Conversation

Notices

1. Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 25-Mar-2019 12:44:48 EDT Mike Gerwitz
   As an errata of sorts to my #LibrePlanet2019 talk---I think I said "GNU/Linux running on the proprietary Windows kernel", when Linux isn't involved---it's GNU/kWindows. Microsoft wrote a compatibility layer that translates Linux syscalls, so programs compiled _for_ GNU/Linux run atop of the Windows kernel. See https://mikegerwitz.com/2016/04/gnu-kwindows for more information.
   
   I also forgot to mention for the 2FA password manager example that storing long-term secrets using asymmetric ciphers isn't a good idea; you should use symmetric keys for that. Fortunately, pass{words,phrases} (as I demonstrated in the talk) aren't long-term secrets---they're easily changed. But you can easily do _both_ asymmetric for 2FA with a smartcard and symmetric by adding another GPG invocation to the pipeline.
   
   More to come (including repository of the source code for the slides, as well as notes) within the next day or so. Slides are at https://mikegerwitz.com/talks/cs4m.pdf. Thanks to all those who attended and watched online. Feedback/criticism welcome. I simplified my talk a lot in case the audience wasn't technical but I also didn't want to simplify it too much in case the audience was full of hackers. The intent was to just provide some exposure to the concepts for further research by attendees.
   1. CraniumSlows (mnw@mastodon.sdf.org)'s status on Monday, 25-Mar-2019 13:48:00 EDT CraniumSlows

      in reply to

      @mikegerwitz I liked the 2FA idea and think I may implement something like it. Do you keep the master copy at home? Is there a cohost option you trust?

      1. Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 25-Mar-2019 14:36:26 EDT Mike Gerwitz

         in reply to
         @mnw Thanks for the feedback.
         
         I keep a master copy on a server hosted at my house. This also makes it easy to share a password database with my wife (encrypted with both my key and a key I generated for her). But I just have her open it with Emacs over SSH, which decrypts it automatically. Obviously there are more risks associated with that, but it's easy for her to manage, meaning she'll actually use it (it's an Org mode document).
         
         Regarding trust: you don't need to trust the host if we change the pipeline a little bit. If you just run `ssh your-host cat db.gpg | gpg --decrypt | ...`, the plaintext is never visible to the server because it's decrypted client-side. This uses more bandwidth, but it means that you can host it anywhere. Also note that if your device is compromised, it'll have access to the entire plaintext of the database.
         
         Just be mindful that you'll have to make sure you choose a strong passphrase or use a randomly generated symmetric key that you store on your local device. If you're using asymmetric encryption, then your database may become compromised in the future, which may or may not matter depending on the secrets. For example, I don't think GnuPG supports any post-quantum secure asymmetric algorithms yet (and they're still an area of research), but maybe other command line utilities do.
         1. Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 25-Mar-2019 14:37:53 EDT Mike Gerwitz

            in reply to
            @mnw Oh and when accessing my password database remotely over SSH, e.g. at a hotel, I use Tor for additional privacy (`torify ssh`); I posted about that a couple of days ago.
   2. David Hunt (davehunt@social.mayfirst.org)'s status on Monday, 25-Mar-2019 16:05:44 EDT David Hunt

      in reply to
      Providing some exposure to your concepts is what a #libreplanet talk should do, with the hope that this talk encourages more thought/research/discussion,etc, to those who experienced the talk.