I was recently asked by someone what interesting things I had done with a Raspberry Pi. I remember a day when I could have rambled off a full list of experience, cautions and advice based on my own tinkering. I was usually the first to play with new tech or, when I wasn’t, was very often the first to exploit it to do interesting and meaningful things within the scope of my job. My peers and I would tinker and share in ways that have been popularized by the Maker movement in recent years…and it was fun. But alas, I could answer only with a, “No, I haven’t really had time…but I’ve been following it for a while and it looks cool”. Continue reading
This is my private key. There are many like it, but this one is mine.
My private key is my best friend. It is my life. I must secure it as I must secure my life.
My private key, without my data, is useless. Without my private key, my data is useless. I must deploy my public and private keys true. I must encrypt better than my enemy who is trying to steal from me. I must defeat him before he defeats me. I will…
My private key and I know that what counts in cyber war is not the bits we fire, the noise of our modems, nor the bandwidth we consume. We know that it is the control over access to our data that counts. We will control access to our data…
My private key is human, even as I, because it is my life. Thus, I will learn it as a brother. I will learn its weaknesses, its strength, its parts, its software, its bits and its bytes. I will keep my private key clean and ready, even as I am clean and ready. We will become part of each other. We will…
Before God, I swear this creed. My private key and I are the defenders of my company. We are the masters of our enemy. We are the saviors of my company’s data.
So be it, until victory is ours and there is no enemy, but peace!
My mind often goes to strange places when the problem of emphasizing the importance of something to users comes up. How can one possibly impart the importance of safeguarding one’s private encryption key to someone that may not fully appreciate what encryption is, or why it is even being used? Granted most people on the Internet have a passing understanding of encryption, at least as far as how it intersects with their web browsing in the form of HTTPS pages using SSL (thanks, Heartbleed), but even its use is mostly automatic. Protecting data at rest, say for backups, requires a slightly more complicated approach. For some reason my mind leaped to adapting the Rifleman’s Creed to drive home the point of the importance of a private key in public key encryption. I’m weird. I know. And if you have found this offensive in any way, I apologize…I sincerely hope you can find a way to call it art, and move on.
As someone who enjoys driving in almost any weather condition, I am always reminded during the first good storm of the year (sometimes in some scary ways) that not everyone shares that enjoyment. Poor visibility, poorly maintained vehicles, unexpected roadway obstructions and yes, stoopidity, all contribute to increased stress and aptitude for panic in bad weather. Following some basic rules can elevate your calm and make you, your loved ones and your fellow drivers much safer.
I like questions that inspire thought.
A Facebook friend just recently posted, “Anybody else know what they’re really doing? Asking for a friend…”.
The answer that danced to the tip of my tongue with little thought might surprise even the people that know me pretty well. The answer: “Yes…and no”. The reasons for this answer have been hard-learned…earned really…through experience.
Very occasionally a tool or software package stands-out to me on the pure virtue of being the right solution at the right time. If it happens to do exactly what you need RIGHT NOW, and other, perhaps more traditional, mature or well-known tools cannot, the best fit becomes clear. Unbound is exactly this kind of fit. Self-described as “a validating, recursive, and caching DNS resolver”, it’s utility boiled down to one particular line in the config (and the comments that describe it):
# Enable or disable whether the upstream queries use TCP only
# for transport. Default is no. Useful in tunneling scenarios.
The reason why that particular ability…being able to force upstream DNS queries to go over TCP (instead of the default of going over UDP)…was important to me today is dumb, but the whole story is a useful example of network fun under the thumb of an ISP that can sometimes do really stoopid things, so I’ll go further and explain. Continue reading
A while back I did extensive research (even for me) on desktop speakers, and found amazing quality at a price that was still affordable in the Studiophile AV40 kit from M-Audio. Great for a multimedia production machine, or any other place where you need really good sound…if you can be tethered. So, worked great for a desktop, but as I began to want to use these awesome speakers with my laptop, I just found them annoying. Great sound…but unless I was willing to do something unseemly with wires across the room, there was no way to enjoy them with music from my laptop while lounging on the couch. A Bluetooth epiphany followed by several Google searches highlighted some interesting options…the first of which I’ve tried was the Rocketfish Bluetooth Music Receiver (RF-BTR212).
Traveling often provides you with opportunities to read, but rarely does it offer good guidance on what to read. A marvelous exception jumped out with my January trip to Malta. As the three of us on the trip stole a little time one afternoon to explore the sites and enjoy an exceptional meal, we each posted some pictures to our social network streams. Matt, the Solutions Architect on the trip, heard back from one of his friends within minutes of his post… Continue reading