Scene: After dinner, my husband and I sitting on the couch, he playing Diablo III, me reading Twitter
I came across the phrase “Breaking a pool cue”, and find myself wondering, could I do that? If I were in a situation where that were warranted, would I be able to just break a pool cue in half or would I struggle. Now, I don’t anticipate ever being in a bar fight — far from it, I would go out of my way in my life to avoid bar fights — but it’s the kind of thing that if I were to end up in that situtation, wouldn’t I want to be prepared?
While I cannot wait to fire my last PGP into the Sun, my GnuPG and Yubikey combined with gopass is a pretty useful combination. The important parts here are gopass itself, as a way of managing passwords in a git repository while keeping them encrypted, and the use of Yubikey to be the thing which actually holds the key material to decrypt those passwords. I can have my password repository living off in my AFS homedirs on machines, keep them encrypted, and require a physical object (the Yubikey) and a PIN to decrypt things, a process which works because I can perform all crypto operations back to a local agent via a socket forwarded over ssh.
Recruiters, contacting me at my job email is wholly unprofessional and I absolutely refuse to engage with any recruiting company that does this. It’s easy enough to find my personal contact information, do try harder.
This brought to you by a recruiter whose entire company will now never even make it to my email inbox.
Adapted from this recipe.
1 bunch cilantro leaves and steps, roughly chopped 1 cup plain Greek yogurt 4 cloves garlic 2 oz lime juice 2 oz olive oil 1 jalapeno, seeded and minced Salt and pepper to taste Blend everything in a food processor until nice and creamy. Chill.
Works well with cilantro-lime chicken
Adapted from this recipe.
1 bunch cilantro, roughly chopped
4 cloves garlic
2 oz lime juice
1 oz olive oil
1 tbsp salt
1 tsp chili powder
1 tsp ground cumin
1 tsp onion powder
1/2 tsp smoked paprika
1/2 tsp pepper
1/2 tsp cayenne or chili powder
HashiCorp Consul is a distributed, highly-available service which provides service discovery with corresponding health checks, a distributed key/value store, and a service mesh solution, which can run on a variety of platforms and environments. It is designed so that every node which provides services (things to be registered in service discovery, or participate in the service mesh) runs a Consul agent, which acts as a sort of intermediary: providing an easy interface for registering services, running local health checks for both services and the node upon which it is running, and acting as a control plane for service mesh components running on that local node, amongst other things.
Make no mistake, this is a terrorist attack on the United States Capitol. There must be no reconciliation, there is no reconciling this. There must be serious consequences to performing, and inciting, a terrorist attack on our seat of government, all the way up to and including the Executive.
If we don’t, next time we won’t get the building back.
Earlier this week I had ATT Business fiber installed in the new apartment. This building was gutted and rebuilt in the mid-2010s, so there was already ATT UVerse fiber in the utility closet. Installation was fairly trivial; the technician showed up with a gateway (looks like a BGW210-700). Four ethernet ports on the back, one port which goes to the PON (the thing already screwed on the wall with the fiber going into it), and power.
This weekend I made another addition to age-pkcs11, to follow best practices for HKDF key expansion from the shared secret at the core of the program. I’d been wanting to do this for a while, after reviewing some stuff I wrote about age and looking at the new V1 API there.
If you recall back in June when I went into detail on the X25519 cryptography in Age, near the end Age builds up a salt which, when combined with a label and supplied to the HKDF function ties the derived key to a specific context.
I’ve been dealing a lot with the age encryption protocol lately, and had a rough idea of how the scheme worked, but I finally wanted to sit down and work it out until it actually made sense.
As background, we have two parties, a sender, someone who wants to encrypt and send a file. We denote that party as U. Second, we have the recipient, that will receive that file and be able to decrypt it.