Google Schmoogle

Posted on June 9, 2016 by bluedepth

Today is a day for Google to let me down. Generally, a lot of technology companies end up in the same dustbin. They always promise some glittering awesomeness, but when you start to engage with them, you discover that the awesome is rather half-baked. In this particular case, the first two Google technologies were their Music Play property and Android.

Google Music, or Google Play, whatever it’s called, has a lot of the music that I uploaded from my iTunes when I still had music files that I used to play on my iPod. My musical use has migrated to streaming technology, specifically Spotify for which I am very pleased with. I often times miss my old iPod with my music loaded on it. There was something about the shuffle feature on my old iPod Nano that fascinated me. The old shuffler felt almost psychic or at least sensitive to my environment and conditions. I think it is because the device had its RNG on-device and it was a wearable device. There is something still there I think, and I think back on it fondly. A lot of my music is on Google Music, and today I thought I might uncork some of it. I opened my Safari browser and discovered that Google Music doesn’t work without Adobe Flash. As a general rule of thumb, I don’t use Adobe products at all if I can help it, and that is especially true of Adobe Flash. There was a point in the past where you could have installed HTML 5 on the Google Music site, but Google has since eliminated that option as far as I can tell. So, strike one for Google.

The next strike came when I tried to use my Samsung Galaxy Nook device. This device is loaded with Google’s Android operating system, and I’ve railed against this before. In this particular case, it is related somewhat to the dead horse I keep on beating in regards to Google Android. I had my Nook open, and I was trying to use it. The interface is sluggish as hell, but I have grown to accept that. There is an app I have on my Nook, it’s called “Clean Master” and it’s designed to be a system maintainer for Android. From my experience, paired up with what I’ve seen claimed by “Clean Master” application is that Android is a wet hot mess. Every time I use the app, it finds 350MB or more of “Junk files”, and does scans for “Obsolete APKs.” This scan takes an exceptionally long time. So I’ve fallen down a rabbit hole with the device, trying to get it “cleaned up” because it’s “dirty”. This application is dutifully chugging away, apparently just circling around the same batch of directories for about ten minutes accomplishing nothing. I tap the big button at the bottom. “STOP”. Nothing happens. I then tap it a few more times. “STOP”. “STOP”. “STOP”. In the end it was a comedy, and I started to mumble “STAHP” to the device. At the top of the application is another control that says “Advanced Settings” thinking maybe I could turn the scan for “Obsolete APKs” off. Nope. Tap, nothing, tap, nothing. Tap tap tap tap tap tap. The device stops working altogether and then boop, new screen and it’s back to working! But the options there are useless. So then I try to use the “Home” button, and the Nook just dwells there, thinking. about. it. Then the Home switcher screen appears, and I make the throwaway gesture to get rid of “Clean Master” app. There is “nothing” running on the device, but it’s mostly just sluggish as hell.

So that is what informs my opinions about these companies. Google, Samsung, and Apple. I include Apple because I have a lot of Apple devices, and they don’t behave like this. Even with two giant corporations working together, Google and Samsung, they can’t even touch on what Apple does. My iPhone 6 behaves for me, mostly, and in comparison, it is far better than what Samsung and Google bring to the table. My chief issue is the disconnect between the hardware stats, the Samsung is supposed to have more resources than the Apple products, so it comes down to the OS? It may simply be a fight between iOS and Android in the end. To really focus on my issue, it is all about user interrupt. On my iPhone, the user interrupt, which is to say the events that the user wishes take top priority. The interface is “snappy” and “gets my wishes” and “performs”. Whereas in Android, the user input seems to be treated like a queued wishlist that the user inputs and waits for the device to act on if it wants to, or not. I know it’s not designed to behave this way, or at least it shouldn’t. But the behavior is what informs my opinions. I’ve got an Apple device that is snappy and responsive to me versus a Samsung/Android Nook that seems to want to do its own thing. There is another company represented, and that’s B&N. Mostly at this point I think of B&N as a bystander. They aren’t really involved anymore with Samsung or Android, they’re just marketing books through a channel, and they happened to choose this channel. For what the Samsung Galaxy tablet is, it’s core function that I use it for, which is an eBook reader, it is satisfactory. For a general use tablet or a mobile device capable of more than just eBooks, though? No. And I can’t understand why people who use Android accept this behavior so blindly. Perhaps that’s what being a fan is all about. If you are fond of the underdog, the scrappy alley fighter, then I suppose Android has some romance to it. You want the sad, somewhat over-concussed street-fighter who sometimes pisses himself and forgets his name to come out on top in the end and win the day.

So with these two starting experiences today, the answer is to lower your expectations. I expected too much of Google and of Samsung. The device is just a simple eBook reader, it really can’t be anything else. I will never willfully purchase another Android device, so there isn’t any reason to declare that Android is dead to me, it was dead on arrival after all. The only thing that I can say is that other people seem to enjoy it, and in the end that’s all that matters. After seeing what this Samsung Galaxy can do, I don’t understand the why behind Android’s success, but they are successful and in that, well, that’s good. It’s just not for me.

As for the music, I again lower my expectations. Instead of searching for some way to access my Google Music without Adobe Flash, I’m instead going to try an application that can help me migrate my music collection off to a Spotify playlist, maybe. In that, I have very little faith, and I’ll probably just give up and stop thinking about it altogether. I find myself not really fighting about technology anymore. I find that I’m more apt just to turn it off, put it in a drawer and forget about it for a few decades. If I were a technology company, I would really love to find out what kind of technologies people have put in their drawers and forgotten about, and find out why. That would create a great laundry list of things “not to do” when devising new technologies.

What Roy Batty Saw

Posted on April 25, 2016 by bluedepth

We hired a new coworker and learned that he needed a Cisco VOIP phone. I had one spare unit left, an older Cisco 7912 unit. I went to go plug it in, and the POE over Ethernet simply wasn’t registering on the phone. I knew for a fact that the phone itself was fine, and the switch I was plugging the phone into was functioning well. I also knew that my station cables were working fine, so I used my Fluke LinkRunner to test the cables and the port. Everything checked out; the Fluke indicated proper POE, however, when I plugged the phone in, nothing at all.

I knew that this port had a history of being troublesome, but previously to this I had a Cisco 7940 phone working well in this spot, so it was a mystery as to why a 7912 wasn’t also working. I tested the port a few times, each time seeing proper POE voltage and wattage. Even the switch itself noticed my Fluke tester and was registering that a device was consuming POE supply on the port in question. I couldn’t understand why a phone that works well in one place doesn’t work in another when everything is equal. Obviously, not everything was as equal as I thought. Something had to be wrong.

I looked at the Fluke LinkRunner, it listed POE as coming in on pairs 1 and 2 for the positive circuit and 3 and 6 for the negative circuit. So then I took the Fluke to my testing lab and looked at POE coming from a Cisco Catalyst 3560 switch. The Fluke indicated that 3 and 6 were positive, and 1 and 2 were negative. I immediately figured out what the issue was. Ethernet jacks can conform to T568A or T568B, the difference is subtle and is a flipped pair of conductors. I did a little desk diving and popped the cover off the jack in the wall, everything that I deal with is always T568B. Always. The jack in the wall? T568A. So armed with what I knew, I tugged the old keystone jack out and replaced it with the last good one that I have. Punched it down, and tested it again. The Fluke indicated POE, 3-6-1-2, I plugged in the phone and pop! The phone came to life!

So, just when you think you can just get on with things, always check the standards. You always have to assume that nobody else is. What a mess. But at least it was an easy fix.

FreeBSD Crater

Posted on April 1, 2016 by bluedepth

I started out looking at FreeBSD based on a draw from FreeNAS, which then led to ZFS, the primary file system that FreeNAS and FreeBSD use. At work, I am looking at the regular handling of enormous archival files and the further along I went the more I realized that I would also need storage for a long time. There are a lot of ways to ensure that archival files remain viable, error correcting codes, using the cloud, rotating media. So all of this has led me to learn more about ZFS.

I have to admit that at first, ZFS was very strange to me. I’m used to HFS and EXT3 and EXT4 type file systems with their usual vocabularies. You can mount it, unmount it, and check it with an option to repair it. ZFS adds a whole new universe of vocabulary to file systems. There are two parts, the zpool creates the definition of the devices and files you want to use for your file system, and the zfs command allows you to manipulate it, in terms of mounting and unmounting. When it comes to error-checking and repair, that is the feature called scrub. The commands themselves aren’t difficult to grasp but the nature of this new file system is very different. It enables the administrator to perform actions that other file systems just don’t have. You can create snapshots, manipulate them, and even draw older snapshots – even out of order – forward as clones. So let us say that you have a file system, and you’ve been making regular snapshots every 15 minutes. If you need something from that filesystem at snapshot 5 out of 30, you don’t have to roll back the file system manually; you can just pluck snapshot 5 and create a clone. The cloning procedure feels a lot like “mounting” a snapshot so you can access it directly. If you destroy a clone, the snapshot is undamaged, it just goes back into the pile from whence it came. The big claim to fame for ZFS is that it is regarded by many as the safest file system, if one of the parts of it, in the zpool should fail the file system can heal itself. You can tear out that bad part, put in a new part, and the file system will rebuild and recover. In a lot of ways, ZFS is a lot like RAID 1, 5, or 6. Apparently there is a flaw with RAID 5 when you get to big data volumes and from what I can gather, ZFS is the answer to those problems.

So I have ZFS ported over to my Macbook Pro, and I’ve been playing around with it for a little while. It works as advertised so I’ve been enjoying that. One of the biggest stumbling blocks I had to deal with was the concepts of zfs mounting, unmounting and how they relate to zpool’s export and import commands. I started with a fully functional ZFS file system, created the zpool, then mounted it to the operating system. Then the next step is to unmount the file system and export the zpool. Exploring the way you can fully disconnect a ZFS file system from a host machine and then reverse the process. While doing this, I was reticent on using actual physical devices, so I instead used blank files as members in my zpool. I was able to create, mount, and then unmount the entire production, and then export the zpool. When I looked over how to reverse that, import the zpool I just had the system told me that there weren’t any pools in existence to import. This had me thinking that ZFS was a crock. What is the point of exporting a zpool if there is no hope on importing it afterwards? It turns out, there is a switch, -d, which you have to use – and that’s the trick of it. So once I got that, I became much more comfortable using ZFS, or at least exploring it.

So then today I thought I would explore the source of FreeNAS, which is FreeBSD. BSD is a kind of Unix/Linux operating system, and so I thought I would download an installation image and try it out in my VirtualBox on my Macbook Pro. So, I started with the image FreeBSD-10.2-RELEASE-amd64-dvd1.iso and got VirtualBox up and running. The installation was very familiar and I didn’t run into any issues. I got the FreeBSD OS up and running and thought I should add the VirtualBox Guest Additions. I thought I could just have VirtualBox add the additions as an optical drive and that the OS would notice and mount it for me in /mnt or /media. No. So that was a no-go. I then looked online and searched for VirtualBox Guest Additions. I found references to procedures to follow in the “ports” section of the FreeBSD OS. I tried it, and it told me that it couldn’t proceed without the kernel sources. So then I searched for that. This turned into a fork/branch mess and I knew that familiar sinking feeling all too well. You try and fix something and that leads to a failure, so you look for help on Google and follow a fix, which leads to another failure, and then you keep on going. This branching/forking leads you on a day-wasting misadventure. The notion that you couldn’t get what you wanted from the start just sits there on your shoulder, reminding you that everything you do from this point forward is absurd. There is a lot of bullshit you are wading through, and the smart move would be to give up. You can’t give up because of the time investment, and you want to fight it out, to justify the waste of time. The battle with FreeBSD begins. At the start we need the kernel sources, okay, use svn. Not there, okay, how to fix that? Get svn. Sorry, can’t do it as a regular user. Try sudo, command doesn’t exist, look for su, nope, not that either. Try to fix that, can’t. Login as root and try, nope. So I pretty much just reached my limit on FreeBSD and gave up. I couldn’t get VirtualBox Additions added, svn is impossible to load, sudo is impossible to load. Fine. So then I thought about just screwing around with ZFS on FreeBSD, to rescue some semblance of usefulness out of this experience. No, you aren’t root, piss off. I even tried SSH, but you can’t get in as root and without sudo there is no point to go forward.

So, that’s that for FreeBSD. We’re up to version 10 here, but it is still firmly bullshit. There are people who are massively invested in BSD and they no doubt are grumpy when I call out their OS for its obnoxiousness. Is it ready for prime time use? Of course not. No kernel sources included, no svn, no sudo, no su, no X for that matter, but honestly, I wasn’t expecting X.

It points to the same issues that dog Linux. If you don’t accept the basic spot where you land post-install then you are either trapped with Google for a long while or you just give up.

My next task will be to shut down the FreeBSD system and dump all the files. At least I only wasted two hours of my life screwing around with the bullshit crater of FreeBSD. What have I learned? Quite a lot. BSD I’m sure is good, but to use it and support it?

Thank god it’s free. I got exactly what I paid for. Hah.

Apple’s Activation Lock

Posted on December 29, 2015 by bluedepth

open-159121_640 I just spent the last hour bashing my head against Apple’s Activation Lock on a coworkers iPad 2. They brought it to me because it had nearly every assistive mode option turned on, and it was locked with an unknown iCloud account. I tried to get around the lock to no avail, even to return the device to factory specifications. Even the factory reset ends up crashing into the Activation Lock.

It’s heartening to know that Activation Lock took the guts out of the stolen devices market for Apple mobile devices, but in this particular case it’s creating a huge headache. There is no way for me to move forward with treating this issue because the iPad only refers to its owner by a guesstimate email address, b******@gmail.com. I don’t know what this is, and there is no way for me to figure it out. So this device is pretty much bricked, and I have no choice but to send the user directly to an Apple store with the instructions to throw the device on their mercy.

If you are going to give away or sell your Apple device, make sure you TURN OFF ACTIVATION LOCK. There is no way, not even DFU-mode or Factory Reset that can defeat the lock. There are some hacks that used to work, but Apple catches on quickly and updates their iOS to close each possible hack soon after it appears.

I don’t pitch a fight with Apple over this, it was a clear and present requirement that they met, it just makes dealing with this particular issue impossible for people like me to resolve. The best way around this issue is to secure each and every device with an iCloud account and write the iCloud username and password down in a very legible and memorable safe place! Without the iCloud account details or a trip to the Apple Store, the device is so much plastic, metal, and glass.

Vexatious Microsoft

Posted on December 15, 2015 by bluedepth

Microsoft never ceases to bring the SMH. Today I attempted to update a driver for a Canon 6055 copier here at the office. The driver I had was a dead duck, so out to get the “handy dandy UFR II driver”. I downloaded it, noted that it was for 64-bit Windows 2012 R2 server and selected it. Then I went to save it, and this is the error that greets me:

Capture
“Printer Properties – Printer settings could not be saved. This operation is not supported.”

So, what the hell does this mean? Suddenly the best and the brightest that Microsoft has to offer cannot save printer settings, and saving of printer settings is an operation that is not supported. Now step back and think about that for a second, saving your settings is not supported.

The error is not wrong, but it is massively misleading. The error doesn’t come from the print driver system but rather from the print sharing system. That there is no indication of that is just sauce for the goose. What’s the fix? You have to unshare the printer on the server, and then update the driver, and then reshare the printer. The path is quick, just uncheck the option to share from the neighboring tab, go back, set your new driver, then turn sharing back on. It’s an easy fix however because the error is not written properly, you don’t know where to go to address it. A more elegant system would either tell you to disable sharing before changing drivers or because you are already sharing and trying to install a new driver, programmatically unshare, save the driver, then reshare. Hide all of this from the administrator, as you do. That’s not what Microsoft does; they do awkward and poorly stated errors leading you on a wild goose chase.

But now I know, so that’s half the battle right there. Dumb, Microsoft. So Dumb.

Network Monitoring

Posted on December 14, 2015 by bluedepth

I’m in the middle of a rather protracted evaluation of network infrastructure monitoring software. I’ve started looking at Paessler’s PRTG, also SolarWinds Orion product and in January I’ll be looking at Ipswitch’s products.

I also started looking at Nagios and Cacti. That’s where the fun-house mirrors start. The first big hurdle is no cost vs. cost. The commercial products mentioned before are rather pricey while Nagios and Cacti are GPL, and open sourced, principally available for no cost.

With PRTG, it was an engaging evaluation however I ran into one of the first catch-22’s with network monitoring software, that Symantec Endpoint Protection considers network scanning to be provocative, and so the uneducated SEP client blocks the poller because it believes it to be a network scanner. I ran into a bit of a headache with PRTG as the web client didn’t register changes as I expected. One of the things that I have come to understand about the cost-model network products is that each one of them appears to have a custom approach to licensing. Each company approaches it differently. PRTG is based on individual sensor, Orion is based on buckets, and I can’t readily recall Ipswitches design, but I think it was based on nodes.

Many of these products seem to throw darts at the wall when it comes to their products, sometimes hit and sometimes miss. PRTG was okay, it created a bumper crop of useless alarms, Solarwinds Orion has an exceptionally annoying network discovery routine, and I haven’t uncorked Ipswitch’s product yet.

I don’t know if I want to pay for this sort of product. Also, it seems that this is one of those arrangements that if I bite on a particular product, I’ll be on a per-year budget cost treadmill for as long as I use the product unless I try the no-cost options.

This project may launch a new blog series, or not, depending on how things turn out. Looking online didn’t pan out very much. There is somewhat of a religious holy war surrounding these products. Some people champion the GPL products; other people push the solution they went with when they first decided on a product. It’s funny but now that I care about the network, I’m coming to the party rather late. At least, I don’t have to worry about the hot slag of “alpha revision software” and much of the provider space seems quite mature.

I really would like anyone who works in the IT industry to please comment with your thoughts and feelings about this category if you have any recommendations or experiences. I’m keenly aware of what I call “show-stopper” issues.

Archiving and Learning New Things

Posted on December 12, 2015 by bluedepth

As a part of the computing overhaul at my company, each particular workstation that we overhauled had its user profile extracted. This profile contains documents, downloaded files, anything on the Desktop, that sort of information. There never really was any centralized storage until I brought a lot of it to life, later on, so many of these profiles are rather heavy with user data. They range all the way up to about 144 gigabytes each. This user data primarily just serves as a backup, so while it’s not essential for the operation of the company, I want to keep as much as I can for long-term storage and maximally compress it.

The process started with setting up an Ubuntu server on my new VMWare Host and giving it a lot of RAM to use. Once the Ubuntu server was established, which on its own took a whole five minutes to install, I found a version of the self-professed “best compression software around” 7zip and got that installed on the virtual Ubuntu server. Then I did some light reading on 7zip and the general rule of thumb appears to be “throw as much as you can at it and it will compress better”, so I maxed out the application with word size, dictionary size, the works. Then started to compress folders containing all the profile data that I had backed up earlier. Throwing 144 gigabytes of data at 7zip when it’s maxed out takes a really long time. Then I noticed the older VMWare cluster and realized that nothing was running on that so for its swan song I set up another Ubuntu server and duplicated the settings from the first one on the second one and pressed that into service as well.

I then thought about notification on my phone when the compression routine was done, but by the time I had thought about it, I had already started the 7zip compressor on both servers. Both of these were far enough along where I didn’t want to cancel either operation and lose the progress I had made compressing all these user profiles. I am not a Bash Shell expert so it took a little digging around to find that there already was a way, temporarily, to freeze an application and insert more commands after it so that when the first application completes, the next application will go immediately into operation. You use Control-Z, which freezes the application and then the command “bg %1 ; wait %1 ; extra command”. Then I thought about how I’d like to be notified and dug around for some sort of email method. None of these servers that I put together had anything at all in the way of email servers and I really wasn’t keen on screwing around with postfix or sendmail. I discovered a utility called ssmtp which did the trick. Once I configured it for use with my workplace Office365 account and did some testing, I had just the thing that I was looking for. I stopped the application on both servers doing the compression and inserted the email utility to the end of the application finishing. When the compression is done, I will be emailed.

All in all, quite nifty and it only took a few minutes to set up. Once I’m done with this particular task, I can eliminate the “junky” Ubuntu server altogether on the old VMWare host and trim back the Ubuntu server running on my new VMWare host. I quite love Ubuntu, it’s quick and easy, set up what you want, tear it down when you don’t need it anymore, or put the VMWare guest on ice as an appliance until you do need it sometime later. Very handy. Not having to worry about paying for it or licensing it is about as refreshing as it can get. I just need something to work a temporary job, not a permanent solution. Although considering how much malware is out there, the breakpoint between the difficulty-to-use for end users in Linux may eventually give way to the remarkable computing safety of using Linux as a primary user workstation operating system. There is still a long while before Linux is ready for end-user primetime. I sometimes wonder what it will take for the endless vulnerabilities of Windows to break Microsoft. Hope springs eternal!

Sandboxing FTW

Posted on March 30, 2015 by bluedepth

After I reminded people that I offer a complimentary attachment checking service through my office I got a submission from one of our warehouse operators in Texas. It was an oddly-named attachment called UmjSJCk.zip. I saved it to my Mac and opened Terminal. Then unpacked the zip file and it unpacked to Quotation.exe. I giggled a bit when I ran the file command on it and saw that it was a Windows executable. Exactly what I expected. So I put it in a folder called sandbox and started my copy of Windows XP that I have in VirtualBox. The OS has it’s hard drive set to immutable, so any changes or write activities that the OS does is not sent to the VHD image, but rather to a “snapshot” VHD image on the side. Each time I start the OS, it’s as if I am starting it for the first time, because when an immutable VM finds something (anything) in the snapshot folder, it dumps it first then creates a new snapshot image for writes. I make sure the sandbox can’t see anything beyond my Mac by assigning it’s LAN connection as a Host-Only Adapter. That means that the VM can only see VirtualBox’es fake network host and nothing else.

So start this sandbox Windows XP, mount the sandbox folder as a drive to the sandbox – set as Read Only also, by the way, no baby-backwash here… and then double-clicked on Quotation.exe. It loaded a process and started to grope the network connection. Of course it did. So, with the bug trying it’s best to reach out and fetch it’s payload I clicked on the little red close control and told VirtualBox to power off the virtual machine.

Poof. All gone. Changes and everything. Then I dumped the sandbox contents.

I think whats more concerning here is that my scan using ClamAV on my Mac in regards to this data showed no infected data. Well, it certainly was trying to be nasty.

Then I start to wonder about the inherent usefulness of VirtualBox when it comes to airgapped computing when it comes to privacy and really being paranoid about encryption. But then I realize that when I turn off my Airport on my MBP, that it’s just as good as anything I could screw around with in VirtualBox. An infection in my MBP? Heh… piff.

Better Credit Card Security

Posted on March 17, 2015 by bluedepth

While talking with a friend, who is enduring some unpleasantness the conversation turned to issues with using credit cards to buy things, like food for example. That got me thinking, how would I design a really strong way to prevent data breaches?

Encrypt everything!

Well, perhaps not that, but hash everything. Here’s what I talked myself into, of course none of this is rational because nobody will effect a planetwide shift in payment processing based on what this yokel has to say, but still, here goes.

Issuing Bank sets up credit account, there are four key fields that are important for the classic transaction, name, number, expiration date, and CVV2. I think one could also establish a timebased one-time-password secret as well, it would operate like Google Authenticator functions. So you’d need a secret that the bank generated for their systems and the physical card too. You’d need a smart chip on the card so it could forward the TOTP code to the credit terminal at the point of sale.

The bank sets up a TOTP secret, so it’s named JQP Credit Card (or account number or whatever) and the secret is: 6B57078FB88A4DD73E447D2647DCEC7D04C3D887951BA6A2D8DBA294E0B60579. This number is forwarded to the credit card terminal. Right now it’s 726995, but in thirty seconds it’ll be something else. Since the credit card terminal and the bank share sync’ed time via time.nist.gov, there is no risk that there would be some sort of mismatch between the two.

The customer goes to the credit card terminal and swipes, a value is entered and a timestamp is recorded, all of this is already parts of a credit transaction. The terminal can read the name, expiration, CVV2, whatever from the magnetic stripe and the smart chip forwards the TOTP code, then the terminal assembles this into a EDI transaction:

JOHN/Q/PUBLIC#1111222233334444#1015#170#726995 and applies SHA256 to it, to create:

621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba

This is stored in a database and then forwarded to the bank with the timestamp, so it’ll look like this:

987654321#621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba#15.09#1426615839

So the bank will be presented with a Customer ID, SHA-256, they’ll have the total dollar amount, and they’ll have Epoch time, or the number of seconds from 00:00:00 UTC, January 1, 1970. This could be easily done by a Linux kernel by the output of date -j -f “%a %b %d %T %Z %Y” “date” “+%s”

The bank would then have everything they need, they’d have the secret key, which with the Epoch time from the transaction would give them the TOTP calculation, which would generate the answer 726995. Then they’d have the card details from the customer ID, the SHA-256, and the amount. They could then calculate the hash on their own:

621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba

And authorize the transaction.

Even if the card details were stolen by someone copying the numbers off the card, they wouldn’t get the TOTP secret. Plus the TOTP secret is changing every 30 seconds. If someone tried to run this transaction and guessed at the TOTP code, they’d generate this:
987654321#a1b714fba988632200c78a5b9021bca5b48f149b036aa901c03173f0f2de5399#15.09#14266158 and the bank would instantly detect this incorrect SHA hash and cancel the card and ship a new one.

This is rather involved but the practical upshot is, if a vendor kept these transactions in a database and someone stole the database to use for their own nefarious needs, the presence of the TOTP and SHA-256 would make the data in the database worthless because the TOTP has no predictable pattern if you don’t know the secret, and SHA-256 is very sensitive to even the smallest change in the input data that it’s hashing. This would free vendors, banks, and customers from risking PII leakage or identity theft.

I’ve also thought that this would be a great way to secure SSN’s as well for use with the government, they know your SSN and you know your SSN, so when communicating over a possibly compromised channel you can authenticate not with your SSN, but with the hash of your SSN.

John Q. Public, 123-45-6789 -> 01a54629efb952287e554eb23ef69c52097a75aecc0e3a93ca0855ab6d7a31a0

Prep Porn

Posted on February 27, 2015 by bluedepth

I’ve found myself taking little diversions into geek town. There’s always been this pervasive suspicion that privacy is dead, but since Edward Snowden came out and said, “Yes, everything you feared is real and it’s much worse than you know and far worse than you could ever imagine.” That statement only added fuel to the fire for me.

How did I spend my spare time? Exploring digital security measures. After a while I started to sense that I was very much on my own, the technology of privacy is a desert. I accepted that I would never likely be able to put all of this into actual practice, so it became a kind of exploration into digital privacy for the geek thrill of finding something new and watching it work. Kind of like getting a complex rube-goldberg machine and using it just to watch it clink and clank away.

Diving into privacy has had some remarkable side-effects. It is very easy to quickly slide into paranoia. The idea that everyone is out for what you know and what you are talking about, measuring you and evaluating the things you communicate and the data you create and store. Honestly speaking, that’s a mirage — it only seems that way because you have new toys to make it all super secure, so in a way, creating super secure methods invites the notion that Eve is out to get you. Who is Eve? In crypto circles whenever people want to discuss how a crypto system works, they need names to give people to humanize the interaction and make it more relevant for people. Alice is always the initiator of the secret communications, Bob is always her recipient or contact, and Eve (which I have always mused stands for “Eavesdropper” sits in between Alice and Bob wanting their secrets and breaking through their veil of privacy.

I started with PKI, Public Key Infrastructure. It’s a fully fleshed out system which uses a pair of keys to secure anything digital, from files, to text, to even entire telephone conversations. This system has two parts, a Public Key and a Private Key. When you create your key, and key generation is actually laughably trivial, you keep your Private Key held close to your bosom and you send your Public Key to everyone you know who is using PKI. They tried to address this by creating things called Keyservers. These are systems that are run by various places that you can post your Public Key to and they’ll keep it in their database. You and anyone else can use these services to look up others and get their Public Keys. These Public Keys have fingerprints, so you can verify that the keys aren’t mangled, damaged, or shanghai’ed by some nefarious other party (Eve). So, Alice would seek out Bob’s Public Key and cast her message using the key to encrypt it. Once that’s done, the data is complete gobbledegook to everything in the Universe except Bob’s Private Key. Bob gets the message, because he has his Private Key, he can decode the message and benefit from it’s contents. Eve could of course get her hands on the secure message herself by wiretap or eavesdropping, but the message will only unlock to a very specific Private Key, so without it, Eve just has so much noise. Alas, this system only works when everyone is using the infrastructure. Everyone needs to have a keypair, otherwise there is no way to address your message, because there is an absolute lack of Public Keys to be had for anyone! And this is my headache. Even if I wanted to use PKI, it’s worthless because nobody I want to communicate with has a Public Key. This PKI, this one thing, is currently one of a handful of things that Eve cannot actually break into. And when I say Eve, I really mean the nebulous fog of the Men In Black, so the FBI, the NSA, GCHQ, those types. They are always in black suits and black sunglasses and we hope they are nice and mean us no harm, ahem, sure.

If PKI won’t work, which boggles my mind since it costs nothing at all to actually use any part of it, the next step is exploring conventional cryptography. There are algorithms that go by codenames that everyone can use. There are two different realms for these sorts of tools. There are the trade names of the tools like Rigndael, Serpent, Twofish, Blowfish, Threefish, and so on. These are the mechanical parts that make conventional cryptography possible. Alice and Bob have a secret only they know, a nice long password. They can use these tools to make their sensitive data useless for anyone who doesn’t have their password. It’s somewhat like PKI, only that both Alice and Bob need to share that secret ahead of time for any of this to work. These tools are all submitted to the government for their consideration and when a tool is submitted and chosen, like Rigndael it loses it’s authors name and picks up a big impressive name from the government, in this case AES. Advanced Encryption Standard. As a curious sidelight, Serpent was a competitor for AES with Rigndael, one won, the other did not. All of these tools have a number associated with them, these are the key length measurements and in a general way can be equated with the strength of the encryption. AES-128 is “weaker” than AES-256. These numbers indicate the number of bits used to form the secret key used in the encryption. The longer the key, the harder it is to attack the encrypted message with brute force attacking it. Having the message is easy, guessing every possible key combination when there are 256 bits in play? That’s a huge keyspace! A keyspace is an imaginary construct that tries to tie physical size to the sheer number of combinations that a key can have. A key with one bit has only two possible values, either zero or one, so it’s keyspace is 2^1, or two. If it isn’t zero, it’s one. The keyspace for AES-256? It’s 2^256, or 1 with 77 zeroes after it. That’s an insanely huge keyspace, so the idea of being able to brute force it is laughably meaningless. It’s worthless to try. The nice thing about these tools is they can be used solitarily. Yes, you could use them to share secrets with other people, but a more useful approach is to use these tools to keep your data secure while it’s stored somewhere. If you don’t have that somewhere always under your conscious control, you really need these tools to make sure it’s secure from Eve and her minions. This starts an arms race of a sort. The tools themselves compete along with their key lengths, and cryptologists, fueled by paranoia perhaps are always trying to come up with clever ways to break these tools. To prove the strength of your tools, you push them until they break, then you know what kind of pressure they can withstand. Where we are now, AES-256 is considered secure, even against Eve, but that is eroding with time. Why? It comes down to that keyspace I mentioned earlier. There is another batch of tools called hashers, they convert something into something else and that conversion is one way only. You can hash a phrase “This is a secret” using a hash and it spits out a long strip of character data. These hashers can be used to turn your password into a key that the tools use to make your data secure. Currently we have much like the encryption tools, a series of named tools from their creators and the government’s renamed tools. What used to be MD5 became SHA-1, SHA standing for “Secure Hashing Algorithm”. The problem is that hashes can sometimes collide. If you put in “something A” and get a hash, the only way you can feel truly safe is if there is nothing else that works to create that result. A collision is when something else also works. When the hash of “something A” and “something B” are the same is a collision. When you have a hash that is a victim of collisions, the keyspace that hash can help you create is decimated. Much like a burning barn, whenever there is talk of a detected collision, people flee the old tools because they broke. Eve and her minions are onto us! This is why SHA-0 was abandoned for SHA-1, and that was abandoned for SHA-2, and now Keccak was chosen for SHA-3, that’s where we are now.

The paranoia doesn’t stop with Alice, Bob, and Eve. The paranoia snakes its way into the government. Ever since Edward Snowden shared his Pandoras Box with us all, the arbiter of national standards, NIST, is now just as suspect as Eve and her minions are. NIST is the organization that adopts tools into their formal-sounding government rebranded tool names. Rigndael became AES through NIST. Do we really trust AES? NIST has their hands in it, and we don’t trust NIST, so… thankfully when these competitions are held for the vaunted position of NIST winner, the other competitors don’t simply disappear. This led me from AES to Serpent, which was not selected by NIST. Honestly I think AES-256 is still trustworthy, but there is a part of me that prefers Serpent-256 more.

These algorithms are all eventually going to break. Every tool has it’s breaking point. Even Serpent-256 will eventually fail when some clever person figures out an attack that works against it. There is only one algorithm in the entire Universe that is perfect and cannot possibly fail, and that is the one time pad. Cryptology started there and oddly enough created its pinnacle first. The requirements for the one time pad are really steep and its incredibly inconvenient to use. The first thing is to create the pad, and you need a truly random key. If the key has some pattern or design to it, your key can be derived later and it’s worthless. Also, you need enough key-meat to cover your entire message – and if your message is big, you need a lot of key-meat. Plus with big keys there is another problem, how to share that sucker! The key for the one time pad is everything, so you have to do it person to person and you have to make sure that the key doesn’t leak out or get stolen. That’s the danger of the one time pad, the key is a thing not a calculation. What makes it immune from attack opens it up for theft. If you are certain that your key is safe and sound and truly random then the data you encode with the key will adopt the randomness from the underlying key and be impossible to attack using any method, cleverness or brute force. My explorations took me down the path of the one time pad, but it only works to secure data solitarily, sharing data? You need to have the key in multiple places and you can’t be in two places at the same time to make sure that the key is always secure, and you can’t stay awake and vigilant to ensure it either. So what is perfect is ironically total crap. In the end, you are back to the algorithms themselves and until someone can fix the problems with the one time pad, we’re always going to be in an arms race over the strength of our toolkits.

After all this data security geeking that I got myself wound up with I started to branch out and looked into places where cryptography intersects other parts of life. One of the most compelling and frustrating places where this is occurring is cryptocurrencies. Bitcoin was invented by Satoshi Nakamoto. Who is Satoshi? Nobody knows. He may be real or he may be a group of people or he may be an alias. What he created though is amazing. Bitcoin is a currency, you can use it like money, store value, transmit it, and it appears to have all the conditions to be equivalent to fiat, which is a codeword for “cash”. The US Dollar is fiat, Bitcoin is not fiat. Bitcoin is not like the US Dollar, it isn’t based on faith but rather on mathematics. The US Dollar used to be linked to gold, called the gold standard. For every dollar that was in existence it was tied to so much physical gold that you could in theory exchange whenever you wanted to do so. In October 1976 the US Government abandoned the gold standard and US Dollars were then simply an instrument of faith that the US Government was “worth it”. It also helped that everyone here uses the dollar for everything, so it’s natural to use it and not think too hard about what value lies behind it – because the only thing behind it is a big group of old white men smiling and staring at you.

The way Bitcoin works is both involved and really quite elegant. There is a central record of all transactions that have occurred since the currency was invented and that public ledger is called the blockchain. It is a list of transactions in blocks and those blocks are in a way, chained together. As people use Bitcoin, they create new lines in the ledger and share that with every Bitcoin node. A node is the full Bitcoin client, it’s run by anyone and everyone, you can run one too. What keeps the blockchain authentic and honest lies in its ubiquity. It’s in copies worldwide on hundreds of thousands of machines. It transcends national borders, gender, race, creed, orientation, and economic class. Because there are so many perfect identical copies, any “wrong” copy, made that way by trying to be clever gets rejected. As people use Bitcoin, the transactions pile up in the blockchain, and it’s the job of Bitcoin miners to calculate hashes of all the transactions, a feat that is made hard-to-accomplish so as to create a valuable proof-of-work. The Bitcoin miners have to sweat it out to get their reward. When a miner succeeds in adding a new block of transactions to the blockchain they get a reward of 25 bitcoins. This is how the currency injects new “bitcoin matter” into the trading space. Miners secure and codify the blockchain, the blockchain rewards them with value and the miners then use that value in the marketplace. Over time this reward will be halved, so it’ll be 12.5 bitcoins, and then after a time this will be halved again until all the Bitcoins that will be created through mining are expressed into the marketplace by miners. Bitcoin will have this mining subsidy in place up until 2140, but by that time the protocol may change, so it might end then or it may never end. Another thread of value for miners is the transaction fee. When you issue a payment in terms of bitcoin you pay what you owe plus a customary transaction fee payment as well. This fee is 0.1 millibits or roughly 3¢ USD. This transaction fee is a static fee no matter how big the bitcoin transaction is.

Using bitcoin itself can be a little bit daunting, because the public address for bitcoin is a rather ugly long string of characters, such as this one, which is one of mine: 1KxM4U6Q5hYdfi9aSEeS7vj9cBZyrnADJJ. Typing this in manually is an epic pain in the ass, however there is another technology that already exists called QR codes. These graphical representations can represent these long strings of characters in a single easily printable symbol:

Bitcoin is formed much like PKI conducts business, there are Public Keys and Private Keys. The code above is a Public Key address for a Bitcoin account. This address can hold value, it can receive value and I can look up its value in the blockchain and see how much value is there expressed in Bitcoin. If I want to move the value somewhere else or use the value stored there for any purpose, I need that codes companion Private Key. When you have a software wallet, one of its core features is the creation of these accounts. They are free and easy, as they are calculated from the pseudorandom number generator in all contemporary computers. The core of a Bitcoin account is based singly on the Private Key. That is created first using pseudorandom sources and then the Public Key is calculated from the Private Key, it’s a hash, so you can’t reverse the Public Key and derive the Private Key. Modern smartphones are where Bitcoin really shines, iPhone or Android devices have apps that can manage these wallet codes, both Public Keys and Private Keys, so they operate just like a real wallet. You can get money using them and you can pay using them too. It’s in the QR code that makes the transactions simple. Your device takes a picture of the QR and decodes it and then acts on that data. You don’t need to (but you could) hammer out the Public Key address to make everything work the way you expect it to.

I spent a while exploring Bitcoin, and playing with various wallets. There are online wallets, there are device-based wallets, and there are paper wallets. The online sites are a crapshoot, some of them work okay, and others are bitcoin roach motels. I don’t like the hosted online wallets, they are just too fragile and sketchy for my tastes. On device wallets are really quite good, iOS more than Android only because iOS is a really well secured platform. You can also download the client for Bitcoin, the reference client and download a copy of the entire blockchain and use that to record bitcoin transactions if you like, but the blockchain was about 20GB the last I saw it, and that was too big for a machine like my Macbook Pro to store. Some wallets that are for computers use a variant of transaction confirmation called SPV, which depends on a reliable string of confirmations to ensure that the current shape of the blockchain is correct. The nice thing about SPV wallets, or thin wallets as they are called in comparison to the fat wallets of the reference client of Bitcoin is that the sheer size of the blockchain doesn’t need to be stored locally, it scales better with less storage space required. Even these computer-based wallets have their vulnerabilities and that’s why there are paper wallets. Paper wallets have their Private Key printed out as a QR code and hidden behind folded paper, with the Public Key publicly visible. These paper based wallets are really convenient for storing the value of bitcoins off of computer equipment. The value itself is still in the blockchain, in the ledger itself, but the security of the Private Key is now just on a slip of paper. If the paper is destroyed, the Private Key is lost forever and the value associated with it is lost. The value is still in the blockchain, but since nobody can get at it, the Public Keys can’t be converted into Private Keys, the value is completely inaccessible, and really lost forever. As I explored paper wallets I also got to thinking about one of the core assumptions of a lot of hosted and online wallet systems. They all depend on pseudorandom data to forge the Private Key. These generators create random-looking data but there is always a slim chance that someone could figure out the way the numbers were created and make the pseudorandom deterministic. If you could do that, you could simply replay how the pseudorandom generator did its work and replay out the supposedly random Private Key and then your security is down the toilet. All the value associated with that Private Key is vulnerable and your money could just evaporate, poof. Bitcoin Private Keys are forged from 32 bytes of random data. That key length is familiar, I’ve spoken about it before. 32 bytes with 8 bits per byte is a Private Key composed of 256 bits. That’s 2^256, a keyspace that (like we saw before) is 1 with 77 zeroes after it. So I started to think about ways to create truly random bytes to use in my own paper wallets, I wanted it to be pure from the get go. If I could accept an online answer, there are many sources including one of my favorites, which is Hotbits (which creates randomness from radioactive decay). What I wanted was a somewhat convenient way to create my own random bytes without having to use a computer at all. I discovered Hexidice online from a gaming store. These dice have sixteen values on them, 0-9 and A-F. One die is 1 nibble, or half a byte. That means that two dice are 1 byte, and 8 dice are 4 bytes. If I throw eight dice eight times that creates 64 nibbles or 32 bytes. I could technically do the mathematics myself to convert this pure random Private Key into a valid Public Key, but for that part I’m actually okay with using an offline copy of Bitcoinpaperwallet.com on my Macbook Pro. I just turn off the Wifi, start the offline copy of the site and type in my forged Private Key, the system then helps me calculate the Public Key and then make a very attractive paper-based wallet with fold lines and neat graphics and everything. When I want to add value to the paper wallet all I need to do is scan the QR code printed on the front as the Public Key and I can add money to that in a snap. If I want to use the money or move it somewhere else, I need to unfold my wallet and add it to my phone temporarily. That actually is a bad thing, because it would then technically expose my previously Private Key to the world through my phone. If I wanted to be really careful I would prepare a new paper wallet, then use the old one, buy something with it and the remaining value would then need to be immediately sent to the Public Key on my new paper wallet. Then the old paper wallet could be burned.

Once I figured out the storage mechanisms for Bitcoin I got to thinking about how to exchange fiat currency for Bitcoin. There are two distinct ways to go about this with some blurry spots in-between. The one way is to use a regulated exchange, these companies allow you to buy Bitcoin by opening up access to your bank account or debit card and prove your identity to the exchange. The other way is through Localbitcoins which connects you to people who are willing to exchange fiat for bitcoin over-the-counter using cash. The first way is okay, but it irks me because you have to reveal your identity in order to move forward. The second way is more secure and anonymous, but you have to put up with people who may or may not be trustworthy. They may make off with your cash and not give you any bitcoin, it’s a risk. The blurry spots in between? Those companies operate somewhat like the regulated exchanges except they depend on the US Postal Service to be the money mule. You buy a postal money order for the bitcoin you want, mail it to the exchange, and they transfer the bitcoins that you purchased to the Public Key you provided them.

Once you get fiat exchanged into bitcoin you can buy things with bitcoin. Shops could accept bitcoin by simply downloading a Bitcoin wallet and creating a Public Key, making it visible to customers and payment would be the capture of a QR code and the speed of the blockchain makes payment verification easy within 10-15 seconds of the initiation of the payment cycle. Bitcoin can also be used to move value from one place to another instantly without having to endure regulations or custom controls. If you are in a foreign country and need money, you could use bitcoin as a money mule. There are so many ways bitcoin could be used, the applications are just as many as exist with fiat currency.

All these explorations with bitcoin were occupying my spare time and I got a chance to read more of what Edward Snowden had to say. In one message he expressed interest and promise in a program called BitMessage. So of course, I went looking. BitMessage is structured a lot like Bitcoin, except instead of money the “currency” is messages. You can download the BitMessage client for free and start using it. With the BitMessage client, you can create a BitMessage address – such as BM-2cWAk99gBxdAQAKYQGC5Gbskon21GdT29X. If you had BitMessage and sent me a message with this address, I would get it. The neat part about this system is that it encrypts the message and the identity of those in the conversation. This is done very much the same way it is with bitcoins blockchain. Alice posts a message for Bob, it’s encrypted and then sent to everyone, sent to BitMessages “blockchain”. Bob can see this data store and because he has the Private Key that is associated with the BitMessage Public Key that Alice used to send him a message he can actually decrypt this section of the Bitmessage “blockchain” and read it. The message itself cannot be traced to where it comes from or where it goes off to, it shifts that sense around. Everyone has copies of all the encrypted traffic on the system, and only those with the proper private keys can read the appropriate parts and communicate securely. Bitmessage is neat because it bakes PKI into one simple program. As I started to fiddle around with Bitmessage I thought that adding PKI on top of Bitmessage could prove useful as an added layer of security. The only thing you have to watch out for with standard PKI is that the key generation process really wants you to put in a true reliable email. You don’t have to if you don’t want, you can create a keypair without an email, in that case you could be nobody@noemail.com, if you like.

I started to think about the practical applications of Bitmessage and PKI. If you had to get some super-secure message out of one place and you were paranoid about privacy you could go to a website on TOR and get your contacts Public Key and anonymous Bitmessage address, use the Public Key to encode your message, open up Bitmessage and post the information to the BM address and send it knowing that your transmission and their reception could not be tracked and the contents of the message could only be opened by the person with the right Private Key.

What then for all of this? Nobody using PKI, no locals using Bitcoin and no shops accepting it, and nobody but curious lookeyloos using BitMessage? At least I’ll be prepared for Eve and her minions. If you would like to regain some of your own privacy, just let me know and I would be very happy to help you navigate the technology and see how neat all these tools are to use.

Bluedepth's Journal

Thoughts & Opinions

Category Archives: Log