I recently got the opportunity to understand what was going on with a Tianchi android KTV console with north korean content loaded on it. A description of the encryption and evolution of DRM protections associated with the device is published on the North Korea Tech blog.
Tag: programming
Messaging Threat models
I talked yesterday at Bornhack about the current state of secure messaging and the different primitives and threats that groups are working to address. The talk is on youtube. The slides are on this site, as are the directions for dogfooding the talek system.
Accessing gnome-keyring on a mac
One of the more common password managers in linux environments is the gnome-keyring, which is split into a service (gnome-keyring-daemon), and a user interface (most commonly, seahorse). After a bit of fiddling in the last couple weeks, this system can be compiled to run on a mac, with only a little bit of pain. On… Continue reading Accessing gnome-keyring on a mac
First-party Google Analytics
Third party analytics services are suffering from the growing prevalence of ad blocking, tracking protection, and the trend of minimizing connections and requests. However, from a site owner perspective, receiving usage information remains important for measuring site growth. My expectation is that we are already on the curve where ads and tracking software will be… Continue reading First-party Google Analytics
Clock
A topic of conversation recently has focused on the practicality of Decimal time. Days would have 10 hours, each with 100 minutes. I recently completed a side project of converting an old clock to use decimal time. (If you aren’t willing to switch to decimal time fully, there’s an web version as well.)
Stunning
I’ve started to dive once again into the mess of connection establishment. Network address translation (NAT) is a reality today for most Internet users, and poses a significant hurdle in creating the user-user (or peer-peer) connections. NAT is the process used by your router to provide multiple internal (192.168.x.x) addresses that are all only visible… Continue reading Stunning
Another year, another dive into what’s changed in running a web server. This VM is now basically up-to-date, and supports most of the shiny new web transport improvements, like HTTP/2 and OCSP stapling. Hopefully nothing broke too badly in the process.
I’m scheduled to give a talk at toorcamp next month about packet spoofing and SP^3.
SP3
I started running a public sp3 server today. It’s a small side-project I’ve hacked together over the last couple weeks to make it easier for people to play with packet spoofing. The server works similarly to a public proxy, but with the trade-off that while it won’t send high-volumes of traffic, it will allow you… Continue reading SP3
What’s Up with Open HTTP Proxies
I’ll be giving a talk next week at CCCamp on the Open Proxy ecosystem, following up on some work I did last year looking at the operators, users, and traffic.