-
Security concerns regarding OpenSSH mac sha1 in Debian
What is HMAC? HMAC stands for Hash-Based Message Authentication Code. It’s a specific way to use a cryptographic hash function (like SHA-1, SHA-256, etc.) along with a secret key to produce a unique “fingerprint” of some data. This fingerprint allows someone else with the same key to verify that the data hasn’t been tampered with.…
-
Signed NVIDIA drivers on Google Cloud Dataproc 2.2
Hello folks, I’ve been working this year on better integrating NVIDIA hardware with the Google Cloud Dataproc product (Hadoop on Google Cloud) running the default cluster node image. We have an open bug[1] in the initialization-actions repo regarding creation failures upon enabling secure boot. This is because with secure boot, kernel driver code has its…
-
Some work on a VyOS image with Let’s Encrypt certs
I put some packages together this weekend. It’s been a while since I’ve debuilt anything officially. libffi-platypus-perl libalien-base-perl libalien-ffi-perl libffi-checklib-perl libshell-config-generate-perl libshell-guess-perl The plan is to build a binding to the libgnutls.so.30 API. The certtool CSR (REQ) generation interface does not allow me to create a CRL with “not critical” attributes set on purposes. Maybe…
-
LLC-Technologies-Collier/Demo-SCCC-Byte-AngularJS
Hello dear readers and attendees, This is the post that I will be/ will have been referencing during my presentation to the Seattle Central Community College’s Byte club on Thursday, December 10th at 1500-1630. I will begin with a bit of an autobio and find out what kind of students we have in attendance. Please…
-
Some statistics from the router at the cabin
sip0 is a GRE tunnel between the router and the colo box in Seattle, the payload of which is encapsulated as ipsec traffic before being transmitted over the Ubiquity equipment to the switch that the CenturyLink DSL modem attaches to. I don’t get centurylink easter eggs in my search results when I use this interface.…
-
False Positive
Since a bit before my birthday this year, I have been uncertain where I left my notary seal. I have been trying to stay positive about the situation, but I must admit that I spent an unhealthy amount of time obsessing about its location and whether it has been used in my absence. The last…
-
Trip Report: UW signing-party
Dear Debian Users, I met last night with a friend from many years ago and a number of students of cryptography. I was disappointed to see the prevalence of black hat, anti-government hackers at the event. I was hoping that civilized humanity had come to agree that using cryptography for deception, harm to others and…
-
Bitcoin WoT using PGP/SKS
There was recently a post to the sks list prompting discussion regarding the use of PGP and SKS as a distributed web of trust for an alternative currency system called “Bitcoin.” This reminds me of a project I worked on in the early ’00s with the late Jeff Fairhall and Thomas Greco. Anyhow, I mumbled…
-
Filing to become a licensed CA
—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA1 All Operative Personnel employed by Collier Technologies LLC, known here as the Certification Authority or CA, must also be licensed as notaries public by the local government where they reside during any act performed on behalf of the CA. In addition to passing the Washington State Operative Personnel Exam,…
-
PCRE support has hit quagga
—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA1 http://bugzilla.quagga.net/show_bug.cgi?id=483 Paul Jakma changed: What |Removed |Added – —————————————————————————- Status|UNCONFIRMED |RESOLVED CC| |paul dishone st Resolution| |FIXED – — Comment #2 from Paul Jakma 2009-06-19 15:09:42 — I’ve pulled in the patch from Jeremy Jackson which, I understand, was based on this. This adds, at least for now, a…