Permalink  crypto, security, tech, web  Comments Off on
Feb 052016
 

The free certs from https://letsencrypt.org/ do indeed work as described. I wanted to check them out for some public facing services I wanted to run. To get the certificate you run a program on a host that DNS resolves to the cert you want to get – so if “foo.example.com” resolves to 10.6.6.6, you need to install the cert generation program on 10.6.6.6, and have either 80 or 443 free (I […]

d3ck, d3ck, goose

 code, crypto, hack, philosophy, security  Comments Off on d3ck, d3ck, goose
May 132015
 
d3ck, d3ck, goose

A bit over 2 years ago I started on a journey that has become a bit surreal; I had what seemed like a modest goal, simply create something that would facilitate confidential (e.g. encrypted) sharing of information in an easy way. Then snowden came along, and things started become even more… interesting, in the Chinese way. Tragedy, comedy, farce, delays and complications beyond belief followed. But the basic problem […]

certificates and security

 crypto, philosophy, security, tech, web  Comments Off on certificates and security
Aug 052014
 
certificates and security

npm is the defacto package manager for the node.js javascript network programming environment thingee. The folks who make npm have taken a security leap: npm no longer supports its self-signed certificates Ah, they build the bastions of light and goodness, protecting us from the sins of the masses by standing tall. So… how do you install npm, anyway? Ah, yes, you look it up on their site… let’s see… why, […]

Random bits

 crypto, dinosaurs, security, tech  Comments Off on Random bits
Apr 212014
 

… well, literally… or pseudo literally? To generate 128 bits of pseudo-randomness: dd if=/dev/urandom bs=16 count=1 2>/dev/null| hexdump |awk ‘{$1=""; printf("%s", $0)}’ | sed ‘s/ //g’ Block size 16 = 16 bytes… do that once (count=1); that’s 16 bytes * 8 bits/byte = 128 bits. I’ve been using this in scripts lately, like “foo=$(…)”.