Category Archives: Personal Life

Secure Channels

Posted on by
Reply

I explored the challenge of establishing a secure channel in a business-to-business use case a few days ago. Between the company I work for and another company, where the information was very sensitive, the risk of it being compromised was unacceptable, and the requirement that I share the information with the other party undeniable.

The goal was to get a secret string of text from my system into the system of another party. I have explored cryptography for a long while and so I was confident that all the tools I had could do the job very well. The real challenge was in establishing a communications protocol and a secure channel. Amongst my explorations, I had the entire suite of OpenSSL library ciphers at hand, I had GPG, and the answer which I sort of knew already even before I started this foray into cybersecurity, that Signal would eventually be my answer.

It was at first exploration of the challenge of it. How could I get a secret alphanumeric string to another party that had none of the tools or the experience of cryptography that I had in my library? All of it was fated before I even started, but I at least wanted to go through the motions and explore this problem as if I was sitting in the middle of it without any view of the win condition at the end. The first stab was GPG, so I searched for any public keys related to the other company, and there were none. That was worth a smirk, and I nodded because I would have been shocked if there was a hit at all, so GPG was a dead end. The next effort was thinking about what sort of cipher could be used. This selection of a cipher was symmetric cryptography. I would need to encode the message so that it would be suitable for email transmission, and encrypt the data using some standard cipher that I knew would be possible for both parties, and then I spent a while trying to figure out the password for the cipher. I knew that base64 would be great for encoding and decoding the message, and I still have faith in AES-256-CTR, but that left me having to select a password that I could use that both sides knew. Any effort to share that password in any other non-secure channel would render all my efforts for nothing because then the cipher would be a mathematical contrivance because the security of the password then became equivalent to the security of the payload. If the password was passed in clear text, then the entire endeavor was meaningless.

So this entry becomes a love letter to Signal. It covered everything I needed. It used encryption end-to-end and it was vetted and secure, it didn’t require public keys, or specifically, the user wasn’t involved with that part of the process, and I could trust that the inbound mobile number matched the intended recipient. I didn’t need to exchange passwords or agree on a cipher or a protocol. The application and service are free as well, so there wasn’t even a cost barrier to this solution! It checks off every box on my list. I was able to copy and paste the secure string of data over Signal to the other person and conclude the task that I set for myself at the beginning of all of this. There is more to Signal than just this use case and I encourage everyone I know to download it, sign in, and start using it.

Upgraded Mac Mini, Contacts Woes

Posted on by
1

A dear family member upgraded their old Mac Mini to a new Mac Mini over the holiday break and from afar, I helped by making some key suggestions on how to get the data moved from the old machine to the new machine. Specifically, using Apple’s own Time Machine to restore the data back to where it belonged on the new computer. I did this through another person, by fielding technical questions from remote.

Everything appeared to go well, except Contacts was a problem. But after a few restarts, Contacts wasn’t a problem. So everything was fine and we moved on. Then I got a new call for help, that the Contacts application had crashed and refused to restart. I started my remote assistance program and shared the desktop session with the faraway computer. The Contacts app was well and truly not opening. I went to ~/Library/Application Support/AddressBook and moved the folder to the Desktop, started Contacts app, and it started with the owners details and the entry for Apple. Then I closed the Contacts app, deleted the AddressBook folder that was created by default because I had moved the previous one to the Desktop, and I undid that. I then started Contacts and it opened. The user went to an entry they wanted to remove, and the app crashed. And then it was stuck again. I did the AddressBook folder out/delete/in two-step and got it back to work, but then figured out that some of the entries worked fine, while others caused the application to crash.

So after I got everything back and running in Contacts, I backed up the contacts using the Export Contacts feature. I then emptied the AddressBook folder again, started Contacts, and then Imported from the backup. Once again, the entry that was causing the crash made the application crash. So whatever it was, it was data driven and somehow got included in the backup feature. I had another option, a long shot, but I tried it. So I got everything in Contacts up and running, selected everything, saved everything as a VCARD file instead, then used TextEdit to find the entry that the end user really didn’t want and removed it manually. Then I restarted an empty version of Contacts, which ran fine, imported the VCARD data back into Contacts, and then after that, everything was fine.

So there is something from probably High Sierra’s Contacts that drives Catalina’s Contacts nuts. Its something that survives backups, but doesn’t survive being shuttled through VCARD. If you have any problems with toxic entries causing Contacts to crash, select all the cards, export them as VCARD, empty out ~/Library/Application Support/AddressBook and then reimport everything. It works. I don’t know why, but it works.

This is the sort of foolishness that I expect from Microsoft, not Apple. Tsk Tsk Tsk Apple.

Crochet Day 2

Posted on by
Reply

Yesterday I tried and made a lot of mistakes. First was trying to accomplish a slip knot, which by the book was impossible. I found another way and it works much better, the X method on my hands. Then struggling to make a chain stitch, but I got better slowly. Then I tried several lines of single crochet and it came out floppy and anemic. Turns out I was doing it completely wrong. So I ripped up everything and this morning tried it again. I finally figured out what was wrong, I was only picking up half of the loops that I needed so there was no depth to the work.

In a few hours I ended up here. Looks like it’s going to be a scarf for Scott. There’s some missed stitches at the base, but overall it’s not bad for a day 2 attempt.

Snakes and Foxes

Posted on by
Reply

My Shazam! Christmas gift from Scott was a homemade copy of Snakes and Foxes from Wheel of Time.

This is the playing board and it comes with player pieces and enemy pieces in snake symbols and fox symbols. The dice tell you who can move and how far on the board and the board has arrows showing how everyone can move. Players start in the center and move to the edge, and if they can get back to the center they win. The game is designed to be unwinnable, unless you play as a Ta’veren which adds extra rules and enables a player to win.

We played it at Chocolatea today and got lots of interested folks looking on. Maybe also helped sell some folks on Wheel of Time itself. LOL!

It’s a one of a kind thing and apparently it took quite an effort to assemble. I’m thoroughly impressed and touched. To be able to play a central game featured in the book series is quite something!

Done with Higher Ed

Posted on by
Reply

I haven’t had a University dream in a long while. We were moved to new offices and I went exploring. Trying to find the vending machines I end up on a service elevator that heads to a basement. I don’t have the oddly shaped key that lets you return so I leave and discover that I’m in the middle of service corridors and I start to try to get outside. I end up in another one way hall in the library with an odd platform that seems to have only one function, to crush people. Like a compactor. I get out of there and end up in a sub-basement and eventually find my way out through a construction area with metal and glass doors allowing only exit, not entry. A student looking terrified actually gains entry and runs the other way. I make my way out to a courtyard and run into a younger student fleeing an older man who is chasing him with a machete. Then I wake up.

I can say that the part of my life where actually being inside University buildings is well and truly over. Here’s a dream exploring that awful place. I woke up and laughed, “Yeah, not going there ever again. You don’t have to wrap it in symbolism.”

Higher Ed, hah. Done with that.

Alternatives

Posted on by
Reply

Censorship reminds me that there are a few things really worth buying into for your online peace of mind. The first is a VPN. You should not connect to the Internet without a VPN. There are many great options to choose from, there is NordVPN and Private Internet Access, or PIA. I strongly suggest that people buy a year’s worth of service from a VPN provider and then connect to it every time you use the network.

I also can strongly suggest that people download the Signal application on your Smartphone or Tablet. Signal uses End-to-End Encryption so that whatever you want to talk about is secured from your device to the other device, preventing anyone on the network who may be snooping in, from reading your private conversations.

Since Twitter censored one of my tweets, which resulted in me losing faith in their service, I downloaded the entire Twitter archive for my account and then I set virtual fire to it, burning it to the ground. I then (mostly) left Facebook and found a different community in the Federated Universe or Fediverse based on ActivityPub technology, specifically the Mastodon system. Mastodon is a lot like Twitter, only with better filters and controls and a generally better group of people. After Facebook slapped their gag on me, I went right over to my Mastodon instances and laughed it up.

It goes without saying that everyone should get at least some rudimentary apps for your privacy downloaded into your phone and set up. If you install Signal, it will offer to show you people on the system who are registered, and I will pop right up!

Another Smartphone app that is worth your while is Bridgefy. It allows you to use Bluetooth as a short-range communications radio, about 30 feet. The neat part of Bridgefy is that it creates a Bluetooth Mesh, allowing messages to spread across Bluetooth from participant to participant, so if you are in close proximity with others, and everyone has Bridgefy, you can have an ad-hoc mesh network where you can communicate with your phones without the need of the Internet. This is really important if the government or the Internet providers try to control the flow of information by active denial of service. While the Internet provider can simply just turn off their data services, they cannot touch Bluetooth radio. The Bridgefy app really leverages large populations of people, enabling long-range communications over the mesh network. It is really something everyone should have, just in case.

Chesapeake Beard Company’s Mercury Beard Balm, 2oz.

Posted on by
Reply

I encountered the Chesapeake Beard Company during a beard competition event at the Old Dog Tavern here in Kalamazoo, Michigan. They had a table set up, and they had an array of products available. Amongst all of their products, the Mercury line appealed the most. I bought both the oil and the balm, but the scents are nearly the same, so I’m only reviewing the balm. The product comes in a glass jar with a plastic lid. The balm is waxy, yellow in color and has the same consistency as the Viking Revolution balms, slightly firmer than Honest Amish and somewhat looser than the Reuzel.

The scent is the strongest of all my balms and oils and the fellow selling the product sold it as a homage to Freddie Mercury, that one of his favored drinks was a kind of Cherry and Rum flavored cocktail. This balm screams black cherry and a light undercurrent of rum running underneath. The fragrance is amazingly strong and has significant staying power. They use fragrance oils instead of other more easily diffused scents like linalool or vanillin. Much like how Honest Amish is an “exploding pumpkin pie,” Mercury by Chesapeake Beard is an exploding cherry pie. The scent is overwhelming and delightful. You likely wouldn’t use this balm if you were attempting a formal dress event where strong fragrances are frowned upon, but if you were in any other situation, this balm would be a home run. If you like cherries or if someone you know prefers cherries, this balm might be the perfect way to condition your beard and have a wonderful experience along for fun. I estimate that the fragrance lasts at least three to four hours long, significantly longer than any other balm, except perhaps the Honest Amish one.

It is worthwhile to note that they have renamed this product to Rhapsody, but they do include the old name, Mercury, on their website.

Reuzel Wood and Spice Beard Balm, 1.3oz

Posted on by
Reply

The Reuzel Wood and Spice Beard Balm is a brand new fragrance from the Reuzel company. They immediately get top-choice amongst my beard products because they were the first ones I had, and they have performed admirably for me. The tin is just like the standard Reuzel, a screw-top aluminum canister with the product within. The Reuzel Wood and Spice Balm, much like its predecessor, suffers from the same unusual crystallization in the wax that the standard Reuzel suffers from. The solution is to warm Reuzel products up to melting and then let them gently cool. This fixes the problem for both the standard Reuzel and this one. The front has the recognizable Dutch pirate and on the back the ingredient list.

The balm itself is stiff, waxy, and quite solid. It scrapes with the back of the thumbnail readily and melts with ease when you work it in your hands. The color is bisque, and the scent is wonderful and subtle. The fragrance is warm with vanilla, wood scents, and spiciness that lends a kind of forest-guide warmth to the user. There are notes of butterscotch as well, which really appeals to me. It is a remarkable departure from the standard Reuzel fragrance, but still quite pleasant to use.

When pairing this balm with oil, either unscented, which would be best, or even the Honest Amish Premium Oil would work as both have notes of woodsy warmth that would compliment each other nicely. I can definitely see this becoming a standard entry in my beard care kit.