Sitwon

Regarding the storage of PHI, it's being used in a narrow use case where the data needs to be cached on the device temporarily (while the patient is using the device) but should not persist between patients or across a device reboot. The PHI is stored permanently on a secured server and it can only be retrieved from the server through an encrypted and authenticated session. The hard drives on the servers are encrypted, but not with temporary keys. And we do also keep encrypted backups of the servers. You're right, someone with physical access to the hardware could freeze the RAM with compressed air and then read the keys out of memory, but that's a relatively sophisticated attack which is not yet commonly used. Or a user on the system with sufficient privileges could read the filesystem while it's mounted or read the keys out of memory on the running system. That's why we need to practice defense in depth and make sure we have layers of security. This isn't a silver bullet. This strategy of secured temporary storage is useful in fairly narrow context where the device is at a high risk of being stolen or tampered with, and you'd rather destroy the data than have it fall into the adversary's hands.

Recently for work I needed to come up with a volatile storage solution without relying on RAM disks. We needed to ensure that PHI data (protected health information) was irrecoverable if a hard drive was pulled from a running system or the system itself was stolen from a hospital. We couldn't use a RAM disk because there just wasn't enough RAM on theses systems. The solution I found was to mount a loopfile that had been encrypted with a random key. Since the encryption key is never stored or revealed the data inside the filesystem is irrecoverable once the system loses power. This approach is not entirely novel, but it seemed like it could be useful more broadly if there was an easy tool. So that's what I did, I wrote an easy to use bash script to generate and destroy secure temporary filesystems. I've already described one real-world white hat scenario, now here's a black hat scenario: You configure your new WiFi Pineapple Mk 5 to log data about its victims to one of these secure temporary filesystems and then leave it near some target-rich hotspot. You can securely log-in over SSH and retrieve the logs, but if anyone else discovers it and tries to tamper with it the logs (along with evidence against you) is permanently lost. Obviously this technique is still vulnerable to sophisticated physical attacks (along the lines of the cold-boot attack), however such attacks are extremely rare in practice. Code is available on GitHub: https://github.com/Sitwon/goldfish Please respond in the thread if you have questions or comments, but report bugs in GitHub's issue tracker.

http://www.overthewire.org/wargames/

It does and it doesn't. If you want a premium quality machine you need to be willing to pay a premium price. A cheap laptop is usually cheap for a reason. That said, if you know what you're looking for you can still find good deals. I used to buy ThinkPads at deep discounts through the Lenovo Outlet and never had a bad experience. One of the key things to keep in mind is that a laptop is more than the "specs". Those condensed metrics like CPU, RAM, GPU, etc. that you would use to compare desktops are still important, but they only tell a fraction of the story. Size and weight. The point of a laptop is portability, so it has to strike a careful balance of being small and light enough to travel with you, but big enough to still be useful. Finding that balance point is something you'll have to do for yourself, as it's different for everyone depending on their preference and lifestyle. Battery life. Part of portability is power. If you want to use your laptop without being tethered to an outlet you should pay close attention to the type and size of battery as well as the power efficiency of the components. Screen. It's expensive and non-trivial to upgrade a laptop screen, so chances are you'll probably never do it. Make sure you get a good one from the start. Viewing angles are becoming less and less of an issue, but color, contrast, brightness, and resolution are still factors in choosing a good display. Keyboard and pointer device. Again, not something you'll be able to change. Most people take it for granted, but if you spend your days using the keyboard (as most programmers, sysadmins, and hackers do) then you'll want to make sure you have a good keyboard that is comfortable to type on. Lots of personal preference here too. Personally, I prefer full-size keyboards (or as close to it as possible). For the pointer device, I have a personal preference for TrackPoints or similar pointers, they allow you to use the mouse without lifting your hands off the home-row. I prefer the TrackPoint in particular because it has three discrete mouse buttons and the middle-button can be configured as scroll-modifier. However, even with touchpads there is a lot variety. Placement of the touchpad is especially important, since few things are more annoying than losing focus while you're typing because you accidentally palmed the touchpad. Some touchpads will be more prone to palming than others, some will have a better feel than others, some will have better support for gestures than others. Older ThinkPads had a recessed touchpad which was fantastic for several reasons. It was harder to accidentally palm it, and you could feel where the edges were for edge-scrolling. Newer ThinkPad models have a flush touchpad which is easier to palm, harder to feel where the edges are, and they distinguish it by giving it a texture which just does't feel very good to me. I've noticed that flush-mounted touchpads are becoming and industry trend, as is making them so large that it's impossible not to palm them. Something to watch out for if it affects you. Durability. Since it's portable and it will probably travel around with you, it's important for a laptop to be durable enough to handle the wear and tear of normal travel and use. One of the reasons I turned to ThinkPads in the first place was because of their durability features. At the time (T42 era) they had a well-earned reputation for durability due to features like a stronger case material, spill-proof (drain-through) keyboards with snap-off keys for easy cleaning, solid metal hinges, shock-mounted hard drives with an accelerometer to detect drops, roll-cage design to protect the display panel. Newer models appear to have dropped several of those features, in some cases because they are no longer necessary, in other cases it appears to be for aesthetic or cost reasons. Whatever laptops you consider, take a close look at the case materials and if you can get hands on a representative model so you can feel it and evaluate how well it will hold up to daily abuse. Longevity. Another reason why I used to strongly favor ThinkPads was availability of OEM replacement parts even long after the warranty had expired. For a few years I used to buy broken ThinkPads on CraigsList and refurbish them. I never had trouble finding parts, even for models which hadn't been sold for over a decade. As hackers tend to take pride in voiding warranties, it never hurts to have a supply of replacement parts available to you. It will also save you money if you skip the support contract and do the repairs yourself (if ever you should need to repair your machine). IBM/Lenovo made it easy by releasing the full techicians manual for each laptop as a PDF. Going along with longevity is extensibility. Laptops generally aren't known for being extensible, but there are things that a manufacturer can do to ensure that. For example, if the hard-drive isn't a standard form-factor it will be difficult or impossible to upgrade or replace it if you should ever need to. Or if the daughter cards (like the wireless adapter) is a non-standard size you will have similar trouble. These days the Linux kernel supports most wireless chipsets well enough, but just a few years ago those of us hacking WiFi had to be very picky about which laptops we bought so it either had a well-supported chipset or it could be replaced with one. Or, for those who were really ambitious, you could install two WiFi adapters (the T- and W- series ThinkPads were good for that). Linux. A laptop with standards-compliant, name-brand components and chipsets will often have better Linux support than a cheap laptop with some unknown Chinese components or chipsets. Also, a laptop model that is popular with the type of people who contribute code to the Linux kernel is more likely to be well-supported and enjoy regular driver updates in the kernel than an uncommon laptop with obscure hardware. Damn, another wall of text. I spend entirely way too much time thinking about this crap.

As attractive as it may seem, distro-hopping is not the answer. Simply installing and using another distribution won't teach you Linux. It will teach you the narrow differences and idiosyncrasies of that particular distribution. Through the contrast you may be afforded a small glimpse at what you're actually seeking, but it's a sideways approach to the topic. It's like trying to learn about the physiology of human reproduction by listening to romantic music. It will never directly give you a clear picture of what you're trying to see. IMHO, there are two good pathways you should follow. You could take the top-down pathway: Pick a distribution you are already familiar with using and start dissecting it piece by piece until you understand each component piece in it's simplest meaningful form. Or you could take the bottom-up pathway: Head over to http://www.linuxfromscratch.org/ and build a complete distribution from the ground up one piece at a time. Of course, these two pathways are not mutually exclusive, you could attack the problem from both ends at the same time. But the point is, learning to use a different installer and package management tool won't get you very much closer to understanding the core of what Linux is and how it works. That's my $0.02 USD.

This is the ruling of one District Court Justice in Idaho. It's disturbing, but really not that surprising. The court clearly fucked up here and they handed Corey Thuen grounds for an appeal on a silver platter.

Are you familiar with binary trees?

I have't read any reviews of it yet so I can't comment on the quality of the design or manufacturing. But yea, on paper it looks like a very good buy. Things to watch carefully for are the durability, precision of the seams, efficiency of heat dissipation, clarity and volume of the speakers, and the feel/responsiveness of the keyboard/touchpad.

What you seem to be describing is a simple hash lookup table, not a rainbow table. Rainbow tables are different from hash lookup tables. in particular, they are much more compact. They work by computing hash chains and then only storing the end-points of the chains. This technique drastically reduces the amount of storage space required at the expense of requiring a bit more computation in order to perform the lookup operation. You can read about it in more detail on Wikipedia. http://en.wikipedia.org/wiki/Rainbow_tables Also, the way you have designed your brute force generator is not scalable. You should not need to paste more loops around it to increase the string length. That's a lot of repeated code. Think about how you might write a generator that can create strings of an arbitrary length with no more than two loops. There are many different solutions.

I think it's obvious that they're trying really hard to emulate the Razer Blade. That said, they are certainly doing a pretty good job. Nearly identical specs and a couple hundred dollars cheaper.

Possible, yes. Good idea, no. It is entirely possible to do this, but it's not a good idea for at least two major reasons. 1. It's so slow it would be impractical. Iodine delivers dial-up like speeds. If you're sharing out that slow of a connection your target will just get annoyed and stop trying to use the hotspot. It would take them hours to do anything worth logging anyways. 2. By now most captive portal systems will block or redirect external DNS queries so Iodine just won't work. Even in the cases where it does work, there's a good chance that DNS queries are being logged (either by the router or by the ISP). Since Iodine requires that you make queries against a server you control, and those queries are likely being logged, you are basically handing yourself in forensically. Many common public hotspots have stopped charging for access or offer some sort of free guest account. That's probably your best bet these days. In the cases where a hotspot requires payment, it's probably better/easier to simply hijack an existing session. Or, if nobody has paid yet the let your first victim pay for the hotspot access.

I currently use a T520 at home and T430 at work. I've been a ThinkPad fan for a very very long time and have used every generation of ThinkPad since the T23. I don't know if it's Lenovo's fault, or just the way the market is today, but I am not a fan of the changes between the T*20 and T*30 lines. It puts me in a bind, too, because now I'll have to look elsewhere when it comes time to replace my T520. The ThinkPads are still a solid choice in comparison to the other machines they are typically reviewed against. However I feel like in an attempt to broaden their appeal to a widening market, they are losing the their cred as a machine that is designed by engineers for other engineers, and especially their appeal among the old guard of Unix greybeards. If there was one feature that was most responsible for the cult-like following ThinkPads enjoyed among a certain group of engineers and Unix admins it was the keyboard. With each generation Lenovo has been "tweaking" the classic ThinkPad keyboard further and further away from what the fans had fallen in love with. A keyboard with a heritage which could be traced back to the Model M. Now it feels like the same generic crap you see on other laptops. (Not to mention they've remapped several keys, including the Fn keys.) At work I stick my T430 in a dock and type on a Deck keyboard instead. They have also been messing around with other core features like the ThinkLight. It used to be that you could control the LED from /proc, but now it's somehow linked to the keyboard backlight (yea, another new feature) and it's inaccessible to the OS. I could go on complaining about other changes which I don't like, and it would probably sound petty and whiny considering that many of the things I'd be complaining about are features which still don't even exist on any competing laptops. But in principle, it just feels like ThinkPads have lost their soul compared to what they once were. At least the TrackPoint hasn't been ruined (yet) in the T*30 so there may yet be hope. I still haven't found anything in the latest crop of laptops that I could recommend as better than a ThinkPad T-series, but I'm really hoping the choices will get better and not worse by the time I retire the T520. I've had very limited exposure to the System 76 laptops, but from what I've seen of them they are decent machines. You might also want to browse the options at emperorlinux.com and thinkpenguin.com. There's also Dell's entry, the XPS 13 Developer edition. http://www.dell.com/us/business/p/xps-13-linux/pd

AP mode (BSS) is different from Ad-Hoc mode (IBSS). It's entirely possible for a driver to support one and not the other. The hardware itself is fully capable, however the latest available Linux drivers for the rtl8188ru do not seem to support it. This will probably change in the future. The fact that IBSS does not work would be irrelevant to most people. However our specific use case was ad-hoc mesh networking, so it was essential.

RT3070: Tested. Works well for me. AR9271: Tested. Works well for me. RTL8188RU: Tested. Has some issues. At the least, it does not support IBSS (ad-hoc mode). RT2770 and RT2750: Have not tested. If there are specific features you are interested in for the first three I can pull them out and test to verify if they work or not. https://github.com/Byzantium/Byzantium/wiki/HCL

It is interesting, however it can take a very long time for messages to propagate through the network. For now I'm sticking to PGP encrypted mail.

Let's qualify this. (Sorry, but in the security field EVERYTHING needs to be qualified.) If people use a good password, it will somewhat slowdown the attacker as they will have to brute-force the password before they can make use of the key. With modern technology it's becoming easier and more affordable to massively parallelize and distribute the job. Even in a strictly brute-force scenario, this is eating away at password security. Second, thanks in part to the recent disclosures of large quantities of real-world password examples, the techniques for generating password guesses have been improving as well, which drastically cuts down the search space from a pure brute-force attack to fuzzed variations on common patterns. This is also eating away at password security. You need both a long password, and a password that does not conform closely to a known pattern. Otherwise, like in the rest of the security field, having physical access (or a local copy) makes bypass an inevitable eventuality. But let's put this in context: It's still a hell of a lot safer than plain text. It might not be impenetrable, but at least you're making them work for it. Even if it just buys you a few days, that could be enough to make all the difference.

Make sure you look up the relevant standards and that your implementations are conformant. It's cool to have something that acts like a web server, but it's even cooler to have something that actually satisfies the requirements set forth in the relevant standards for a web server.

It's hard to imagine any use case in which having a web server written in Bash could be helpful, but it's a cool novelty. Reminds me of the time I wrote a wiki in about 64 lines of Bash. Rather than a zip file on a forum, you should post it to Github.

How much RAM do you have in the system?

Well, both. I've seen how well those "estimated prices" reflect reality with plenty of past projects. However it's really just a ridiculous price to begin with. Look at the specs. $350 would be a good price for a cheap off-brand netbook with specs like that. But we're supposed to believe that this one isn't just another disposable netbook, it's "ruggedized". And I don't know if you've ever priced out solar panels before, but for the panels to recharge a netbook battery in about one day's worth of sunlight (8-10 useful hours of light) you'll be paying nearly $350 for just the panels. So there's no way they can sell you a laptop with those specs with panels that are anything more than a novelty at that price point. That said, It's an interesting idea, and I'm sure they'd still have a market if they were to price it at around $1500 and give you a system that was actually ruggedized and had useful solar charging capability. I'd even spend another $300 to upgrade the display panel to a Pixel Qi display with scratch and impact resistant glass over top. Or maybe i'll just build it myself, since I'm not sure I'd trust their cheap Chinese manufacturing anyways.

Very cool idea, but I'm extremely skeptical about their proposed price.

I think he used 'expect' in one episode. I believe expect does some magic to solve password entry problem (that is, some tools like ssh won't read a password from stdin, it needs to actually be typed at the keyboard).

Please test the latest version of Byzantium Linux with your Macbook. Instructions for Mac booting available at the links below: http://project-byzantium.org/isc-grant-milestone-achieved-v0-3-2a-runs-on-macs/ https://github.com/Byzantium/Byzantium/wiki/How-to-Download-and-Boot-Byzantium

I get that, I was responding specifically to: As I had quoted. Having your key file on a hardware-encrypted USB key that requires host-side software to unlock is generally not going to work very well. Sure, you could put the software to unlock the USB key into your unencrypted boot partition, but I'm not sure it would improve the security of your encrypted partition to do so. It may even increase your attack surface to do so.

There are very few encrypted thumb drives that would actually work. Most encrypted thumb drives require software on the host machine to unlock them before they can be mounted or read. During the boot process you wouldn't easily be able to run that software (and even if you could you probably wouldn't want to). The thumb drives which would work are the ones which have hardware to authenticate the user and decrypt the drive without software on the host system. They also tend to be prohibitively expensive.