Author's posts
Dec 07 2013
TLS ciphers in postfix and dovecot
A recent exchange amongst ALUG email list members about list etiquette resulted in a flurry of postings on a variety of related topics. I posted a flippant comment about top posting, but did so (deliberately) from my Galaxy tab using Samsung’s default email client which actually forces top posting. Steve responded suggesting that I look …
Permanent link to this article: https://baldric.net/2013/12/07/tls-ciphers-in-postfix-and-dovecot/
Dec 03 2013
boycott amazon
This time last year I wrote to Jeff Bezos telling him that I was no longer prepared to support a multinational which so arranged its tax affairs that it paid little or no UK corporation tax on turnover estimated (last year) at some £3.3 billion. This year, Margaret Hodge, chair of the UK Parliamentary Public …
Permanent link to this article: https://baldric.net/2013/12/03/boycott-amazon/
Dec 03 2013
data is imaginary. this burrito is real
As usual, Randall Munroe over at xkcd has his own take on the NSA/GCHQ snooping reportage. My thanks as always.
Permanent link to this article: https://baldric.net/2013/12/03/data-is-imaginary-this-burrito-is-real/
Dec 02 2013
counterpoint the surrealism of the underlying metaphor
Last week, El Reg posted an amusing take on the apparent invasion of the NSA by Management Consultants. Nothing new there then. From personal experience I can confirm that UK Government has been completely overrun with the buggers for years.
Permanent link to this article: https://baldric.net/2013/12/02/counterpoint-the-surrealism-of-the-underlying-metaphor/
Nov 27 2013
necessary and proportionate
Yesterday I received an email from the Open Rights Group asking me to sign an on-line petition set up in collaboration with nearly 300 other organisations. The email said: In 2013, we learned digital surveillance by governments across the world knows no bounds. Their national intelligence and investigative agencies capture our phone calls, track our …
Permanent link to this article: https://baldric.net/2013/11/27/necessary-and-proportionate/
Nov 26 2013
more ninjastiks
In July I noted that a company calling itself Ninjastik had popped up selling what looked to be essentially the Tor Browser Bundle on an 8 Gig stick for $56.95 or a 16 Gig stick for $69.95. As I expected, we have now seen one or two more companies attempting to sell products which leverage …
Permanent link to this article: https://baldric.net/2013/11/26/more-ninjastiks/
Oct 25 2013
I’m sure that is not what they meant
Yesterday’s Guardian contained a quarter page advertisement from “hibu” (the company formerly known as Yell, and before that, Yellow Pages). The advertisement showed a picture of a bright red and green fish swimming against a tide of uniformly blue fish. The headline was “Get spotted on all kinds of digital devices”. The ad finished with …
Permanent link to this article: https://baldric.net/2013/10/25/im-sure-that-is-not-what-they-meant/
Oct 25 2013
Oliver Stone on PRISM
I am a big fan of Oliver Stone movies. Outside the pages of the Guardian and its sister paper the Observer, the level of comment in the UK on NSA/GCHQ surveillance capability remains bizarrely muted. In the US they are at least having a conversation. Whether that conversation results in any sensible decisions, and then …
Permanent link to this article: https://baldric.net/2013/10/25/oliver-stone-on-prism/
Oct 12 2013
wd caviar green load cycle count
Back in January of this year I upgraded my desktop’s hard drive to a 2 TB WD Caviar Green. Not the world’s fastest drive, but quiet, power efficient, and, so I thought, good value for money. I subsequently used two of the same disks in a new build RAID 1 server (which I must get …
Permanent link to this article: https://baldric.net/2013/10/12/wd-caviar-green-load-cycle-count/
Oct 09 2013
Snowden paranoia
A recent exchange on the tor-talk mailing list about conspiracy theories elicited this gem from “Ted Smith” (obviously a Bob Heinlein fan). “One of the more Gibsonesque theories I’ve heard is that Snowden is a CIA operative working to destabilize the NSA’s surveillance system on behalf of the CIA and other elite that feel too …
Permanent link to this article: https://baldric.net/2013/10/09/snowden-paranoia/
Oct 09 2013
running out of money
The failure of the US Government to agree a budget with Congress is having some interesting effects. NIST appears to be completely shut down: (Click images for full size). The NSA says “Due to the Government Shutdown, this site is not being updated.” (Though one assumes that they are still being funded….) Whilst the Whitehouse …
Permanent link to this article: https://baldric.net/2013/10/09/running-out-of-money/
Oct 05 2013
that’s completely ludicrous
Glenn Greenwald on Newsnight. The full episode of Newsnight’s report including Greenwald’s interview and comment from Sir David Omand (ex Director GCHQ) can be seen here on BBC’s iplayer. Gordon Corera, the BBC’s Security respondent reports here on the Newsnight episode. As an aside, I was amused by Ross Anderson’s claim that many academics had …
Permanent link to this article: https://baldric.net/2013/10/05/thats-completely-ludicrous/
Oct 05 2013
the guardian on tor
My last post noted that the Guardian had posted a series of articles on the Tor network and Snowden’s latest revelations about how the NSA has been attacking that network. All those posts are worth reading, but my favourite is the one by Bruce Schneier explaining how the NSA has attacked Tor users through browser …
Permanent link to this article: https://baldric.net/2013/10/05/the-guardian-on-tor/
Oct 05 2013
good news for tor
The past couple of days have seen a flurry of news stories about Tor. Some of the news has hit the mainstream media, some of it hasn’t. Yet. A couple of day ago, a rather plaintive post to the tor-talk mailing list read: “looking for a way to contact silk road.Site shut down.money at stake.” …
Permanent link to this article: https://baldric.net/2013/10/05/good-news-for-tor/
Oct 02 2013
another good reason to avoid the kindle
My thanks as always to xkcd (P.S. Take a look at xkcd 533 and read the comment in the “mouseover” title popup. Then try not to laugh.)
Permanent link to this article: https://baldric.net/2013/10/02/another-good-reason-to-avoid-the-kindle/
Sep 25 2013
get your own nsa email account
Some enterprising chap, possibly called “Chris Fisher” if the whois record is correct, has registered the domain name nsa.org. He now appears to be selling email accounts on that domain. The accounts are quite pricey too at $142.00 considering that he is only giving 2 Gig of store. Mind you, his FAQ is quite honest. …
Permanent link to this article: https://baldric.net/2013/09/25/get-your-own-nsa-email-account/
Sep 23 2013
just for rob
Shortly after the launch of the new iPhone 5S, my old friend Rob emailed me trying to goad me into writing a post about it. After all, it was made by one of my least favourite companies and it contained a supposedly funky bit of kit in the shape of its fingerprint scanner. Rob pointed …
Permanent link to this article: https://baldric.net/2013/09/23/just-for-rob/
Sep 20 2013
that’s another password I have to change
Michael Horowitz has posted an interesting article over at Computer world. In it he points out that, by default, most android devices (tablets and ‘phones) routinely ‘phone home to Google to back up Wi-Fi passwords along with other assorted settings. Google sells this option as a convenience to help you regain settings after you upgrade …
Permanent link to this article: https://baldric.net/2013/09/20/thats-another-password-i-have-to-change/
Sep 20 2013
RSA says don’t use RSA
A report in wired today says that RSA Security [*] have released an advisory to developer customers noting that the Dual Elliptic Curve Deterministic Random Bit Generation (or Dual EC DRBG) algorithm (the one which is subject to speculation about NSA interference) is the default in one of its toolkits and strongly advised them to …
Permanent link to this article: https://baldric.net/2013/09/20/rsa-says-dont-use-rsa/
Sep 17 2013
Naughton’s ten tips
Back in July I commented on one of John Naughton’s “networker” columns in the Observer. Last Sunday, Naughton wrote another nice article titled “10 ways to keep your personal data safe from online snoopers”. Naughton begins the article by recalling that Tim Berners-Lee called the technology he devised a “web” of interrelated documents. He notes …
Permanent link to this article: https://baldric.net/2013/09/17/naughtons-ten-tips/
Sep 12 2013
add ssl to lighttpd server
For some time now I have protected all my own connections to trivia with an SSL connection. I do this to protect my user credentials when managing trivia’s content or configuration. In fact my server is configured to force any connection coming from my IP address to a secured SSL connection so that I cannot …
Permanent link to this article: https://baldric.net/2013/09/12/add-ssl-to-lighttpd-server/
Sep 11 2013
neil doesn’t get it
A couple of days ago I received an email from an old friend (let’s call him “Geoff”) which said: Following last Friday night discussion I have created a facebook page as a shared repository of our photos etc. I have kickstarted with most of mine. You can either make yourself a friend of this page …
Permanent link to this article: https://baldric.net/2013/09/11/neil-doesnt-get-it/
Sep 10 2013
tor node upgrade
I have switched my tor node to the experimental branch and it is now running version 0.2.4.17-rc. The huge load on the network seen since the botnet starting using it on about 19 August last has forced the tor project team to recommend that all relay operators move to the 0.2.4 branch (and this release …
Permanent link to this article: https://baldric.net/2013/09/10/tor-node-upgrade/
Aug 31 2013
totally not israel
Collin Anderson on tor-talk posted a nice graphic showing tor usage in the top 50 states since the appearance of the huge rise in the number of tor clients on the network. With the exception of Syria, the slopes of all those graphs looks much the same. But as a few people have noticed, the …
Permanent link to this article: https://baldric.net/2013/08/31/totally-not-israel/