SPV wallets, or thin wallets as they are called in comparison to the fat wallets of the reference client of Bitcoin is that the sheer size of the blockchain doesn’t need to be stored locally, it scales better with less storage space required. Even these computer-based wallets have their vulnerabilities and that’s why there are paper wallets. Paper wallets have their Private Key printed out as a QR code and hidden behind folded paper, with the Public Key publicly visible. These paper based wallets are really convenient for storing the value of bitcoins off of computer equipment. The value itself is still in the blockchain, in the ledger itself, but the security of the Private Key is now just on a slip of paper. If the paper is destroyed, the Private Key is lost forever and the value associated with it is lost. The value is still in the blockchain, but since nobody can get at it, the Public Keys can’t be converted into Private Keys, the value is completely inaccessible, and really lost forever. As I explored paper wallets I also got to thinking about one of the core assumptions of a lot of hosted and online wallet systems. They all depend on pseudorandom data to forge the Private Key. These generators create random-looking data but there is always a slim chance that someone could figure out the way the numbers were created and make the pseudorandom deterministic. If you could do that, you could simply replay how the pseudorandom generator did its work and replay out the supposedly random Private Key and then your security is down the toilet. All the value associated with that Private Key is vulnerable and your money could just evaporate, poof. Bitcoin Private Keys are forged from 32 bytes of random data. That key length is familiar, I’ve spoken about it before. 32 bytes with 8 bits per byte is a Private Key composed of 256 bits. That’s 2^256, a keyspace that (like we saw before) is 1 with 77 zeroes after it. So I started to think about ways to create truly random bytes to use in my own paper wallets, I wanted it to be pure from the get go. If I could accept an online answer, there are many sources including one of my favorites, which is Hotbits (which creates randomness from radioactive decay). What I wanted was a somewhat convenient way to create my own random bytes without having to use a computer at all. I discovered Hexidice online from a gaming store. These dice have sixteen values on them, 0-9 and A-F. One die is 1 nibble, or half a byte. That means that two dice are 1 byte, and 8 dice are 4 bytes. If I throw eight dice eight times that creates 64 nibbles or 32 bytes. I could technically do the mathematics myself to convert this pure random Private Key into a valid Public Key, but for that part I’m actually okay with using an offline copy of Bitcoinpaperwallet.com on my Macbook Pro. I just turn off the Wifi, start the offline copy of the site and type in my forged Private Key, the system then helps me calculate the Public Key and then make a very attractive paper-based wallet with fold lines and neat graphics and everything. When I want to add value to the paper wallet all I need to do is scan the QR code printed on the front as the Public Key and I can add money to that in a snap. If I want to use the money or move it somewhere else, I need to unfold my wallet and add it to my phone temporarily. That actually is a bad thing, because it would then technically expose my previously Private Key to the world through my phone. If I wanted to be really careful I would prepare a new paper wallet, then use the old one, buy something with it and the remaining value would then need to be immediately sent to the Public Key on my new paper wallet. Then the old paper wallet could be burned.

Once I figured out the storage mechanisms for Bitcoin I got to thinking about how to exchange fiat currency for Bitcoin. There are two distinct ways to go about this with some blurry spots in-between. The one way is to use a regulated exchange, these companies allow you to buy Bitcoin by opening up access to your bank account or debit card and prove your identity to the exchange. The other way is through Localbitcoins which connects you to people who are willing to exchange fiat for bitcoin over-the-counter using cash. The first way is okay, but it irks me because you have to reveal your identity in order to move forward. The second way is more secure and anonymous, but you have to put up with people who may or may not be trustworthy. They may make off with your cash and not give you any bitcoin, it’s a risk. The blurry spots in between? Those companies operate somewhat like the regulated exchanges except they depend on the US Postal Service to be the money mule. You buy a postal money order for the bitcoin you want, mail it to the exchange, and they transfer the bitcoins that you purchased to the Public Key you provided them.

Once you get fiat exchanged into bitcoin you can buy things with bitcoin. Shops could accept bitcoin by simply downloading a Bitcoin wallet and creating a Public Key, making it visible to customers and payment would be the capture of a QR code and the speed of the blockchain makes payment verification easy within 10-15 seconds of the initiation of the payment cycle. Bitcoin can also be used to move value from one place to another instantly without having to endure regulations or custom controls. If you are in a foreign country and need money, you could use bitcoin as a money mule. There are so many ways bitcoin could be used, the applications are just as many as exist with fiat currency.

All these explorations with bitcoin were occupying my spare time and I got a chance to read more of what Edward Snowden had to say. In one message he expressed interest and promise in a program called BitMessage. So of course, I went looking. BitMessage is structured a lot like Bitcoin, except instead of money the “currency” is messages. You can download the BitMessage client for free and start using it. With the BitMessage client, you can create a BitMessage address – such as BM-2cWAk99gBxdAQAKYQGC5Gbskon21GdT29X. If you had BitMessage and sent me a message with this address, I would get it. The neat part about this system is that it encrypts the message and the identity of those in the conversation. This is done very much the same way it is with bitcoins blockchain. Alice posts a message for Bob, it’s encrypted and then sent to everyone, sent to BitMessages “blockchain”. Bob can see this data store and because he has the Private Key that is associated with the BitMessage Public Key that Alice used to send him a message he can actually decrypt this section of the Bitmessage “blockchain” and read it. The message itself cannot be traced to where it comes from or where it goes off to, it shifts that sense around. Everyone has copies of all the encrypted traffic on the system, and only those with the proper private keys can read the appropriate parts and communicate securely. Bitmessage is neat because it bakes PKI into one simple program. As I started to fiddle around with Bitmessage I thought that adding PKI on top of Bitmessage could prove useful as an added layer of security. The only thing you have to watch out for with standard PKI is that the key generation process really wants you to put in a true reliable email. You don’t have to if you don’t want, you can create a keypair without an email, in that case you could be nobody@noemail.com, if you like.

I started to think about the practical applications of Bitmessage and PKI. If you had to get some super-secure message out of one place and you were paranoid about privacy you could go to a website on TOR and get your contacts Public Key and anonymous Bitmessage address, use the Public Key to encode your message, open up Bitmessage and post the information to the BM address and send it knowing that your transmission and their reception could not be tracked and the contents of the message could only be opened by the person with the right Private Key.

What then for all of this? Nobody using PKI, no locals using Bitcoin and no shops accepting it, and nobody but curious lookeyloos using BitMessage? At least I’ll be prepared for Eve and her minions. If you would like to regain some of your own privacy, just let me know and I would be very happy to help you navigate the technology and see how neat all these tools are to use.

Geek Excursions: BitMessage

Posted on January 15, 2015 by bluedepth

Along with my curiosity surrounding Bitcoin, there is a similar technology that has been released for public use called BitMessage. This system is a really neat way to securely communicate in a secure method that involves absolutely no trust whatsoever. It’s a completely decentralized email infrastructure and has captured a lot of my spare attention. BitMessage works a lot like how Bitcoin does, you can create email addresses on the fly, they are a long sequence of random characters that your system can display because you have both a public key and a private key. In a lot of ways BitMessage deals with the biggest problem surrounding PGP/GPG, which is key management. Nobody really wants to manage keys or use the system because it’s extra work. Plus even with PGP/GPG, your identity is written on your keys for everyone to see.

Getting started with BitMessage is a snap. First you need to download the BitMessage client, and you can get that at bitmessage.org. There’s a Windows and Mac client available, you can start it and be instantly attached to the BitMessage network, ready to create new “BitMessage Addresses” and throw them away just as easily. So, for example, you could reach me by sending me a BitMessage to this address: BM-2cWAk99gBxdAQAKYQGC5Gbskon21GdT29X. When you send a message using BitMessage, its to this address and from an address that your client makes, so the conversation occurs securely and since every node has a copy of the data it’s impossible to tell who is getting what information. I think an even more secure method would be to cross BitMessage with a PGP/GPG key. The only problem with a key like that is that classically PGP/GPG keys require that you include your email address as a subkey so that you can be identified by a human-readable email address when looking for your public key or when someone else is looking for it, to verify a signature for example. The PGP/GPG system doesn’t require an email address, you can of course create a public and private keypair using PGP/GPG and make the email address up from whole cloth, and instead just let people know the key ID that you want them to use. So technically if Alice wanted to secretly communicate with me, we could give each other our public keys to start and then use BitMessage as the messaging mule. I don’t see how any eavesdropper could make sense out of any of that data flow. It’s unclear what the contents are, the PGP/GPG encryption keeps the contents of the message secure, and BitMessage itself seriously obfuscates if not outright eliminates being able to tell where the messages are ultimately going to or coming from.

I have to admit that BitMessage is very user friendly and very handy to have. My only issue with it is that I don’t know anyone who uses it, but perhaps this blog post will change that. If you are interested in this bleeding-edge crypto/privacy software, I encourage you to chat me up on BitMessage for serious matters or for fun.

Geek Excursion: Cryptocurrencies

Posted on January 15, 2015 by bluedepth

I’ve been thinking on and off about Bitcoin ever since it was written years ago. Right around the end of last month, in December I thought I would look into it again. Turns out the environment has grown considerably since the last time I looked at it, by leaps and bounds! I figured now would be a great time to dip my big toe into the stream, so I found an online exchange and pursued Bitcoin with them. This exchange was ExpressCoin and the purchase deal was mailing them a US Postal Money order, they’d cash it and then send me the Bitcoin equivalent. Since this was a conversion from Fiat money (in this case United States Dollars) to Bitcoin, the exchange rate was around $330 per Bitcoin. The $10 investment gave me 0.03120712 Bitcoin.

Right after that I started lurking on the Bitcoin subreddit on Reddit and discovered two other currencies, Litecoin and Dogecoin. Then just after that I discovered the Cryptocurrency Faucet websites, places where they hand out free money for proving that you’re human with a captcha, and the off chance that exposing you to advertising will pay for the money flowing out of the faucet.

I still think a great part of all these cryptocurrencies is still quite firmly fixed in the hobbyist framework, the enthusiasts are on the “bright” side of the currency and the speculators are on the “dark” side of the currency. All of these currencies that I’ve engaged with display pretty wild volatility in comparison with any linked Fiat. My buy-in rate was around $330 per Bitcoin, and now weeks later, that’s at $218.87 per Bitcoin. There seems to be two camps developing, the first camp is quite keen on ignoring the Fiat exchange rate and trying to ignite their currencies inside themselves. One of the most positive and tightly knit communities surrounds the Dogecoin. Seeing how the Dogecoin enthusiasts communicate and cope with their currencies volatility is a lesson in lighthearted, altruistic generosity. People who hold Doge appear to be very ready to donate it to other people as encouragement, sympathy, or even on a lark. As you go from Doge to Litecoin to Bitcoin you see a lot less of the pleasantries and a lot more of the cold hard business of currency work and trading.

I think one of the most fascinating parts of these new currencies is how everything is starting from the very beginning – including questions of trust and honor. Because all of these coins are decentralized and unregulated there is no capacity for a “chargeback” mechanism, and when this runs up against mechanisms in other currencies, like the Fiat, where there are “chargeback” mechanisms in place, you run the risk of being seriously defrauded. I completely understand the fear and the very careful progress that these cryptocurrency traders make, but it does speak volumes about just how awful and corrupt some people are. We don’t assume people are trustworthy and honorable, so we need many complicated structures in place to cope with the unknowns. This gap in honor is, I feel, a huge part of what these currencies should work on next. How do you measure honor? How do you establish trustworthiness? I got to thinking about it, and every time I think I have a solution I run into an edge case that blows my concept out of the waters. The only thing that I think might work is arranging honor and trustworthiness in a way similar to the “Web of Trust” that PGP and GPG cryptographic systems rely on to establish trust. PGP/GPG never really took off for mass adoption and that’s always been a very sad thing for me, but I really like the “Web of Trust” idea that they pioneered. That people can trust others when there is reputation on the line, backed by money perhaps, there would need to be some sort of contingency addressing on the line as well. So if Bob wants to establish his trustworthiness and his honor he puts his money on the line for it. But the problem with this is that someone who is not honorable could just come along and lie about Bob and take his money, sending you right back to the start again. It’s fascinating, that Bitcoin decentralized money, but we need to figure out how to decentralize trust as well.

The US Government has done its due diligence in preventing egregious misuse of the Bitcoin currency to be used for illegal purposes by attempting to regulate how centralized exchanges transfer Fiat into the cryptocurrencies. It seems that Bitcoin and all the others are very elegantly designed in so far that despite all these regulations there is a community of individuals willing to operate as nano-exchanges that help bring everything back to its decentralized and unregulated roots. Half of the fun of playing with cryptocurrencies is being at ground zero for all these fascinating developments and arguments and seeing how something so new develops and unfolds.

So far I’ve got some small parts of a Bitcoin, some small parts of a Litecoin, and gobs of Dogecoin. For myself, I am very interested in figuring out ways to secure the relationships between traders, working on terms of honor, trust, and faith. If anyone has ideas that they would like to share, please leave them in the comments below. I would really love a nice conversation about securing honor, trust, and faith between traders.

OS Tryouts 3: ElementaryOS

Posted on October 27, 2014 by bluedepth

The start of ElementaryOS is quite like Linux Mint 17, as they are both based on Ubuntu Linux. One notable difference is that Elementary prompts you by default to choose whether you wish to use the LiveCD system or install it on a computer, whereas Linux Mint 17 simply brings you right into the LiveCD system and provides you a link to install it on your computer, as a shortcut on the Desktop of the LiveCD system.

ElementaryOS requires less space, by about half than Linux Mint 17 does. That’s remarkable but not really a stumbling block since most modern computers all have more than 10GB of primary storage just to start. The installation was really quiet and direct, a pleasant change from PC-BSD for sure. Updates were slipstreamed into the installation routine so there shouldn’t be any need for them once the system is up and running.

The primary login screen is remarkably beautiful. The graphical login has my full name with a place for my password and a Login button, and to the right of that is todays date and time styled in a very appealing way. There also appears to be a “Guest Session” which I will have to investigate, as Linux Mint 17 didn’t include that. Looking around the basic OS I am pleased to see many “Look and Feel” similarities to my beloved Mac OSX. After starting the software update app I expected all the apps to be updated however that wasn’t to be, there are 347 updates pending – so that’s the first thing that needs to happen. Since I have the updater open, clicking on “Install Updates” should get that ball rolling. True to form, the updater is quietly processing it’s duties without user intervention beyond the authentication for elevated privileges that all updaters require in Linuxland. One really neat thing to note in this review is that the devs for ElementaryOS wrote a kernel extension driver for VirtualBox all by themselves. The activation was very straightforward, that’s very impressive. Almost all other OSes force you to install the VBox addins from VBox itself.

The installation of optional software is easily found through the Software Center, it’s icon is a big friendly downward pointing arrow. Many of the apps I would figure would be installed by default, like Firefox and Thunderbird and LibreOffice are not, but they are available. That’s perfectly fine. Having a lot of apps delivered by default only adds to the size of the installation media and can complicate the installation routine if one of those other projects doesn’t behave properly upon installation.

It’s really a toss-up so far between Linux Mint 17 and ElementaryOS. My bias for the Mac OSX interface pushes me ever so slightly over into Elementary territory personally because it isn’t hamstrung by an impossible to eliminate Gnome prime panel that you just can’t get rid of, Elementary comes with a Dock by default. The only irk that gets me about Elementary is that the Dock has no mouse-sensitive effects, but that’s the weakest of quibbles. So far for machines that we’ll end up surplussing, Linux Mint 17 wins for work, but if I were to buy one of the surplussed machines I’d go for Elementary OS instead. It’s mostly just a matter of taste. I could just as easily live with Linux Mint 17.

OS Tryouts 2: Linux Mint 17

Posted on October 27, 2014 by bluedepth

As part of my brief tour through some alternative operating systems I uncorked and tried out Linux Mint 17. So far for all the different systems I’ve tried, this was the most pleasant and simple installations that I’ve had so far. The system boots up into a Live CD environment, letting you try before you buy. I also found the lack of “Scary Text” during the system startup to be a very nice touch. When the OS gets started it works well out of the box. X Windows with the window manager works as it should, without any misgivings. The updater worked well from the first pass and only required one pass to get all the updates that the system needed. The application suites provided worked really well, LibreOffice, a host of web browser choices, but the only thing that was missing was a Calendar application. I thought about iCal and how well that works with Exchange, and wondered if there was an app in the Linux space that could do something similar. My admittedly cursory search didn’t yield any results. Arguably it is a non-issue as the entire Exchange experience for me can be done on the web, so pffft.

There really wasn’t much to write about Linux Mint 17. The OS got a green star on my selection board and led to the disposal of PC-BSD. Next up are Elementary OS and CentOS. I suspect that the last one will be a boondoggle, but only time will tell.

OS Tryouts 1: PC-BSD

Posted on October 22, 2014 by bluedepth

PC-BSD

System Setup

The PC-BSD initial setup was pleasant enough, there was only brief exposure to the horror of the console as cryptic text scrolled past. I can imagine consumers panicking when they see these sorts of screens, pages of text they can’t comprehend without a solid understanding that much of it really is meaningless unless the system doesn’t work, and then it rockets from being worthless to priceless. Generally when I think of designing operating systems for consumers, you want to suppress this behind some pretty pictures or a progress bar, which is a clearer representation that everything is proceeding according to plan. Even when everything is working properly in systems like these you can spy error reports in the startup console text screens. The developers either don’t care or expect the errors and they are “worthless” issues because the system starts up normally. To consumers, if they are reading along and have a little bit of training about what they are looking at, they could be unsettled by a line that looks like an error even if it’s a throwaway warning.

After the initial setup, the standard installation questions are rather straightforward. Language and locale settings, however it is good to note that these days the really good systems automatically fetch much of this material from the indigenous Internet address. I would argue that if the IP is in the United States then it’s likely English, and if you know the IP, then you know the location, so time zones are easily set as well. The hostname selection is always different from system to system I’ve found. Some systems are computer-before-person and some are person-before-computer. Since you can set this to whatever you like, it’s not really a quibble.

PC-BSD does a very good job at clearly separating the difference between root access and user access. You create the password for the root account, and then it automatically leads you to create a user account afterwards, with the option for encryption presented immediately, which is a nice touch.

First Login

I was presented with a login dialog box, I selected my window manager to be Cinnamon as it was an installer option when I set up this system. The system attempted to start X Windows and then the desktop manager crashed. I tried to restart it twice and then when that wasn’t working I clicked Cancel and the system started into X Windows without a desktop manager. There are no clear ways on the display to proceed forward unless I wish to use “AppCafe”, “PC-BSD Control Panel”, or the “PC-BSD Handbook”. I tried to use the magic keyboard combination of Control-Alt-Backspace to exit out of X Windows to no avail, the key combination does not work. I then inserted Control-Alt-Delete which reset the system and led me directly back to the login window. This time I selected the default window manager, of KDE and logged in. The system did at this point proceed properly.

I tried to start a basic application, in this case I wandered through the applications and selected “Marble” in the education category. The app failed silently. After that I went to system update and started the update search. The wait for progress was rather long at about five minutes, but I did see there were “Base System Updates” available, what they are is not stated, but I elected to install them anyways. The progress bar does not really fill up in the way that a consumer would expect, but rather as a quarter-inch blue rippled box that bounces slowly left and right.

Generally when the system is installed and updated it seems to be competent. The fact that you can’t really stray from the KDE interface is a little bit of a concern, but generally not a huge problem. I would say that PC-BSD really isn’t ready for prime time consumer use yet. Then again, no Linux OS is, at least yet.

BSD and Linux Tryouts – Four Distributions

Posted on October 22, 2014 by bluedepth

I’ve got a pile of dead hardware that I’m going to be surplussing soon here at work and much of it won’t be able to handle Microsoft Operating Systems, either because the system lacks a restore partition or lacks a Microsoft licensing sticker to make the install of Windows XP work properly. So we’ll have to live without Windows, which means some other operating system. There are four that I’m looking at currently:

PC-BSD
Linux Mint 17
ElementaryOS
CentOS

Generally I think none of these are really ready for prime-time consumer use, but maybe I’ll be surprised.

Forked Lightning

Posted on September 23, 2014 by bluedepth

My day has walked into the deep pitch of the Microsoft tar-pit. I’ll dispense with the usual protestations that this technology is horrendous and anti-human and deserves to be loaded into an airlock and blown out into space, en route to the sun for ultimate destruction.

My god this is awful.

It all started very innocently enough with an iPhone for an ex-coworker that was asking for a new password. I had backed up the ex-coworkers email from Office 365 and to get access to do that I needed to change the password. That was easily done as I am the admin on our Office 365 email system. I changed the password, I then went to my “backup” computer account and started Outlook 2013, set up the ex-coworkers account on that machine and then went to backup the email using Outlook 2013’s PST file backup routine – that all worked just fine. Once I was done, I copied the PST file to a NAS drive, and that was that. Then another coworker who had the ex-coworkers phone came in because the device was complaining about a bad password, I had changed it and I didn’t know there was a device in play that needed this password update. Hooray for never throwing away 3M sticky notes! So I put the password in and I got into a conversation with the coworker who had the device. I offered to delete the account of the ex-coworker and assign him the alias for the ex-coworker thereby ensuring that mail flows unimpeded to where it ought to go. Everything was all right and proper. So I went into Office 365 admin control and deleted the old user. Then I went to assign the alias to the other account so the mail would flow properly. Office 365 complained that the old account was still around and couldn’t establish the alias. Turns out the account lives in a 30-day penalty box and won’t actually be deleted until we all wait 30 days.

So how do you purge this account from this 30-day limbo? You can do so with a handy-dandy Powershell command called “Remove-MsolUser”. So I open up Powershell and start entering all the bullshit commands to get it connected to Office 365. Arcane and labyrinthine has nothing on this crap, I can’t even begin to estimate just how awful this really is. So I get the Powershell up and connected and waiting at the prompt. Then I enter the command as I see it on this website and I get an error from Powershell that it doesn’t recognize the cmdlet. Okay. So then I look into how to solve this issue, turns out I need to upgrade to Powershell 3.0. I find another website that helps me find the version of Powershell that I have installed, it’s a registry hack, so in I go, HKLM blah blah blah. Turns out I have Powershell Verison 2. I need 3. So I download Powershell 3.0 for 64-bit like I should, and it refuses to load saying I have a later version installed. I find another website and figure out how to get the version of Powershell from Powershell itself, turns out I have version 4.0. Fuckity-Ok! So then I move on, and find that I need two more downloads from Microsoft, the first is “Microsoft Online Services Sign-In Assistant for IT Professionals” and so I download it. I install it, everything is just fine. Next stop is to install the Microsoft Azure Active Directory Module for Windows Powershell. I’ve got all my ducks in a row and then this last install fails – “In order to install Windows Azure Active Directory Module for Windows PowerShell, you must have Microsoft Online Services Sign-In Assistant version 7.0 or greater installed on this computer. So then I looked at the Programs list in Control Panel and found the exact application that I had installed earlier, version 7.25! So what the hell is wrong?!? So I then rebooted, and repaired the Microsoft Online Services Sign-In Assistant and then rebooted again, then retried the installer and the same error. I then copied this error into Google and found an article that pointed me to “Microsoft Online Services Sign-In Assistant for IT Professionals BETA”. It installs and forces another reboot, of course. Once that bit was installed, which worked properly, gah, it was back to the Land of Eternal Stench, also known as PowerShell.

And only then, at the end are we finally successful. All of this for the simple little effort to dump an unwanted email account from our Office 365 system quickly!

I can’t believe it took this much to get through to this solution. I don’t really understand how Microsoft is still in business. This awful lack of quality in any other situation would spell certain disaster for a company. Microsoft is apparently charmed. Actually, it isn’t charm as much as monopoly. Microsoft has a lock on business computing beyond all rational logic and just like IBM in the 70’s and 80’s, once you are locked in, you are stuck and have to smile and thank your masters for dropping crumbs that they allow you to feast on. Even if their products are complete crap, they’ve got the lock and they are using it. Hello again, IBM.

Bluedepth's Journal

Thoughts & Opinions

Category Archives: Geek