These are most of the books I read (and kept) from 2016. Skip Blockchain Revolution. It reads like a collection of headlines taken from blog posts.

books2016

Top three on the shelf are (in no particular order):

  1. Disrupted, Dan Lyons
  2. Eccentric Orbits, John Bloom
  3. A Burglar’s Guide to the City, Geoff Manaugh

Top fiction this year was:

  1. Version Control, Dexter Palmer
  2. Mister Monkey, Francine Prose (not pictured)
Advertisements

Petition to the White House on Strong Encryption

Recently, I signed a petition to the White House asking the President to publicly affirm his support for strong encryption. The official response was:

Thank you for signing the petition on strong encryption and speaking out on this important national debate. As the President has said, “There’s no scenario in which we don’t want really strong encryption.” It is critical that the government, the private sector, and other experts regularly engage to understand the impacts of encryption on national security, public health and safety, economic competitiveness, privacy, cybersecurity, and human rights around the world.

This conversation about encryption is also part of a broader conversation about what we, as a nation, can do to fight terrorism as it evolves online. That is why, in his address to the nation on Sunday, the President reiterated the Administration’s call for America’s technology community and law enforcement and counter-terrorism officials to work together to fight terrorism. American technologists have a unique perspective that makes them essential in finding new ways to combat it. They are the best and most creative in the world, and we need them to bring their expertise, innovation, and creativity to bear against the threat of terrorism.

This week, administration officials will sit down with the creators of this petition to hear directly from them about their priorities and concerns.

We also want to hear from you. Share your comments and questions here, and we’ll report back after the meeting.

This is a critical conversation, and we want to hear from as many voices as we can.

Thanks again for your participation in We the People.

Ed Felten
Deputy U.S. Chief Technology Officer

Michael Daniel
Special Assistant to the President and Cybersecurity Coordinator

This was my response:

My concerns regarding strong encryption are largely captured by the recently published “Keys Under Doormats” paper by Harold Abelson, et. al from MIT. I agree with their three main points that requiring a backdoor/weakening encryption is counter to the current trend in making the Internet more secure, adds complexity, and increases the potential for security breaches.

Encryption is an important tool to increase the security of data. With recent security breaches, such as the one from the Office of Personnel Management and other private companies, it’s evident that we as an industry and as a nation need to improve our security technology, not weaken it.

I recognize the claim by law enforcement that encryption is frustrating them. As “Keys Under Doormats” suggests however, there are many practical and technological reasons why weakening encryption is not the answer. I’d like to provide an additional moral one. As a Navy and Afghanistan veteran, I volunteered to serve this country because I believe in the core American values. By weakening our encryption technologies, we would not only cause damage to our our digital protection systems but we would compromise our core believe in freedom out of an understandable, but largely sensational, feeling of fear.

discerptor, n.

A person who pulls something apart; a person who divides or separates something.

Pronunciation:

Brit. /dɪˈsəːptə/ , U.S. /dᵻˈsərptər/
Etymology: Probably partly < post-classical Latin discerptor person who separates something (1748 in the passage translated in quot. 1854; already in 14th cent. in sense ’adversary’), and partly directly < classical Latin discerpt-, past participial stem of discerpere discerp v. + -or suffix.(Show Less)

Now rare.

Source OED.

I upgraded this blog’s theme to Hemingway Rewritten. It had been two years since I last changed it and I had been looking for a new theme. It’s a nice, minimalistic theme and plus when you scroll down there’s a nice bounce on the header image. 🙂

I have a few projects spinning and I’m trying to get caught up on my blog. The next post will be about upgrading the BeagleBone Black to kernel version 3.13. Also, much of my time has been spent preparing for the release of the CryptoCape. I’m hoping it’ll be ready by the Denver Maker Faire, at which I’ll be manning the Cryptotronix booth. If you are in the area, I highly recommend you check it out (and come by and say hi).

Hashlet version 1.0.0 released

I’ve released Hashlet version 1.0.0. Once Savannah updates the mirrors, you can download the release here. If that site is not live, the tagged 1.0.0 release can be obtained from GitHub.

The reason for the major version bump is that the i2c bus is no longer a required parameter. It is assumed to be /dev/i2c-1 but can be changed with the `-b option.

The biggest feature added is the ability to import keys onto another device. So, say you have one personalized hashlet and want to “clone” the keys onto another. When you personalize the second device, use the command: hashlet personalize -f keys.txt. (backup the ~/.hashlet file first!)

Now, you can run the mac command on one device and the check-mac on another for verification.

There are some features, that unfortunately, are only available for NEW hashlets (i.e. ones that have not be personalized). Due to…

View original post 69 more words

Helpful AVR Pocket Programmer Script

The CryptoCape has an AtMega328p and I’m working on getting the crypto library NaCl running on the micro-processor.  Peter and Michael, the authors of the paper, have been extremely responsive and helpful as I’ve been bugging them 🙂 I quickly realized that the AVR Pocket Programmer is a very nice way to flash a “naked” ATMega328p (or a full Arduino Uno).  But, when using various sketches, it’s nice to have a script with avrdude that is easily invoked from the command line.

I’ve added this blurb to my .zshrc:

Flash the sketch with pp Blink.cpp.hex.

Hardware Details

For the DIYers out there, I used the schematic from SparkFun’s Redboard for the wiring example.  The ISP-6 pin reference is below:

ISP 6 way pinout

Happy Hacking!

View original post

Atmel’s ATSHA204 helps secure the BBB



The Hashlet made the Atmel blog!

Atmel | Bits & Pieces

Hashlet – an authentication device embedded on a mini-cape – is specifically designed to secure the BeagleBone Black (BBB). 

Powered by Atmel’s advanced ATSHA204, the mini-cape functions as an external hardware random number generator, performs the SHA-256 algorithm in hardware and is capable of storing up to 16 256-bit keys in write and read protected memory.

Manufactured by Cryptotronix, the device is packaged with free software (GPLv3) that provides an easy to use Command Line Interface (CLI).

“The Hashlet is assembled and tested by Cryptotronix prior to shipping,” the Cryptotronix crew explained in a recent product post.
 
”Simply slip the board on the top of the expansion header and the device is ready. The device uses /dev/i2c-1, which is enabled by default so there are no device-tree files that have to be installed.”

Random numbers (data) are easily generated with a single line command, while creating and verifying a…

View original post 303 more words