the media frenzy will go bonkers over ecc


dude, schneier, please please don’t write a rant that can so easily be blown out of proportion by other persons in the media. ok, i know we should be paranoid about all pseudo random number generators, but frankly all the media will read out of this piece is: ecc is b0rk3d omg!!11!!!11!

it really irks me that people crap on ecc (elliptical curve cryptography) just because they haven’t taken the time to look into some of the excellent literature on ecc’s use (and abuse, this is security, everything is broken as some point in time). even math kids should be studying up on this because wow is the math behind ecc fun.

configuring cgd on netbsd

not enough keyholes

i followed this chapter on cgd for netbsd, but there were a few places where i got stuck and i thought i’d just note them here in case i (or other peeps out there on the interwebs) try to do this again. these notes are in order but be sure to use the cgd chapter. these are more like guidelines anyway.

– to boot into single user mode, reboot then when netbsd is counting down right after the bios, press any key to stop the countdown and then type boot -s to boot in single user mode

– one doesn’t need to use dump to get data off, use netcat + tar to copy to a remote machine (a good option when you don’t have an external drive or cd burner). so on the machine where you want to install cgd, once it’s in single user mode, run:

# tar -czvf – | nc servername port

and on the machine where you are receiving the data:

$ nc -l -p port > file.tgz

– when you are trying to edit partitions with disklabel, know that disklabel on netbsd supports interactive mode with -i and that it isn’t in the disklabel man page at all. to delete the data partitions you want to move to cgd, first launch disklabel in interactive mode, then pull up a partition by typing in the letter of the partition, then choose “unused” for filesystem type, start offset of zero, partition size of zero, then repeat for the other partitions you want to delete, then choose W for write and yes to confirm “label disk?”. that will delete the partitions you need.

– when you need to recreate your new partitions after scrubbing and configuring cgd with a passphrase, run disklabel again in interactive mode and put back the partitions you had the first time following the sizes and names of the partitions from your backup of disklabel you did before starting this whole process. make the new partitions of type 4.2BSD, not ccd. make the partitions in the order in which they were from your original disklabel backup to make adding each one easier (the start point is just the letter of the partition that comes before).

– to copy your data back, use tar and nc in reverse, but you may have to copy apps from /rescue to get things to work and be sure to save your original nc in a place where it won’t get wiped (i.e. save it in /tmp when you are scrubbing your data). when using tar be sure to add the flag to preserve permissions, otherwise you will get some wonky behavior everywhere. vi may be missing so you will need to use cat to edit your fstab and >> to append the cgd=YES line to rc.conf.

other than that, the cgd chapter is quite complete. can i get a w00t for encrypted hard drives please?

crypto + hippeastrum

crypto and hippeastrum

bruce schneier’s applied cryptography isn’t a new tome to many of you who follow this blog, but i had never cracked it open. i started with Chapter 11: Mathematical Background, mostly because i knew the familiarity of the math would draw me in faster than starting from the beginning. there was a time where i wouldn’t touch a book that included the word applied in the title, i fancied myself a pure math girl, one who didn’t dally with the banalities of real world problems. my old purist approach seems hilarious to me today as what i enjoy now is extremely hands-on and rarely theoretical in nature. i was worried the math included in the book would be too flippant or too mired in algorithmic code for me to enjoy it, but schneier’s writing is fantastic. even though i didn’t come across any math that i hadn’t studied, he includes a boatload of references for deeper reading. if nothing else, one should purchase the book for the 1,653 references listed. (is schneier an a.i.? how can one person possibly read that much?)

the author’s tone is relaxed, but precise. with talk of aliens and supercomputers, even the math chapter reads like science fiction. let’s just say i’m now inspired enough to absorb the other chapters, even the non-prime ones.