Somewhere out there!

The Printable CEO a clever self-management method.

WiKID is another project I’ve been checking out recently.

WiKID is a two-factor authentication system. It consists of: a PIN, stored in the user’s head; a small, lightweight client that encapsulates the private/public keys; and a server that stores the public keys of the client’s and the user’s PIN. When the user wants to login to a service, they start the client and enter their PIN, which is encrypted and sent to the server. If the PIN is correct, the account active and the encryption valid, the user is sent a one-time passcode to use instead of a static password. You can think of WiKID as ‘certificates on steroids’. It is more secure than certificates because the required PIN is only stored on the server, so it is not susceptible to offline passive attacks.

From reading a couple articles about how WikiD works, it seems it is a form of two factor auth, where the something you have is a software client with a trusted key.

How I read it, is kinda like having a GPG key, encrypting and signing you PIN with that. Sending that to the server which has both your key and pin. It checks and then encrypts and sends back a OTP token with the same key. So the token is useless without the PIN and vicevesa. However I’m not sure how save the system is to a man in the middle attack, where the attacker has stolen a copy of the key. Would this allow a) the attacker to encrypt the key on the way to the server to be authed, or b) steal the OTP token on the way back to the user and thus create an auth race condition.

Also given there are now some python bindings, I’m wondering if there might also be some ruby bindings around the corner. It could be a useful system to build into easy use for rails.

iFolder is one of the useful technologies that is coming out of Novell. Its something that looks very useful for both personal and business use. At the moment though its not that straight forward to use:

When we decided to build the Simias Store on the Flaim database, we partially did it because we were hoping Flaim would follow suit and become open source. Opening Flaim has not yet happened, but Simias is being kept out of distributions today, like Ubuntu, because of a proprietary license on Flaim.

There are a guides out there for Debian, but nothing aptable at the moment. So for the moment its on my todo list, and maybe once I have my new v20z Xen machine up I’ll try it out in a SuSe guest domain.

Jorge Castro has quite a few interesting comments on how he current uses iFolder and ideas about future direction. The revision control mechanism, I think, would be the most useful.

As people and business become more mobile, with tools such as SIP and WiFi making the work and living place more generic, the means by which we manage the data we drag around needs to become easier as well.

A good place to look if you want to figure out how to convert a command line mount to a fstab mount is /etc/mtab.

For example:

Read the rest of this entry »

I seem to be doing this a lot at the moment. So I’ve collected a few notes together as reminder of the process.

Read the rest of this entry »

Had a difficult week testing Xen 3.0 on my new v20z dual Operton machine.

Seems I was missing hotplug, which Xen 3.0 needs installed into domO in order to initialise the creation of block devices correctly. I’ll have more to report once I’ve got NX going, plus a 64bit domU guest.


qmail-qstat
messages in queue: 15981
messages in queue but not yet preprocessed: 0


Fscken spam.

Read the rest of this entry »

While hunting for a combined headphone-mic headset for the hx4700 I discovered these useful pages about RealVGA mode on the PocketPC. One thing that’s annoyed me for a while is the large font in Microsoft Reader. Well now I have four times the screen real estate. Nice!

Read the rest of this entry »

Note to self, look out for the hx4700 version of the WM 5.0 upgrade at HP.

Reviews look good. Especially the comments about the persistent storage feature and battery life, 10-30% more battery life.

Sounds like buying a new PDA for only 40USD.

I’m pretty much only using the hx4700 as an ebook reader at the moment, haven’t had time to explore its other features. Once I get a chance I’ll see if I can integrating Tracks and the hx4700 calander, probably via vCal.

The review of four Linux softphones has a useful table of the various codecs and their bandwidth requirements.

Read the rest of this entry »