Schierer Space

You thought you were safe after that last post, didn’t you? Well it turns out that I didn’t quite have the details correct. You can read for yourself in the governing IETF document RFC 4880: The OpenPGP Message Format. ^[1]
It seems that the whole public-private key thing is only PART of the magic which makes encrypted email possible. The details came out when I looked into how messages intended for multiple recipients are encrypted. It turns out it’s pretty simple, and fairly elegant (as you might expect from the kind of gurus that hang out in the IETF) and can be simplified as being what I described before pretty accurately.
So here’s how it really works: (more…)

1. It’s ok, I read it so you don’t have to! [↩]

Thanks to Bill for finally pushing me over the edge to secure email communications, I have transitioned to the use of Enigmail/GnuPG for signing and encrypting email. Of course, I must now struggle with the inevitable incompatibilities of the email viewers of the rest of the world. This includes my workplace, my friends’ workplaces, my family (both tech savvy and not so savvy), etc.
For those of you who understand the OpenPGP technology (and encryption in general), this rest of this post will be review, but for those who don’t, it will be needed to provide backround for future posts. Thanks to Phil for familiarizing me with the “PAIN” acronym for security:

• Privacy: Only the intended recipient can view the information.
• Authentication: The information came from the person you think it did.
• Integrity: The information has not been tampered with.
• Non-Repudiation: The sender cannot deny the message was from them.

OpenPGP uses a public-private key encryption system. You can read a lot about this on the web, but I’ll trouble you with a summary. I generate a key-pair which is associated with ME. There is a private key which I keep and never share with anyone, and a public key which I can give to whomever I wish. The encryption system is rather mathematically interesting because it allows anyone with the PUBLIC key to encrypt a message that only the PRIVATE key can unlock. What’s especially funky about this is it allows the unwary sender to encrypt a message that they themselves CANNOT read. ^[1] So if you want to send me an encrypted message you have to have my public key. Click on the link to download it (then contact me to validate the fingerprint if you wish). This is the Privacy part.
Authentication, Integrity and Non-repudiation is achieved by a process called signing a message. The sender generates a ’signature’ which is based on the sender’s PRIVATE key (yes, they need a key-pair too) and the content of the message (or attachments). The receiver, can validate the signature by combining the sender’s PUBLIC key and the content of the message. Having received a message with a signature from the sender, the receiver knows that the message WAS in fact sent by the sender and has not been altered in between. Think of the signature as an encrypted check-sum. Of course, if the private key is compromised, then all bets are off. So the private key is generally password protected. If you want more information, the Wikipedia article on public-key cryptography is quite good.

Whew! You made it through the technical stuff and you’re still reading! I’ve decided to be kind and cut off this post and save some material for a later day. Look for future posts about the impacts and how-to of encrypted email (unless Bill beats me to it).

1. There’s a setting in Enigmail to prevent this by adding yourself to the recipient list, so the message is also encrypted with your own public key. [↩]

“There are two kinds of computer users in the world, those that have regular backups and those who are about to.” - I’m pretty sure I didn’t make this up, but I can’t figure out where I saw it.

Thanks to John for reminding me that I had put this chunk of how-to advice together a year or so ago. This is excellent blog fodder in the vein of “giving something back to the community”.

I do regular automatic backups, and I keep a copy of my backup off site. This is my backup method. It is the result of personal experience, long philosophical discussions with tech-savvy friends (Hi Eric!) and some just plain laziness^[1].

This is long, but reads quickly, so here we go… (more…)

1. I like to say that necessity is not the mother of invention, laziness is. I’m sure I heard that somewhere too but Google was unable to find a suitable attribution for me. [↩]

So I finally got up the nerve to let WXP install SP3 (Windows XP install Service Pack 3). SP3 is another attempt by M$ to keep XP users happy enough that they will eventually buy Vista instead of abandoning the monopoly.

I saved a System Restore point and went for it. After the 60 something megabytes of install file (pretty small in the grand scheme of things) downloaded, I started it and hoped for the best. It chugged and chugged and eventually declared itself done. I allowed the inevitable restart… answered the ‘Automatic Update’ question on reboot… and logged in.

I’ll admit at first that I was a bit disappointed that my computer had not been magically elevated to some greater silicon plane, but then I pondered the complete lack of any tangible obvious effect of the update and smiled.

SP3 had no obvious effect on my computer. Isn’t that the way it’s supposed to be?

So congrats Microsoft, at least one customer had everything go smoothly.

So the highly publicized M$ Silverlight based viewer for the online Olympics footage is inconvenient at best and painful at worst. I’ve crashed it twice already. The much publicized ‘view 4 events at once’ is useless because rather than splitting the display 4 ways, you are in a sort of ‘video control room’ where the images are less than tiny.

I’m trying to watch the women’s fencing from last night and your choices are basically watch it or not. There is a slider that might theoretically allow you to move around in the broadcast. Just like in Media Player, the slider is about 3 inches long, this wouldn’t be a big problem if the broadcast weren’t 3+ hours long. So the smallest adjustment in the slider is about 7-10 minutes. How hard would it be to have a finer adjustment?

Oh, and as expected, you’re forced to watch a commercial before the viewer actually goes active to watch the event itself.

I suppose I shouldn’t complain TOO much, after all, I wouldn’t be able to see any events other than gymnastics, swimming and basketball if it weren’t for the online feed.

Amusing note: The theme from The Rock was playing in the background before the first bout.

As usual Spaceflight Now has the scoop on the 3rd Falcon mishap. The summary is that the first stage impacted the second stage after separation. The theory as I understand it is that the Merlin1C on the 1st stage was still burning, propelling the 1st stage into the second stage after separation.

The Falcon 1 launched a few minutes ago, but had “an anomaly” according to the webcast announcer just over two minutes into the flight. This would have been just before 1st stage burnout. A slight oscillation (0.5-1 Hz) was observable in the web feed just before the video was cut off.

There will probably be an announcement tomorrow.

Update 12:40AM: Spaceflight Now has been updating their site with addition ‘details’. Nothing informative yet. The link is to their page for the 3rd Falcon mission, so it will probably get updates as they come in.

As reported by Bad Astronomer (and many others), SpaceX is making their third launch of the Falcon 1 system today. In about an hour, actually, if no further delays occur.

A live webcast is available. Watch now!

I’ll link to the post-launch videos when they become available… but that would of course have to be… right… post-launch.

With the grandparents watching Nate, K & I went down to the beach. After walking along the beach, we stopped in Old Orchard for a bite to eat. Parked at the side of the plaza was the “Conference Bike“*. Neither of us had seen such a thing and it is both a thing of creative beauty and a pretty cool mechanical gadget.

The quadricycle (double wheels at the rear) is powered by all seven riders while one steers and operates the brake and bell. Each rider has a seat and pedals (and can grab on the the circular bar in the middle) which connect by chain to a common drive shaft. The drive shaft is connected using universal joints to form a single drive which operates a heavier chain to the rear wheels.

The front wheels are turned via a steering wheel and what looks to be a rack and pinion type steering setup. The bike was available for rental at $70/hour.

There are other pics from our trip so far up on the gallery.

Yes, there really is a silver bullet. Well, at least a rather shiny metallic bullet of some kind.

I have recorded the number of gallons and trip mileage for EVERY tank of gas I ever put in my car (361 tanks as of today). This is a habit that I picked up from my Mom, which generally serves little or no purpose other than monitoring sudden changes in engine efficiency. It is not my Mom’s fault (at least directly) that I bothered to enter this data into a spreadsheet and analyze it. Anyways, it is because of this record that I am able to somewhat conclusively report that there is an easy way to improve your gas mileage.

How?
(more…)