Welcome 
to Orb Designs

Home

Graffiti

About

Sitemap

Visual

DevWork


Email Brian Bilbrey

Email Brian

GPG Key

GRAFFITI -- December 29, 2008 thru January 04, 2009

>> Link to the Current Week <<

Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week


Search this site :

Welcome to Orb Graffiti, a place for me to write daily about life and computers. Contrary to popular belief, the two are not interchangeable.     About eMail - I publish email sometimes. If you send me an email and you want privacy or anonymity, please say so clearly at the beginning of your message.

Ron Paul in 2008

Creative Commons License

Read LinuxGazette, get a clue.

MONDAY    Tues    Wed    Thu    Fri    Sat    Sun   
December 29, 2008

2035 - So the world rallies around the Palestinians, according to CNN, eh? Morons break a cease-fire by firing rockets into Israeli towns, killing regular folks ... then cry and hold their children up in front of the news cameras when the IDF jets come in to bomb the fuck out of them. Look, if you live next door to someone with big freaking guns, tanks, planes, etc., and your publicly stated mission in life is to eradicate that neighbor, you get consequences when you start throwing poo (or grenades, or rockets) over the fence. The average joe-in-the-mud-hut Palestinian says that he didn't fire the rockets, it was those Hamas guys. Ah, but the Palestinian guy VOTED to put Hamas in power, and the Palastinian guy sold the Hamas guys camel nuggets to eat while they built rockets and launchers in the mud hut next door. If you don't want the big, bad IDF to knock down your mud hut, then stop supporting the Hamas folks who piss the Israelis off. SRSLY.

Put it in this context: We voted Obama (I say we in the National sense) into office because we didn't want the Republican point of view representing us to the world, invading Iraq, then Iran, or maybe Saudi Arabia, etc. Right? So we vote out the guys that we think didn't represent us so well, both in Washington and to the world, right? Some percentage of Americans think that Bush made terrible mistakes, and his party lost as a result, right? The Palastinians may have the same opportunity someday, to right the "mistake" they made voting Hamas in as their official governing idiots. Of course, they may not, if they don't exist anymore because Hamas got them bombed out.

Look, the Jews have almost always had shit sandwiches handed to them. So I personally can't blame them in the least for doing whatever they have to, to protect what's theirs. Hamas can get away with saying they want to wipe Israel off the face of the earth ... because they're scum, and everyone knows they're scum. We want to hold the Israelis to higher standards, for some reason, so it becomes their fault? I don't think so. But our pacifist mainstream media will always be found on the side of the poor Palastinians. So make sure you remember there's another side to the story, whether or not you agree with it.

Top  /  Email Brian


Mon    TUESDAY    Wed    Thu    Fri    Sat    Sun   
December 30, 2008

2030 - Extraordinary Chocolate. Marcia picked me up some when she went to Baltimore's Inner Harbor with Rich and Lorrie yesterday. Yum! Today, they got on a plane homeward bound, and Marcia delved back into the end-of-year madness that is software contracts. We just got back from eating out at Ledo Pizza with Linda, who's back from Floridia. The holidays are winding down, the year is about wound down, and I'm tired. One can hope for respite, but sometimes ... there isn't. It's bound to be an interesting year next year. Hope it turns out well for all of you kind readers out there, and for us as well. Ciao!

Top  /  Email Brian


Mon    Tues    WEDNESDAY    Thu    Fri    Sat    Sun   
December 31, 2008

1904 - New Year's Eve. We're home. Marcia's still working, some five hours after they were going to cut her loose for the day. Oh, well, that's life in Software Contracts at the end of the year. But we're not going out, probably.

In years gone by, I've spent much of week 52 reviewing the year gone by. This year's been ... pretty loony, and I don't want to rehash most of it. Our tenth wedding anniversary came and went, and that was a wonderful thing. We crossed the five-year boundary in this house, too, and that's cool. I have a good life here, wonderful friends and family, I could not ask for more. I hope for better times in the year to come (but expect worse, so that I can be pleasantly surprised, just in case). Be well, and Happy New Year to all of you!

Top  /  Email Brian


Mon    Tues    Wed    THURSDAY    Fri    Sat    Sun   
January 1, 2009

No Post....

Top  /  Email Brian


Mon    Tues    Wed    Thu    FRIDAY    Sat    Sun   
January 2, 2009

1925 - Yesterday was extremely lazy. Almost extraordinary in its vast and broad laziness, methinks. Today, back at the coal mines, I did an upgrade of a RHEL 4.mumble Xen guest install to RHEL 5.mumble, then updated it to current. That's trickier than it sounds, since "normal" paravirtualized RHEL guests don't have access to a CDROM device to boot from. Nor was I, in spite of extensive searching, able to get it to use a CDROM image to boot from, although I found three separate (and quite different) methods showing how "easy" that was. Finally, I blew away the previous config, and created a new virtual machine, installing from an HTTP local source, and using the old target file as the disk for the new Xen guest. I was prompted to upgrade, and from there all it took was time. So I defined a great deal of negative space today, one might say. Now it's time for a couple of Omaha steaks (thanks, Linda!). Ciao!

Top  /  Email Brian


Mon    Tues    Wed    Thu    Fri    SATURDAY    Sun   
January 3, 2009

No Post......

Top  /  Email Brian


Mon    Tues    Wed    Thu    Fri    Sat    SUNDAY  
January 4, 2009

1429 - On the gripping hand, yesterday wasn't lazy at all. I spent some time fixing up the infrastructure for the shift to 2009. Unlike Bob, I don't try and shoehorn the calendar into my site. I just let the first full week of each year be the "first" week of the year, as far as this place is concerned. I continue to toy with the idea of going back to WordPress and a more bloggish type of setup, but there's something about actually munging the HTML that makes me happy (and less vulnerable, since this site isn't dynamic or database-backed. There can be advantages to that, but downsides, too.

Now, building a secure USB thumb drive... I started with a 256 MB generic (meaning booth candy) USB 2.0 drive. First thing I do is unmount it (if the thing is automounted by the OS), then zero out the whole drive, not just the VFAT partition that comes standard on such things. Note that all of the actions here are done as the root user. You can use sudo, too, of course.

$ mount     # to list mounted items, and see what to unmount

$ umount /dev/sdb1

$ dd if=/dev/zero of=/dev/sdb bs=1m  # this zeros the drive, 1MB chunk size.

With the drive zero'd, it's time to build the cryptostore. There's no point in using sync to force the zeroes to write to the media, sync only works with mounted file systems. So wait for the flashing light to stop (about 2 minutes with a USB 2.0 256MB device), before continuing. On my Ubuntu (Debian-based) system, I need to ensure I have the dmsetup and cryptsetup packages installed (I do, because I use this stuff), and these kernel modules are installed: aes-x86_64 and dm-crypt. I have both of those listed in my /etc/modules file, so that they're loaded at boot time; they pull other necessary modules in automagically via dependency management. Now, to create a cryptographic space on the USB drive, I type this:

$ cryptsetup -y create safedisk /dev/sdb
# that sets the cipher to a default high-strength AES key, and the -y gets a double prompt to
# confirm the passphrase, always useful when creating cryptomedia. there are many ciphers,
# choose one likely to be around for a while. Bear in mind that you will probably have to remember
# all of these commands to use them, so the less command-line complexity, the better.

$ mke2fs /dev/mapper/safedisk
# this creates the filesystem on the new cryptomedia. I use ext2 because ... I don't need
# journalling or performance out of this - I want long-term stability. ext2 is likely to be
# around for a few more years.

$ mount -t auto /dev/mapper/safedisk /mnt

That's it: read and write files to the USB drive. Once unmounted and removed from the system (see commands below), the media looks like it has line-noise on it. Or maybe it's just a brand-new key that you haven't formatted yet. Who knows? It's probably safe to write a bunch of random files onto the disk to the full point, then erase them, just to ensure that there's a bit of data to look random with. Anyway, once you're done, use these commands to take the thumbdrive offline prior to removing it from the system:

$ sync && umount /mnt    # sync the filesystem, then unmount it

$ cryptsetup remove safedisk  # done, you can remove the media now

So that's it. After the initial creation, you can drop the -y out of the initial cryptsetup line, and this becomes your sequence of commands:

$ cryptsetup create safedisk /dev/sdb

$ mount -t auto /dev/mapper/safedisk /mnt

###  do your work, here  ###

$ sync && umount /mnt

$ cryptsetup remove safedisk

Not hard to remember, eh? But also, the passphrase you used to create the cryptomedia: you cannot forget it, or you are done. There are extensions to cryptsetup that provide for multiple keystores, read the manpage for more about LUKS Extension. Also, if you "create" the media with a different key, then write to it, you've blown away your old data. But then, there won't be a mountable file system if you "create" with the wrong key. That should be a big DUH saying to back off and try again. Use cryptsetup remove to back away, then try again.

Bottom line - those commands, your passphrase, a Knoppix disk, and any computer, buys you secure storage you can access and no one else can (unless they get the passphrase out of you).


December closed out with eight combat-related casualties for the whole month. To my mind, that's strong progress, and a harbinger of troops coming home as the hand-off to Iraqi units continues. Afghanistan looks to be a continuing problem, though. As this year ends, and the next begins, I continue to express my admiration and pride in our armed forces and the hard duty they have. I stand in awe. Our condolences to the families and units of the fallen announced this week.

Top  /  Email Brian


Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week


Visit the rest of the DAYNOTES GANG, a collection of bright minds and sharp wits. Really, I don't know why they tolerate me <grin>. My personal inspiration for these pages is Dr. Jerry Pournelle. I am also indebted to Bob Thompson and Tom Syroid for their patience, guidance and feedback. Of course, I am sustained by and beholden to my lovely wife, Marcia. You can find her online too, at http://www.dutchgirl.net/. Thanks for dropping by.

All Content Copyright © 1999-2011 Brian P. Bilbrey.

Creative Commons License
Except where otherwise noted, this site is licensed under the
Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.