I wouldn't say I wear a tin foil hat, but I care about privacy especially my own. Steve Gibson had a listener sum it up pretty well on his podcast, "One might say I have nothing to hide from people I trust." So with that said lets dive into setting up email encryption on the iPhone, iPad, and Apple Mail client.
First step is to generate a certificate. I went to Comodo and found it to be very strait forward to set up and free.
Here is a couple of Certificate Authorities (CAs) that offer free email certificates.
- Comodo.com (http://www.comodo.com/home/email-security/free-email-certificate.php)
- StartSSL.com (http://www.startssl.com/?app=1)
Click on the Free Email Certificate button
Fill out the form and Click Next
They will send you an email once you get the email click on the link and download it.
Note forsome reason on Mac downloading the cert using Chrome broke it. I used Safari and it worked great.
Once you have accepted the cert on your desktop you can open keychain and export it. During the processes it will prompt you for a password that is used to encrypt it. This password will be needed later when you install it on your IOS device.
The final step is installing the cert on your IOS devices, and I found a post that does a very elegant job of walking you through it.
https://support.quovadisglobal.com/KB/a353/how-do-i-sign-and-encrypt-on-an-apple-iphone-or-ipad.aspx
This is a link to directions for you Mac Mail client.
http://www.maclife.com/article/howtos/how_sign_your_email_digital_certificate
This is a link to directions for you Mac Mail client.
http://www.maclife.com/article/howtos/how_sign_your_email_digital_certificate
Overview:
BitTorrent Sync is a recent addition from BitTorent Labs. Using Sync you can securely sync files between many users. The BitTorrent p2p protocol takes care of NAT and user discovery issues. Just launch the application and generate or type your shared key. The client will create a point to point encrypted tunnel and start syncing. The application creates a sudo random 20 bytes that used to creates an AES 256 bit key that encrypts data during transit. For a more in depth security explanation you can visit Steve Gibson's Security now pod cast episode 402. https://www.grc.com/sn/sn-402.pdf. BitTorrent Labs has not released their encryption documentation. So Steve Gibson has not provided an in depth analysis of the security implemented in BitTorrent Sync.
Use Case:
BitTorrent Labs has an active forum and an entire thread dedicated to use cases. The one use case I didn't see and thought of immediately was a p2p secure media network. I understand the legalities around sharing media so this would be for non copyrighted material of course.
Example:
Say you have three friends one is using Windows with Plex, the second Linux running ps3 media server, and the third a Mac running servo. As stand alone DLNA solutions they are all capable. If each wanted to share content they would need an SFTP, or cloud solution like Dropbox. This could possibly expose their data to a third party. Because BitTorrent Sync is multi-platform you can sync these media liabraries seamlessly.
So how do you do this?
All three installs BitTorrent Sync
One user creates a folder for shared media
Selects the new folder
Creates a Key
Clicks Finish
Then shares the key among his friends
Each friend opens Sync and adds the shared key
Chooses the folder they want to share
Click Finish
Now everything starts syncing.
The elegance is in the design. When a users adds content to their shared directory BitTorrent Sync will send that data to all systems. So If your DNLA server is indexing that directory on a regular interval the new content automatically shows up on your TV. Below is a high level digram of how the data sharing would propagate to your TV.
BitTorrent Sync is a recent addition from BitTorent Labs. Using Sync you can securely sync files between many users. The BitTorrent p2p protocol takes care of NAT and user discovery issues. Just launch the application and generate or type your shared key. The client will create a point to point encrypted tunnel and start syncing. The application creates a sudo random 20 bytes that used to creates an AES 256 bit key that encrypts data during transit. For a more in depth security explanation you can visit Steve Gibson's Security now pod cast episode 402. https://www.grc.com/sn/sn-402.pdf. BitTorrent Labs has not released their encryption documentation. So Steve Gibson has not provided an in depth analysis of the security implemented in BitTorrent Sync.
Use Case:
BitTorrent Labs has an active forum and an entire thread dedicated to use cases. The one use case I didn't see and thought of immediately was a p2p secure media network. I understand the legalities around sharing media so this would be for non copyrighted material of course.
Example:
Say you have three friends one is using Windows with Plex, the second Linux running ps3 media server, and the third a Mac running servo. As stand alone DLNA solutions they are all capable. If each wanted to share content they would need an SFTP, or cloud solution like Dropbox. This could possibly expose their data to a third party. Because BitTorrent Sync is multi-platform you can sync these media liabraries seamlessly.
So how do you do this?
All three installs BitTorrent Sync
One user creates a folder for shared media
Selects the new folder
Creates a Key
Clicks Finish
Then shares the key among his friends
Each friend opens Sync and adds the shared key
Chooses the folder they want to share
Click Finish
Now everything starts syncing.
The elegance is in the design. When a users adds content to their shared directory BitTorrent Sync will send that data to all systems. So If your DNLA server is indexing that directory on a regular interval the new content automatically shows up on your TV. Below is a high level digram of how the data sharing would propagate to your TV.
Enhancements:
Additional tweaks can enhance the shared media network, for example. You could build your own statusnet server, and have a script monitoring the shared directory. When a new file syncs it will generate an automated message to the group identifying what files are new. You could also create a script that would generate an email every time a new file is uploaded.
It is also important to set a folder hierarchy so that all media uploads adheres to a standard structure. If you had multiple people just dumping data to the shared network it would definitely get out of hand and would be almost useless.
Ever wanted to mess with those wifi leaching neighbors? Joshua Wright at willhackforsushi.com put together an awesome tool kit that enables you to really screw with your neighbors. All you need is a virtual machine, I used it in parallels on a mac, and your everyday hacker wifi adapter like a Alfa AWUS036H.
Joshua's project plays some really fun tricks with URL rewriting and HTML content manipulation. Here is a link to his presentation at SANS Security East Jan 18, 2013.
Download and give it a try it's a great example of some man in the middle HTML goodness. http://neighbor.willhackforsushi.com/
Bluetooth Serial Adapter (set up)
Working in a data center allot of the time you are bouncing from one pice of equipment to another. Plugged into a console-port buried in a cabinet or behind cabling impossible to get to. So I thought I would share my wireless serial setup.
Most new laptops do not have the DB-9 serial ports of yesteryear, and managing network equipment often times requires that old school 9600 Baud serial connection. So here are the components I used to set up my own bluetooth serial rig.
If you are weary as I was don't worry. I have been using mine for almost a year now and it works great. In fact it has worked on devices that my USB serial adapter wouldn't , i.e. Cisco CSS. I have used it with a MacBook Pro running OSX 10.6 & 10.7, as well as Windows 7 with no problems. I have found it to be a little bit more stable in OSX, I think because Windows 7 Bluetooth can be kind of finicky. Let me know if you have a different Bluetooth serial setup and I will add a link.
Serial Bluetooth Adapter UCBT232B
Energizer Mini-USB Portable Charger for BlackBerry - Black
C2G / Cables to Go - 02782 - DB9 M/M Mini Gender Changer
