09
Apr

Ressurect Dead

By mog Comments
Categories: Uncategorized

I just finished watching “Ressurect Dead.” It is a documentary about the mysterious Toynbee tiles placed through out the world. The team of misfits goes about looking for the anonymous tiler and the meaning behind the message.  It was a very interesting film. The movie is well paced keeping you on your edge with each clue being revealed. I highly
recommend this film for anyone who likes a documentary or a good mystery. I heard about this movie from The Spill .

I give the movie a 1 out of 1.

03
Apr

prototyping security token.

By mog Comments
Categories: Uncategorized

ft231x chip and atmega328p

Working on my security token project.  In the picture is the new ftdi 231xs-r chip.  It is a very inexpensive uart-usb chip.  After upgrading my kernel to the newest stable linux branch, 3.2.14.  I got it working on my machine.  There it is running the arduino blink code.

29
Nov

E-Mail Bliss

By mog Comment
Categories: Uncategorized

When I crossed the 5 gig email limit I found that evolution started running too slowly for me. I tried all the other options Thunderbird, KMail, and others I cannot evenremember. The way I ended up solving my problem was combining offlineimap, mutt, mairix, msmtp, lbdb, gnupg and of course emacs.  Here are the main 3 configs.

#.offlineimaprc:

[general]
accounts = Main, Lists
ui = Noninteractive.Quiet

[Account Lists]
localrepository = ListsLocal
remoterepository = ListsRemote

[Repository ListsLocal]
type = Maildir
localfolders = ~/Mail/Lists

[Repository ListsRemote]
type = IMAP
ssl = yes
remotepass = a password
remotehost = mail.rldn.net
remoteuser = mog-lists@rldn.net

[Account Main]
localrepository = MainLocal
remoterepository = MainRemote

[Repository MainLocal]
type = Maildir
localfolders = ~/Mail/Main

[Repository MainRemote]
type = IMAP
ssl = yes
remotepass = password
remotehost = mail.rldn.net
remoteuser = mog@rldn.net

[mbnames]
enabled = yes
filename = ~/Mail/muttrc.mailboxes
header = “mailboxes ”
peritem = “+%(accountname)s/%(foldername)s”
sep = ” ”
footer = “\n”

#.muttrc:

mailboxes “+Cron”
source ~/Mail/muttrc2.mailboxes
source ~/Mail/gpg.rc
message-hook ‘!(~g|~G) ~b”^—–BEGIN\ PGP\ (SIGNED\ )?MESSAGE”‘ “exec check-traditional-pgp”
set pgp_autosign=yes
set pgp_timeout=1
set pgp_verify_sig=yes
set query_command=”lbdbq ‘%s’”
#end gpg stuff

folder-hook Lists set record=”=Lists/Sent”
folder-hook Lists set realname=”mog”
folder-hook Lists set from=”mog-lists@rldn.net”
folder-hook Lists set use_from=yes
folder-hook Lists set postponed=”=Lists/Drafts”
folder-hook Lists set pgp_sign_as=0x6DEAE4B2
folder-hook Lists set signature = ~/Mail/rldn-sig|
folder-hook Lists set sendmail=”~/Mail/send/sendmail-lists”
folder-hook Lists my_hdr Reply-To: “mog” <mog-lists@rldn.net>

folder-hook Main set from=”mog@rldn.net”
folder-hook Main set realname=”mog”
folder-hook Main set use_from=yes
folder-hook Main set record=”=Main/Sent”
folder-hook Main set postponed=”=Main/Drafts”
folder-hook Main set pgp_sign_as=0x6DEAE4B2
folder-hook Main set signature = ~/Mail/rldn-sig|
folder-hook Main set sendmail=”~/Mail/send/sendmail-rldn”
folder-hook Main my_hdr Reply-To: “mog” <mog@rldn.net>

set mbox_type=Maildir
set folder=$HOME/Mail
set spoolfile=+Main/INBOX
set reply_to=ask-no
set move=no
set delete=yes
set folder_format=”%2C %t %N %d %f”
set editor=”emacsclient -t”
set weed=yes
set header_cache=/home/mog/Mail/mail_headers
set message_cachedir=”/home/mog/Mail/msgcache”
set pager_index_lines=6                 #show a mini-index in pager
set sendmail=”/home/mog/bin/sendmail”
##
#color header yellow black Subject:
#color header brightcyan default .
#color header brightred default “^X-Spam”
#color header magenta default “^List”
#color body brightyellow default [_a-z\.\$A-Z0-9-]+@[a-zA-Z0-9\./\-]+
#color body yellow default (http|ftp)://[_a-zA-Z0-9\./~\-]+
#color quoted green default
#color signature brightblue default
#color indicator yellow default
#color attachment yellow default
#color tree red default
#color indicator red default
#color status yellow default
#color tilde blue default
#color normal default default
#
color body green black “^gpg: Good signature from”
color body brightred black “^gpg: Bad signature from”
color body brightred black “^gpg: BAD signature from”
color body brightred black “^gpg: Note: This key has expired!”
color body brightyellow black “^gpg: WARNING: This key is not certified with a trusted signature!”
color body brightyellow black “^gpg: There is no indication that the signature belongs to the owner.”
color body brightyellow black “^gpg: can’t handle these multiple signatures”
color body brightyellow black “^gpg: signature verification suppressed”
color body brightyellow black “^gpg: invalid node with packet of type”

macro index \eb ‘c=search’<enter><shell-escape>’mairix ‘ ‘Enter Mairix search term’
#macro index r <list-reply>
#macro pager r <list-reply>

source ‘gpg –list-keys | perl -e “while(<>){/(\\b|[<(])([^ \\t]+@[^ \\t]+\.[^ \t]+)(\\b|[>)])/ and \$a{\$2}=1;}print map qq/send-hook \”~C \$_\” set pgp_autoencrypt=yes;set pgp_autosign=yes\n/, keys %a;”|’

#set ascii_chars

#.msmtprc:

account lists
host smtp.rldn.net
from mog-lists@rldn.net
auth on
tls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
user mog-lists@rldn.net
password password
port 587
account rldn
host smtp.rldn.net
from mog@rldn.net
auth on
tls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
user mog@rldn.net
password password
port 587

account default : rldn

14
Sep

apple ii assembly

By mog Comments
Categories: Uncategorized

today after work I played around getting my own assembly code running on my apple iic+ . It took some doing but I finally got it going. Project source is available HERE

26
Aug

Happy 20th birthday Linux kernel

By mog Comments
Categories: Uncategorized

20 years ago today Linus Torvalds posted a message to a news group saying he was cloning minix. And that he had begun porting parts of the gnu operating system. As a user of the gnu/linux operating system I can not over state my thanks, I can’t even begin to imagine using gnu/solaris or gnu/darwin. Here is to 20 more years of the linux kernel.

24
Aug

Hello World on an Apple IIc

By mog Comments
Categories: Uncategorized
16 bits sky high!

Apple IIc hello world!

4 REM Copyright 2011 Matthew O’Gorman
5 REM Licensed GPLv3
10 I=1
20 PRINT “I AM AN APPLE AND I CAN COUNT ” I
30 LET I=I+1
40 GOTO 10
END
RUN

24
Aug

GNU/Screen screensaver

By mog Comment
Categories: Uncategorized

Screen supports a function called lockscreen. It allows you to lock your screen session by typing C-a x. they also support having an idle time out so you can have the screen blank after X seconds. Combining the two features was slightly more complex.

#.screenrc

idle 20 lockscreen

#lockscreen_script

#!/bin/bash
Start=`date +%s`
cmatrix -s
End=`date +%s`
let Total=End-Start
if [[ ${Total} > 60 ]]; then
        vlock -c
fi

$ LOCKPRG=/path/to/lockscreen_script screen

Unfortunately you cant set lockprg in config file you have to alias your screen to set the env variable or put it in your bashrc. The end result is you get a pretty screensaver after 20 seconds of idle time and then the shell will be locked after 40 seconds time.

08
Feb

alice is sending her message to bob

By mog Comment
Categories: Uncategorized

Lately I have been working on a second factor for authentication schemes. Pig, which stands for pig is genuine. It works as such.
Alice has a shared 256 byte secret, she has a hardware or software token that takes this secret and uses it as the initialization vector for hmac-sha256. the implementation then plugs in the time rounded to 60 second intervals to produce a 32 byte hash. This is far too much for Alice to type in a reasonable period of time or to be practical. So we take this 32 byte hash and rehash with an npv-1 hash to take it to 3 bytes. We represent these 3 bytes in hex to Alice. “86753F” for example would be generated.
Alice then inputs this hash into a pig aware application, pam, gina, securityauthorization plugin, openvpn, etc. The pig plugin will take the Alice’s username and associate it with her pig uuid. The plugin then transmits alice’s uuid and 3 byte hash to Bob.
Bob is a central pig authorization server. It takes the uuid to look up Alice’s shared secret. If Alice has not authenticated in the current window, Bob takes Alice’s hash and sees if it matches with in the time window. Bob responds with authenticated or failure. This message is signed via dsa with the uuid and hash. The plugin server has the public key to verify that the central pig server has actually verified or failed the login attempt, this is done to avoid any man in the middle attacks.

I am curious if anyone sees a problem in this approach. It seems that there is no verification between the token and the pig plugin, but if the plugin isnt trusted the machine being used probably shouldn’t be either.

31
Jan

macos pam integration.

By mog Comments
Categories: Uncategorized

After much hair pulling dusty and I are getting very close to integrating pam into the macos securityd framework, Pamela .  It’s indescribable how frustrating it is, in one late night session we described it as “building a ladder on top of another ladder in the dark.”  We have macos authenticating against pam but cant remove the builtin:authenticate function which is pretty necessary.  Not much documentation is available it looks like it is possible as the builtin:krbauthenticate seems to side step it.  Probably a few more hours of testing and will have it solved.

24
Jan

new year new theme

By mog Comments
Categories: Uncategorized

I have changed the theme and cleaned up the code highlighting and will be posting more through out this year.

« Previous Entries
I am in Alabama, USA probably...