Skip to main content


Showing posts from November, 2013

Netcat Relays

Netcat is a fantastic tool for tying networked devices together in the spirit of DucTape,  baling wire and twine... How it Works Netcat connects a network socket to stdin and stdout.  To initiate a connection, it can act either as a listener or a client.  Once connected, it will simply shovel data back and forth.  That is all.   What you do with it is totally up to your imagination. Here is a netcat based Double Listener Relay: mkfifo /tmp/buf nc –l 5566 <buf | nc -l 6655 >buf It uses two instances of netcat, tied together through stdin and stdout, with the help of a fifo.  One could make such a relay on a public addressable server where anyone can connect to it. The first netcat listens on port 5566 and gets its std input from the fifo buf and sends its std output to the std input of another netcat instance through a pipe operator.  The second netcat listens on port 6655, gets its std input from the previous netcat and sends its std output to the fifo b

GPG Keys and Password Management

Preface GPG has a good encryption algorithm, but terrible key management and no forward security.   If your private key is compromised, then all your old data can be read.  For most people, it is simply unworkable due to the key exchange problems. I recommend that everyone switch to Signal and WhatsApp for secure messaging and phone calls and when you suspect that something is wrong - your system/keys were compromised, simply create a new account.  For your passwords, I recommend that you use KeepassX to generate and save unique passwords for all your internet, financial and computer accounts - do not re-use passwords on different services. Scope For the real card carrying geek masochists out there, this document briefly explains how to set up GPG with public and private keys, publish your public key to a key server and then configure ‘pass’ the standard Unix password manager. With 'pass', you can easily generate long passwords, save them using G

The Wizard of Id

Thanks to Johnny Hart - this just sums it all up so nicely...

Computer Counter Counter Measures

Even Ol' Bill of the Wobbly Speare apparently had issues with his abacus, as he wrote in MacBeth: We still have judgement here, that we but teach bloody instructions, which, being taught, returns to plague the inventor! The main problem with the pervasive spying is that the spy agencies themselves are leaky sieves that share their data far and wide , so goodness knows where your data ends up.  Next time you see a series of fraudulent transactions on your card statement, you now know who is to blame... So, as Ol' Bill might wonder, how can thou protect thyself against the NSA and GCHQ overreach? If you have a Dropbox (or insert your favourite cloud service) account and like to use it to share data between all your devices, then you can easily secure things using the cross platform Truecrypt available from here: It works on Linux, Mac and Windoze and even has convenient apps for most mobiles. Simply use Truecrypt to create an encrypt

The NSA Theme Song

This famous song by The Police really says it all: Every breath you take Every move you make Every bond you break Every step you take I'll be watching you Every single day Every word you say Every game you play Every night you stay I'll be watching you "I woke up in the middle of the night with that line in my head, sat down at the piano and had written it in half an hour. The tune itself is generic, an aggregate of hundreds of others, but the words are interesting. It sounds like a comforting love song. I didn't realize at the time how sinister it is. I think I was thinking of Big Brother, surveillance and control." —Sting [ http://en.wikipedia. org/wiki/Every_Breath_You_Take ] The main problem that I have with tapping the undersea cables, is that it is done with no judicial oversight whatsoever.  Of course, Google, Microsoft and Yahoo were stupid to use plain text communications over their trunks, so they are not blameless either.