Blog‎ > ‎

Paranoid, RAIN, Google Sites SSL, AMP, Blocking, Batteries, ECC / Brainpool / GnuPG / PGP

posted Jul 16, 2017, 7:22 AM by Sami Lehtinen   [ updated Jul 16, 2017, 7:22 AM ]
  • Sometimes timing of things just makes you paranoid. How it's possible that after certain event, your mobile phone starts to reboot several times. Still having plenty of charge left. Those effects are just like malware exploit attack gone slightly wrong. So user is more than aware about the attack. But this kind of malfunction happening in tens of minutes after even, just makes you highly paranoid. Yes, it could be totally random.But hasn't ever happened before. Nor probably will never happen again. But why it just happened in relation to something else. That's just so strange. Often this kind of strange events get into right context afterwards. And you kind of know, that you noticed it. But you didn't know what it was, when it happened.
  • Did that strange email attachment crash your PDF reader or word? Yep... But it doesn't mean anything, or maybe it does. Who knows.
  • RAIN RFID - GS1 UHF RFID Gen2 protocol, ISO/IEC 18000-63 - Identify – Locate – Authenticate – Engage - Internet of Things (IoT) - This is something which got nearly limitless use cases. If it's just cheap enough to be widely deployed. RFID would be great, customers are asking for it all the time. But usually the prohibitive factors is excess cost per unit. This would partially solve all the complaints about 'can I track it', which I've posted several times earlier. Either you've got tracking device & id, or you do not. And if you don't then well, you simply just can't do it. Yet there are some cases where FIFO stack or something similar can be used to track individual items, without individual ID. But that's only possible in very controlled environments.
  • Just one question: When HTTPS will be available for Google Sites, with custom domains?
  • Do we really need Accelerated Mobile Pages (AMP) ? As far as I know, all web sites work extremely well on Mobile. This of course expecting that the sites aren't full of absolutely bloated crap, like many sites are. If you take as example, generic news sites. 90% of the content loaded when accessing news article is non-relevant crap. No wonder sites are slow. But that doesn't require anything like AMP, it just needs cleaning the mess and getting rid of absolutely ridiculous excess weight.
  • Read interesting article: TRIM dm-crypt problems? About SSD, TRIM / DISCARD, and Disk Encryption DMCRYPT.
  • Today I finally wrote a script which processes logs and also bans different kind of DDoS attacks as well as slow drip attacks. Some of the attacks were so bad and annoying, that it just had to be done. I knew I've gotta get some kind of solution for it, at some point. But there weren't any perfectly suitable solutions cheaply available. So I wrote one. Which also includes handy whitelist management. Yet detection engine supports custom rules which allow very efficient banning, with very low number of false positives. IPv4 and IPv6 are supported. When 8 /64 are blocked in same /48 then /48 gets blocked and the /64 blocks are removed. Because it's likely that same attacker is just using different addresses from same pool. Same happens with IPv4, 32 gets converted to 24 after 8 hits. It would be also possible to implement regional or AS based ban / whitelists. But so far what hasn't been necessary.
  • Brain dead engineering, once again. I've got plenty of devices, which do not have any kind of indication what kind of batteries those are supposed to use, not even voltage or polarity. What kind of idiot moron engineers produce this kind of stuff? - Really. I guess they assume that everyone got connectors and lab power souces, which you can use to safely find good 'working voltage' without going too high. Yes, of course that's doable, I've done it several times. But still, it's just so silly. Is it CR123 or 4LR44? Maybe 1.5 V button cell, or 3 V button cell? Who knows. There are often several batteries which are viable based on dimensions alone. So annoying. I guess that's one of the ways they'll try to make people to buy new device instead of replacing battery. Of course making device nearly impossible to open, is also one of the ways, and soldering the battery permanently in place, etc. I've defeated all of those things, but is sure does badly annoy me.
  • I'm happy someone asked me this. - Yes, I'm very aware that ECC key [A4F5 3032 18AA 5665 76B6  90AE FCD4 D06B 02B8 D42A] is signing / authentication key only. Why? Because now I can send you case specific public key and sign it with my key. This is to mitigate people about complaining that OpenPGP / GnuPG doesn't provide "ephemeral keys". Therefore if the matter is important. I'll generate new key for the specific case in secure environment and send it to you specifically for the discussion. This also makes it possible to get rid of the key as soon as the matter has been handled.
    Actually I've added separate Brainpool 512 bit ECC key RFC5639 for encryption since.