Blog‎ > ‎

SbO, HTTPie, Storage, BGAN, PGP Spam, SDDC

posted Jun 30, 2016, 11:21 PM by Sami Lehtinen   [ updated Sep 12, 2017, 9:46 AM ]
  • Security by Obscurity - Nice post I fully agree. I've actually used secret knock sequence aka Port Knocking (PK) or a packet with a special payload aka Single Packet Authentication (SPA). No, you can't replay it very easily, if the SPA contains cryptographic content, like non-truncated version of TOTP hash. Someone says that it won't work. Sure it does, I've got a small Python script which generates the knock packet. And it contains time based hash authentication. Which doesn't need to be truncated and contains time component as well as long fixed totally random key. As well as the server accepts the knock code only once, so the replay doesn't work that easily. Basically port knocking can be just as secure as login with SSH keys and adds one strong security layer to the security stack. Definitions: "Obscurity as a Layer" and "Security Through Obscurity".
  • Started to use httpie. I'm pretty sure we've all had our 'joyful moments' with cURL when doing complex RESTful queries using it.
  • Started to use OneDrive for certain storage needs. Seems to work. HubiC performance has been a quite big disappointment lately. Uploads go in at 1 Mbit/s and downloads are barely just a bit faster. Doesn't really sound to great at all. But maybe that's the price what you have to pay for nearly free storage, you'll get nearly null service level too. Surprised? No? Ok. When you start to pay for storage and bandwidth, unsurprisingly the performance gets quite a boost too. One other cloud storage provider pumps their data at quite nice rates: 100% [=>] 250,000,000 52.8MB/s in 5.6s Yes. That half a Gbit/s speed is clearly bit better than 1Mbit/s.
  • Studied Inmarsat-4 (I-4) satellite system aka Alphasat - which powers the BGAN. I started by looking at BGAN coverage maps, and it immediately seed familiar. So I was pretty sure it's powered by some other previously known network, instead of being new satellite operator. Also noticed the new I-4 MEAS satellite. Which brings extra capacity to the network.
  • As well as the latest incarnation Inmarsat I-5 satellites which seriously upgrade bandwidth from previous generations. 50 / 5 Mbit/s. Using Xenon Ion Propulsion (XIPS) neat. Providing Global Xpress (GX) services.
  • Today I received first ever spam to my PGP/GPG public key address. Annoying. It was email trying to phish information and get the address confirmed. Well this is some sort of progress. I've been waiting for that to happen for years. btw. I've got a pro tip for you. If you're sending email to addresses listed in PGP public keys, why you didn't encrypt the email with the public key. - That's because you're most probably too stupid to figure out how to to use PGP yourself. Ha, gotcha! So actually I'm waiting for first spam to be encrypted with my public key. Not only crap sent to address in public key which got harvested from a public key server. I've been actually planning to add auto-responder to that address with gpg man page, if someone is too retarded to get the point what the address is for. Unless the message is encrypted to my public key or at least signed. Here it is for you, so you can RTFM and try again and maybe luckily not get reported to abuse and humiliated.
  • Only thing I really like about Telia / Sonera - Is their Internet Tier 1 IP network (TeliaSonera International Carrier), it's great compared to many other alternatives.
  • Studied Software Defined Data Center on Demand (SDDC) concept by OVH & VMware.