> ChrisAcheson.net_

PGP: Migrating Away from SHA-1

May 9th, 2009

The SHA-1 hash that PGP and GnuPG use by default is now looking even
less secure than previously thought. It’s recommended that users begin
using SHA-2, and generate new keys to replace their 1024-bit DSA keys
which are dependent on SHA-1:

http://www.debian-administration.org/users/dkg/weblog/48

If you understand the instructions in the link above, you should
probably follow them soon. If you don’t understand them, don’t worry
too much, as your keys and signatures are still mostly safe for now,
they’re just not future-proof. You’ll probably want to wait until new
versions of your software are released with updated default settings,
and then generate new keys.

I’ve generated a new key for myself, which I’ve signed with the old key
and will be using from now on.

Tags: , ,
Link | No Comments »

Firefox Portable + GnuPG + FireGPG = CryptoFox

May 5th, 2009

I’ve been talking about this for a while, but I finally got around to doing it.  I’ve put together a software package consisting of Firefox Portable, GNU Privacy Guard, and FireGPG.  I’m calling it “CryptoFox”.  You can download it here.

The idea behind this is to lower the barrier to entry for using PGP encryption.  If you want to communicate privately with someone, instead of having to guide them through the install process for 3 different components, you can just have them download CryptoFox and run it.  No installation is required.

It’s also a little tricky to set FireGPG and GnuPG up to function portably.  If you want to run them from a USB stick on any computer, I’ve already done the hard part for you.

Tags: , ,
Link | 7 Comments »

NoScript Firefox plugin secretly disables Adblock Plus

May 1st, 2009

Apparently Giorgio Maone, the developer of the NoScript extension for Firefox, has been indulging in some borderline-malware tactics in order to make sure the ads on his site don’t get blocked by the (excellent and popular) Adblock Plus extension.  This is a shame, because NoScript is a genuinely useful tool, but I no longer feel comfortable using it.

Details are available at this post on the ABP blog.

Tags: ,
Link | 2 Comments »

Debian and Back Again

April 28th, 2009

I decided a few days ago that Xubuntu was just too sluggish on my old, ailing laptop. I’d heard that Crunchbang was a bit faster, so I tried it out, but X just segfaulted on startup.  The same thing had happened on Xubuntu 8.10, so I’d been sticking with 8.04.  I tried Arch next, hoping that something not based on Ubuntu would fare better.

Arch seems like a neat distro, but it didn’t solve my problem with X. After much digging (including a couple sessions with gdb), I found out that the newly-rewritten PCI access code in Xorg 7.4 was trying to initialize my laptop’s broken PCMCIA hardware, causing the segfault. Someone on the #xorg-devel IRC channel also pointed out a patch that fixes the problem.  The patch did fix the segfault, but after all that fucking around, I still couldn’t get X to actually start.  Even with the basic VGA driver, it would immediately drop me back to the command line without giving any errors at all.

Yesterday, I finally gave up and decided that Arch was too bleeding-edge for my poor broken laptop.  I ended up going back to Debian, the first Linux distro that I ever used. I’d originally stopped using it because the “stable” version was too conservative (and the “unstable” and “testing” versions too prone to breakage), but in this case that seems like a good thing.

In order to keep the machine running at a decent speed, I’m just using a basic window manager in X instead of a full desktop environment.  I’m giving xmonad a try right now.  I think I’d need a higher-resolution screen to really take advantage of the “tiling window manager” concept, but I do like how it’s almost exclusively keyboard-controlled, and how it lacks space-wasting window decorations.  I’m also trying the Vimperator plugin in Firefox (or rather, Iceweasel), allowing me to cut down significantly on my mouse usage.

I still need to delve into xmonad’s configuration, set up the status bar, find a decent xterm replacement, and install ProFont.

Tags:
Link | 3 Comments »

Rochester OpenPGP Users Mailing List

April 20th, 2009

The keysigning party on Saturday went well.  We decided to create a mailing list to keep in touch and discuss ways to promote PGP use locally.  From the list’s description:

This group is for PGP/GnuPG users in Rochester, NY to:

1) Discuss ways of promoting the use of OpenPGP encryption
2) Arrange keysignings in order to expand the local web of trust
3) Get help with using PGP, GnuPG, and related programs

If you’re interested in joining, you can do so here.

Tags: ,
Link | No Comments »

Math for Programmers

April 1st, 2009

I bookmarked a blog post called “Math for Programmers” years ago on one of my random “scratch space” wiki pages, and just rediscovered it tonight.  I figured I’d share:

The right way to learn math is breadth-first, not depth-first. You need to survey the space, learn the names of things, figure out what’s what. [...]

I think the best way to start learning math is to spend 15 to 30 minutes a day surfing in Wikipedia. It’s filled with articles about thousands of little branches of mathematics. You start with pretty much any article that seems interesting (e.g. String theory, say, or the Fourier transform, or Tensors, anything that strikes your fancy.) Start reading. If there’s something you don’t understand, click the link and read about it. Do this recursively until you get bored or tired.

My timing on this is interesting.  Over the past few days I’ve started playing a bit of poker (Texas hold ‘em, against computer players in PokerTH), in lieu of my usual habit of compulsively playing quick games of FreeCell at random moments.  For the sheer nerdy fun of it, I want to write a program to calculate the exact odds that I have a better hand than all of my opponents, given the cards that are visible at any particular time (pre-flop, flop, turn, and river).

I’m sure it’s a solvable problem, but I’m having trouble simplifying the staggering number of permutations involved.  For example, assuming you’ve got your two-card hand, there are 1,225 possible hands that a single opponent could have from the remaining 50 cards.  If you have six opponents, there are approximately 9×1017 possible combinations of hands that they could have.  We only care about the best hand among our opponents, so I think we can simplify things by assuming that the math is the same for six opponents as it is for one, except that any given hand is six times more likely to occur.

Anyway, I’m thinking of reading up on combinatorics.  I got a bit from my discrete math and probability & statistics courses in college, but I feel like I’m missing something here.  I’ve always been interested in probability and permutations in games, so it seems like a good subject to pursue.

Tags: ,
Link | 2 Comments »

PGP Keysigning Party at BarCampRochester4

March 26th, 2009

I’m organizing a PGP keysigning party at this year’s BarCamp Rochester.  For those of you who are unfamiliar with PGP, it’s a system for sending encrypted messages.  More information can be found in this guide.  The purpose of a keysigning party is to integrate yourself into and expand PGP’s web of trust, which prevents participants from being tricked into addressing their messages to a clever eavesdropper rather than to their indended recipient.

BarCamp will take place on April 18th, on the third floor of the GCCIS building (#70) on RIT campus.  The keysigning party will happen at 2:00 PM.  If you’re interested in attending, you’ll need to do a little bit of preparation:

Before the Party

  1. Send me an email to let me know you’ll be there.  This isn’t absolutely necessary, but I’d like to get a rough estimate of how big the party will be.  You’re also encouraged (though not strictly required) to sign up for BarCamp and give some kind of presentation.
  2. If you don’t have one already, create a PGP keypair.
  3. Print out slips of paper with your key’s fingerprint, along with your name and the email address associated with the key.  You should be able to fit several of these onto a single sheet of paper (18 if you lay them out like so).  As of this writing I don’t know what the turnout will be like, but I’m guessing one sheet will be enough.
  4. Bring a pen and the slips of paper with you to the party.  Also bring identification, preferably two forms, at least one of which is a photo ID and one of which is government-issued.  Driver’s license, passport, etc.  Don’t bring a computer (or if you do, leave it powered off), you won’t need it.

Read the rest of this entry »

Tags: , , ,
Link | 2 Comments »

How to get ProFont working in Ubuntu

March 21st, 2009

At the suggestion of a friend, I’ve recently started using a font called “ProFont” for my programming and other terminal-related activities.  It’s quite nice, and designed to be readable at small sizes.  I use it at 8 point:

8 point ProFont in an 80x24 terminal

8 point ProFont in an 80x24 terminal

I don’t actually use 80×24 anymore, but you get the idea.

It didn’t immediately work when I installed it on my main machine (which runs Kubuntu), and it took some digging to figure out why.  It turns out that fonts on modern Linux machines are handled by a horrible chimera.  There’s the new font system, “fontconfig”, as well as the old “core X font subsystem”.  The instructions that I had found online installed ProFont into the old font system, but not into the new one.  I also tried using the GUI font configuration tool provided by KDE, but it did nothing.

After much searching and frustration, I discovered that Ubuntu and its variants have fontconfig configured to not use bitmap fonts by default.  ProFont is a bitmap font, and such fonts are usually used by old X applications that use the old font system.  The reason for this configuration is that a lot of the bitmap fonts have the same name as other fonts on your system, and if they’re enabled they may in some instances end up being used instead of the typically better-looking vector fonts that you usually see.

In order to get ProFont working, you’ll need to add an exception to your fontconfig configuration.  I suggest editing the ~/.fonts.conf file, which contains user-specific options.  Here’s mine, with the part that I added in bold: Read the rest of this entry »

Tags: , ,
Link | 3 Comments »

Hey Look

March 18th, 2009

I made a WordPress theme.

Okay, so it’s a bit raw right now, but at least it’s integrating nicely into the site.

Link | 2 Comments »

(W) | :vim | <xhtml /> | css { }