All posts by malexmave

Tricking your inner lizzard into productivity using gamification

Open Source, Productivity, Technology, , ,

This is going to be a slightly different article than usual. Usually, I write about politics, or programming. Today, I’ll write about productivity. Or, to be more precise, about getting your inner lizzard to be reasonable and get working already, using gamification. This is based on my experience with HabitRPG, a pretty sweet, open source, task management role playing game. Yes, you read that right. A task management role playing game. If you know me, you know that I could not resist trying this out.

They do a pretty good job of explaining what that is all about on their homepage, so I’ll just give you a short overview. Your tasks are split into three categories:

  • Habits are positive (e.g. “cook instead of ordering a pizza”) or negative (e.g. “smoke a cigarette”) habits you want to improve or get rid of, respectively.
  • Dailies are things you want to do every day, e.g. “run two miles”, “read for 30 minutes”, …
  • To-Do’s are one-off tasks (“Write a blog post about HabitRPG”)

HabitRPG operates under the principle of rewards and punishments:

  • Do something for a positive habit? Finish a daily? Finish a To-Do? You get Experience and Gold. Also, after a while, you start to get random drops, like eggs and potions for pets you can raise. The Gold is used to purchase equipment and user-defined rewards. For example, I set up a reward for 5 gold which says “play videogames for an evening”. This way, I have to work to be able to “afford” things that make me less productive or healthy (although I should increase the gold cost, as I gain gold very quickly right now)
  • Do something for a negative habit? Miss a daily? You loose health. If your health drops to zero, you loose a level and some equipment.

There are also some advanced things like streaks (Finish a daily N days in a row, similar to seinfeld chains), perfect days (finish all dailies) and so on, which I will not go into here. The important part is:

  • You get rewarded for following through on your commitments or forming good habits.
  • You get punished for bad habits (although the punishments are not severe enough for my taste, as you can take quite a bit of damage and still not have any problems with your health)
  • You get a noticable effect from building up streaks, leading to motivation to not break the streaks (seriously, this has already kept me from skipping university once).

One of the best things about the game / productivity tool is the community. There are challenges where you will get a few new habits, tasks or whatever, and you compete with others in order to complete the most dailies. This has led to me adopting a few new dailies (“Don’t skip university”, “drink 3 glasses of water in the morning and in the evening” (as I have some problems remembering to stay hydrated), and a meta-daily “check off all other dailies”). You can also organize in parties and guilds, leading to more peer-pressure to do better (although all of the community features could use some more polish in order to make it easier to see how well the others are following through on their commitments). There is also a quest system, which I have yet to explore.

In general, there are some rough edges to the project, but it is being actively developed by a quite large and dedicated community of devs, and I have a lot of hope for the future of this project. There is, of course, the inevitable subscription and premium item model, but it is among the most fair of them I have seen so far, and since the game isn’t really competitive, everything is cosmetic in one way or another.

So, yeah, if you like RPGs and being productive, give this one a try. And if you are still not entirely sold on it, here are some videos about it, and here’s the wiki.

The sorry state of attribution in education

Open Source, Problems, University, , ,

Lately, I’ve been dealing a bit with attribution and licensing, in part thanks to the people at Commons Machinery / elog.io. Since I started on this, I have noticed all the places where attribution is done poorly or even not at all. Be it on flyers (“Pictures: Wikipedia / something / somethingelse”, without any indication which picture is from where, or which license they are under), websites (often no attribution at all) and even on the slides at university.

It just boggles my mind that academic researchers in computer science, who will meticulously enter citations and go into a frenzy if they are done incorrectly by students (seriously. A slightly wrong formatting cost me several points once), think nothing of just slapping a few pictures they found somewhere onto their slides, probably without checking their license, and definitely without attributing the artist (which is almost always required by licenses, by the way). And it somewhat makes me feel like an idiot for spending the time properly attributing the two xkcd comics I used in my presentation (yes, I use xkcd in my slides. Judge me).

This is wrong. I shouldn’t feel like an idiot for spending 1 minute getting the attribution right if the artist spent a few hours creating the thing I’m using. And if the artist was nice enough to pick a license for his / her work, and if he / she was also awesome enough to pick a license that actually allows me to use their work, and all they ask in return is that I credit them while doing so, I should damn well do so. Everything else would, in my opinion, be disrespectful to both the artist and the art.

So, why is no-one attributing properly? Because it’s hard. It’s annoying. First, you have to find out if the artist even picked a license (some do not). Then, if the license allows usage, you have to find out the name of the artist. You have to write up a boilerplate text, something like “‘Like I’m five’ by Randall Munroe / xkcd.com // CC BY-NC 2.5 // Source: xkcd.com/1364“. You have to fit it into your design somehow. And then, for all you know, no one will even notice that you took the time to do so. And this assumes that you even know that you are supposed to attribute under a specific license, and how. Even professional writers like my favourite author, Patrick Rothfuss, can get this wrong. Pat wrote a blogpost and used an image from xkcd.com, without attribution. After he was notified about the missing attribution by a reader, he promptly added some attribution (which is good), but the attribution itself was still not properly done (“Comic lovelyness from the brilliant XKCD, of course” is sweet and a nice thought. It is also better than nothing. But it is not entirely correct as per the license).

Don’t get me wrong. This is not about me pointing out what my favourite author did wrong. I’m just using this as an example. Attribution is hard, and while I have some hope for the work by Commons Machinery / elog.io, it’ll probably be another year at least until there is something working, moderately bug-free and usable, and adoption by the general public may never come. This is because people are not aware of the attribution problem.

And why are people not aware of it? Because almost no one is doing it right! If, for example, in university, all slides would only carry properly attributed images, people may start to wonder “what is it with all those CC BY-NC-SA’s on the slides?”. People may even start to notice if those CC BY-NC-SA’s go missing. Right now, almost no one is doing this, because almost no one is thinking about it, because almost no one is doing it. Do you see the problem?

What can you do? A few ideas:

  • Practise proper attribution. Seriously. Yes, it’s annoying, but just imagine other people using your stuff without attributing you as the original artist. Would that feel good?
  • Pick a License for your stuff. Don’t just throw it out there, pick a license and stick it on your website. Here’s a license picker for Creative Commons, which is used mostly for texts and media, and here’s a license picker for open software licenses. Choose a license, stick it on your work, and you make the life of people like me easier (This work is licensed CC BY 4.0, by the way, as you can see in the sidebar). Bonus points if you inform youself about the advantages and drawbacks of the different licenses. For example, choosing “Non-Commercial use only” licenses may have unintended consequences, like keeping others, including non-profits, from using your work on their pages.
  • Get involved with Commons Machinery, and register as a beta-tester for elog.io. They can always use more hands and brains, and it looks like their stuff is going in the right direction.
  • Ask questions. Tell your regional newspaper that “Picture: Wikipedia” is not a proper attribution. Ask your professor why the images are not attributed. Raise some awareness.
  • Practise proper attribution. Did I already mention this? Oh, well, it bears repeating.

So, that’s it for todays semi-rant. I’m looking forward to seeing proper attribution from all of you, and I will probably send an email to my professors about this tomorrow.

An interesting experience: Writing to 400 candidates

Activism, Open Source, Politics, Privacy, Project, ,

During the last week, I worked on an interesting project. But instead of programming, this time it involved politics: I wrote a message to 403 german candidates to the European Parliament in the upcoming european elections, on the topic of “digital rights”.

It all started when I heard of WePromise.eu. In a nutshell: Candidates can promise to follow a charter of basic digital rights, supporting laws that strengthen these rights and opposing those that seek to reduce them. The charter contains a lot of very obvious, sensible points, and some less obvious but also very sensible points like export controls for surveillance / censorship equipment. Voters, in return, can promise to vote in the elections, and vote for a party whose candidates support these rights.

Now, my original plan was to write a physical letter to some candidates from my area, but when I asked the people behind WePromise for some material, they also supplied me with a list of all german candidates, including their eMail addresses. And since tools like Mail Merge make sending a lot of personalized eMails very easy, I decided to just write to each and every single candidate from that list. I quickly removed all candidates that had already pledged their support to the project, and all candidates without a known mail address, leaving me with 403 candidates, ranging from people almost guaranteed a spot in the european parliament to people on the 88th spot of a tiny party that may or may not get one or two candidates into the parliament. I quickly wrote up a message detailing the project, the aims, why I support it, and asking them to support it as well (or, alternatively, write me a quick mail detailing why they do not want to support it). I fed the message and the spreadsheet to Mail Merge, waited two minutes, and the mails were sent.

I received a bunch of autoreplies and some error messages concerning incorrect eMail addresses (which I tried to correct and update in my spreadsheet, sending the corrected addresses back to WePromise). Then I waited. That was one week ago.

Until today, I have received replies from over 25 candidates, ranging from the aforementioned 88th spot on the ÖDPs list to current members of the european parliament. The number of german candidates has jumped from 22 to 37, with a few more candidates having promised their signature and not yet appeared on the website. I had some very interesting discussions concerning the advantages and disadvantages of online anonymity, during which I convinced at least one candidate to change his views (two more discussions are ongoing). I also received three replies from parties that are generally not considered to be very pro-internet (all of them stating that they would not sign the pledge, but would “continue to fight for data protection”, and all of them from supporters of data retention laws. I’ll leave you to figure out how the hell that is supposed to work, because I have no idea).

So, some statistics from one week into the project:

  • 15 new signatures (6x Die Grünen, 4x ÖDP, 3x SPD, 2x FDP)
  • 4 signatures pledged that have not yet appeared on the website (2x Linke, 2x SPD, 1x ÖDP)
  • 6 refusals for different, mostly acceptable reasons (2x CSU, 2x AfD, 1x CDU, 1x SPD)

As you can see, a large majority of candidates has never replied. That was to be expected. Still, it has been quite an interesting experience, interacting directly with people that may, in the near future, be called upon to represent my interests in the european parliament.

I can only recommend contacting (some of) your candidates. Ask them their opinion on a cause close to your heart, maybe even have a (civil!) discussion on the matter if they have a different opinion. My experience has shown me that, at least in the smaller parties, you can actually change someones opinion on some matters. And who knows, maybe the candidate will actually be elected to the european parliament. And maybe, just maybe, your discussion will change their vote on a crucial issue… And wouldn’t that be worth the 10 minutes it takes you to write up a mail?

Dynamically generating data types in python

Coding, HowTo, Technology, , , ,

For a project I was working on recently, I needed to define a bunch of data types in python. As defining 10 different datatypes with about the same functionality manually would’ve been a pain, I decided to try something else.

I already had a bunch of nested dictionaries defining the fields and types of all datatypes, as I was generating SQLite statements from them. The general format looked something like this:

datatypes = {
    "type1": {
        "field1": {
            "type": "INTEGER",
            "notNull": True,
            "primaryKey": False,
            "autoIncrement": False,
            "default": None,
            "foreignKey": {
                "table": "type2",
                "field": "field1",
                "onDel": "RESTRICT",
                "onUpd": "RESTRICT"
            }
        },
        "field2": {
            # ...
        },
        # ...
    },
    # ...
}

Each outer dictionary (“type1”) defines a data type, and each inner dictionary (“field1”) defines a key-value-pair of this data type, including some information like “can this be empty?”. So, I already had everything I needed to define my data types.

What are the data types supposed to be able to do? I needed them to have unchangeable values (meaning that I needed only “getters”, no “setters” outside the constructor). So, how can I create class definitions from this block of definitions?

Easy. I generate a long string containing all definitions I need and run it through exec, a function I usually tend to avoid like the plague (note that this assumes that the class definition is safe and cannot be changed by others, meaning that you don’t have to worry about the security ramifications of using exec).

The code for the generation itself only clocks in at 55 lines, including comments. For easier reading, I put it in a gist.

As you can see, the code will generate a bunch of definitions for each data type, including getters and a checkRep-Function that can be used to verify the consistency of the data. So far, it does not check for foreign key constraints, as they are quite annoying to check and enforced in the database backend anyway.

So, why is this awesome?

  • You don’t have to manually write out all your datatypes. Instead, you define them once and then generate them automatically.
  • Even large changes to datatypes are quick and easy, by just changing the definition in one place.
  • You can generate other things like DB interfaces and -definitions as well, all from the same source definition.

And what are the problems with this approach?

  • You are using exec, meaning that if someone untrusted gains access to your definitions, they can do evil things to your code.
  • code coverage tests don’t play well with it.

For a full example of the code in use, you can check out my (abandoned) InvoiceManager-Project on GitHub. There, I also generate database definitions, database validation code, database interfaces, and unittests for all of these things, all from the same source definition.

Let me know what you think.

Introducing the SMTP GPG Proxy

Coding, Encryption, Open Source, Project, Technology, , , , , ,

I frequently encounter software that allows me to send mails, but has no GPG support out of the box (sometimes not even using plugins). This annoys me greatly, especially if it is software like FusionInvoice, which may transport sensitive information in its mail messages. Since FusionInvoice (and many other programs) support SMTP for sending their mail, and since I had a few spare hours, I decided to see if I could hack something together to add GPG support to those programs. And the result was…

…the SMTP GPG Proxy

The SMTP GPG Proxy, besides having an awful name (name proposals welcome), is a Python program. It provides an SMTP Server and will accept incoming mail messages, encrypt / sign them according to its settings and magic strings in the mail subject, and then forward them to the upstream SMTP server.

Since the basic python smtpd-Module does not support encrypted connections, I used the modified “secure-smtpd”-Module by bcoe. It extends the basic smtpd with support for SSL-encrypted connections while providing an almost identical interface. For the encryption itself, I used the standard “python-gnupg”-wrapper, which isn’t ideal but gets the job done most of the time.

Setup

Setting up the SMTP GPG Proxy is quite easy. Just grab the latest version from the GitHub-Repository, install the dependencies, rename the config.py.example to config.py and fill in the settings (everything should be documented in there), and then launch the main program. Next, point your SMTP-speaking program at the IP and port you just configured (it is highly recommended to do this via localhost only, as incoming connections into the Proxy are, as of right now, not encrypted), and mail away.

Usage

To get the SMTP Proxy to encrypt a message, just send the mail and add the KeyIDs (including the “0x”) to the subject line, seperated by whitespaces. They will be automatically parsed and removed from the subject, so if you want to send a message with the subject “Invoice #23”, encrypted with 0x12345678 and 0x13374242, you would choose the subject “Invoice #23 0x12345678 0x13374242”. KeyIDs can be in short (8 characters) or long (16 characters) form, as well as full fingerprints (without whitespaces and prefixed by “0x”).

Depending on the settings, missing public keys will either lead to the message being rejected, sent unencrypted, or keyservers may be polled before rejecting or sending unencrypted if no public keys are found. You can also configure the program to GPG-sign all messages, or only encrypted messages, or no messages at all.

Development status

The program is currently in alpha, but it works very well for me. Still, as of right now there are some open issues with it, which I may or may not be working on. If you set up everything correctly, you should not encounter any problems. It is the border cases like incorrect SMTP passwords that are currently not dealt with very well.

Roadmap

If I find the time, I will keep developing the program, removing bugs, making it more stable, and adding more features like opportunistic encryption. However, I may not have the time to fully fix everything, and bugs that are annoying me will obviously be fixed faster than those I will never encounter in my usage.

However, as the program is open source and on GitHub, feel free to fork and submit pull requests. The code is, as of right now, shamefully undocumented, but as it has only about 200 lines, it should still be fairly easy to understand.

License

Like almost all my projects, I am releasing this program under the BSD 2-Clause License.

A case study in bad design: PHP Generator for MySQL

Bad Design, Coding, , , , ,

Welcome to the second installment of the “case study in bad design”-series, where I talk about generally horrible design in code, security or user experience. Todays subject is the PHP Generator for MySQL software by SQL Maestro (whose website will present you with a self-signed certificate for *.magicshoes.net if you try to access it via SSL, so you at least have to give them credit for creativity in that area).

PHP Generator for MySQL is a software that allows non-programmers to create web-frontends to their MySQL-Databases. It does a comparatively good job and provides some decent options, although the UI is somewhat cluttered and unintuitive, and the error reporting in places nonexistant. I was required to use it (as opposed to writing something myself) during my last employment with an institute at my university.

The story begins in July 2012, when I noticed that the code generated by PHP Generator had multiple vulnerabilities to Cross-Site scripting, allowing me to steal the login cookie (which, for good measure, contained the password in clear text, even if it was stored as a hash in the database). I cursed, wrote up some proof-of-concept code and reported the vulnerability to the devs.

A few weeks later, a new version of PHP Generator was released, fixing one of the two Cross-Site scripting holes I reported. They never responded to my mail and never fixed the second Cross-Site scripting hole. So, a year almost to the day later, I sent a follow-up mail, reminding them about the holes I reported, reporting another hole and setting a deadline of two weeks, after which I would apply for a CVE and publish the vulnerability. That got their attention and they responded within a day and got a new build out a few days later, fixing the vulnerabilities (and refusing to credit me in the changelog for reporting these issues, but hey, whatever).

A few days ago, I took another pass at the code and found another vulnerability (HTML stored in the database would be evaluated when displayed on the website), complaining that they were now using unsalted hashes of the password for authentication in the cookies (instead of session IDs completely unrelated to the password, which would be a better practice) and, after past experiences, setting a deadline of a week for a reply. Once again, they replied within a day.

Appearently, evaluating HTML from the database was a feature and not a bug. A feature that was on by default and could be disabled on a “per-input” basis. Whoever thought that was a good idea? Every “feature” that opens up the possibility for a security hole as big as stored XSS should either be completely removed or be off by default, to be enabled manually and with a big message box warning about the security implications. To make matters worse, the state of this setting seems to not be saved in the project file, leading to compatibility problems if the default value was changed (and I have no idea how they would make this state persist over restarts of the program if they save the setting nowhere…).

As for the proper session management, they claim to be working on something. They also may add salted hashes, but have not fully committed on that, citing possible compatibility issues.

They closed their mail with a statement that blew my mind:

By the way, we have never received any security related complaints from other PHP Generator users, so probably there is no real threat.

I’m not going to comment further on this statement, as anyone with at least a rudimentary understanding of security should be able to see what is wrong with this.

PHP Generator for MySQL starts at $99 for a single, non-commercial license without upgrades. I would think that you could expect more interest in the security of their customers for that.

Howto: Usable disk encryption with Linux Mint 16

Encryption, HowTo, Technology

After I encountered a bunch of problems when setting up full disk encryption on Linux Mint 16, I thought I’d share the final solution I chose, and how to avoid some of the bugs in the Linux Mint Installer.

This howto is based on the Cinnamon variant of Linux Mint 16 x64, but it is probably applicable to other variants and architectures of Linux Mint 16.

Now, there are a few ways to partition your hard drive when using Linux. I wanted the following setup:

  • /boot, unencrypted, 256 MB (otherwise the system won’t boot)
  • /, encrypted, ~50 GB
  • swap-space, encrypted, ~10 GB
  • /home, encrypted, the remaining ~440 GB

This setup has the advantage that you can preserve the /home-partition when updating the system, saving you the trouble of making a backup and restoring it afterwards.

Now, the first option you have when installing Linux Mint 16 is to just select “encrypt this installation” during the install process. Sadly, this creates a setup without a dedicated /home partition, so it is out of the question.

Another Howto I found proposed to use the partition manager of the installer (select “something else” when asked how you want to install Linux Mint 16), and create the three encrypted partitions with the “Use as: Physical volume for encryption” option. This works, but it will make you enter your decryption passphrase three times in a row when booting up your PC, which is pretty darn annoying, so I went looking for a better option.

The way I finally solved my problem was like this: When installing Linux Mint 16, go to the partition manager and create the following setup:

  • /boot, unencrypted ext2, 256 MB
  • An encrypted partition with the size you want for the root of the file system (“/”, choose “Physical volume for encryption”, and a new virtual hard drive will appear, where you will have to click on the only partition on it and select “Use as: ext4 journaling file system”, setting the mount point to “/”)
  • A partition with the size you want your swap space to have, but choosing “Do not use this partition” in the “Use as”-Dropdown menu (more on this later)
  • An unencrypted partition with the size you want for your /home, choosing “ext4 journaling file system” with a mount point of “/home”

Now, there are a few things strange about this setup:

  • We do not activate the swap space because Linux won’t let you install a system with an encrypted partition and unencrypted swap space, and we will encrypt the swap later.
  • We do not encrypt the /home partition because that will happen later as well

Now, after you’ve set up your partition table to your liking (substitute ext4 for other file system types if you want to, but I’ll stick to ext4 for now), click “Install now”. The setup will warn you about your system not having any swap space, but you can ignore that (as long as you have enough RAM to install and boot linux without swap, otherwise you’re out of luck with this howto).

Proceed with the installation until it asks you to create your user. Enter all your user information and do not check the “encrypt my files” option. Why? Because the installer repeatedly failed when I did it, and the one time it worked it produced an unencrypted home directory regardless of my settings. Continue the install and reboot into your fresh linux when the installation is finished. Make sure you are asked for the passphrase you set up for the root partition when booting!

Now, after booting into your fresh linux, make sure “ecryptfs-utils” is installed (sudo apt-get install ecryptfs-utils), and install “gparted” (sudo apt-get install gparted). Then, go to the “Users and Groups” setting and create a new administrator user. Set a passwort for it, then log out and back into the new user. Start “gparted” and select the unused partition that was intended as swap space (make sure it is the correct one, as the encrypted “/” partition looks very similar. Compare sizes to be sure). Rightclick it, and select “format to => swap”. Apply your changes, then right-click the newly created swap space and select “swapon”.

Next, open a terminal and enter sudo ecryptfs-migrate-home -u USER, where USER is the username of your primary user (not the one you are currently logged in as). Follow the on-screen instructions. After the migration finished, run sudo ecryptfs-setup-swap and follow the instructions. Once you are finished with this, log out (but do not reboot) and back into your primary account. Open a terminal and enter ecryptfs-unwrap-passphrase and note the passphrase down somewhere secure. This is your emergency passphrase for when you need to decrypt your home directory manually and / or have forgotten your user password. Afterwards, delete the user you created and reboot for good measure.

You should now have the following setup:

  • /boot, unencrypted
  • /, encrypted
  • /home, unencrypted, but containing an encrypted /home/USER.
  • swap-space, encrypted

You can verify this by running lsblk and checking if the relevant partitions show up as encrypted or not, and running df and looking for /home/USER/.Private in the leftmost column. If it is there, you should be safe.

This setup leaves you with encryption for all your relevant data, with minimal additional annoyance compared to an unencrypted linux (you only need to enter one passphrase on boot, your home directory will be decrypted on login). Now, a few caveats:

  • In this setup, only the home directory of the first user is encrypted. If you ever create additional users, you will have to repeat the steps ecryptfs-migrate-home and ecryptfs-unwrap-passphrase for the new user, or it will not be encrypted. (Technically, this means that this is no full disk encryption, but as long as you remember to do this for every new user or just don’t create additional users, you should be just as safe).
  • Your home directory can be decrypted with your users login passphrase, so choose a strong user password.
  • Encrypting the swap space in this fashion will break Linux’ hibernate function, so don’t use that afterwards (standby is fine, although that will leave everything decrypted in case your laptop is seized while it is in standby, so you may want to avoid that).
  • I have not tried reinstalling linux with an encrypted home directory yet, but according to this askUbuntu-Question, it should not be a problem.

I hope I could help you living a more encrypted life. Please let me know if you find any mistakes in this guide or if something is not clear from what I’ve written.

Update: There is a persistent bug in Ubuntu / Linux Mint, which leads to the SWAP partition not being mounted on reboot. A workaround is described here. Thanks to Igo in the comments for testing the workaround and reporting back.

“Crypto-Hypocrisy”, or: on what is wrong with the security community

Activism, Conferences, Encryption, Privacy, Rant, Technology

I’ve been annoyed at some of the things in the computer science and, more specifically, computer security community for a long time, and decided to finally write them down. This has become quite a wall of text. Depending on how you read this, this may be a rant or a plea.

A few days ago, when I was browsing the website of a security conference (SEC 2014 in this case, but this is applicable to a lot of conferences), I became curious. Shouldn’t a conference focussing on “Applied Cryptography”, among other things, automatically forward me to the HTTPS version of their website? I changed the http:// to a https://, and OH GOD WHAT THE HELL?

Shiny...Interesting. A self-signed certificate, expired for more than three months, and with a Common Name of “ensa ident” (as opposed to, you know, the domain name it was supposed to protect).

Well, someone  must’ve been sleeping, I figured, so I went to the contact page of the website, and OH MY GOD WHAT THE HELL?

Contact Information

A hotmail address. Not only that, but a hotmail address with no information about a PGP key for secure communication.

Now, some people may ask “so what?”. To which I reply: How can the security community as a whole condemn bad security practices and demand secure, end-to-end-encrypted communication for everyone, if the organizers a conference that attendees pay between 250 and 550 € to attend can’t get their shit together enough to at least provide a valid, well-formed SSL-certificate for their websites. Hell, I’m not even asking for one that is signed by a proper CA. I can live with a self-signed certificate, but at least put in the effort to have the CN match your domain name and to create a new one once the old one has expired.

As for the PGP key: I can understand if conferences do not provide a PGP key because their contact address is actually a mailing list that sends the message to multiple people (although it is beyond me why, in 2014, there is no program that will decrypt all incoming messages and re-encrypt them with the keys of the recepients of the mailing list. Or, if there is such a program, why no one uses it). But this is a hotmail.fr address. This is bad on so many levels. A conference on “Information Security Education” can’t even afford to have their own eMail address?

I regularily annoy companies by writing them eMails closing with “P.S.: Have you ever considered adding the capability to receive encrypted eMails to this address? [Link to a tutorial]”. Some ignore this, some make excuses. I only know of two companies who allow me to send them encrypted eMails. One of them is my bank, who will then reply unencrypted with a full-quote, rendering my encryption worse than useless. The other are the people at Uberspace.de, who I am not a customer of, but who provide their key prominently on their website.

How can I keep a straight face demanding this of those companies if the people running our conferences are too lazy or just plain don’t care enough about the ACTUAL TOPIC OF THEIR CONFERENCE to take the 30 minutes to set something up? How can I keep a straight face if, until a few months ago, I could write encrypted eMails with more of my parents (2) than other computer scientists I regularily mailed with (1)?

The general reaction if I propose mail encryption to the average CS student is one of the following:

  1. I should totally do that, but it’s too much work
  2. I’m not writing anything secret, so why would I encrypt it?
  3. I don’t know anyone who is using mail encryption
  4. I’m not writing any mails anyway, I’m using Facebook to talk to other people.

To which I would reply, respectively:

  1. It’s 30 minutes of work, once, and then you can have it up and running until you reinstall your system. How is that “too much work”? Don’t you value your privacy enough to invest 30 minutes into protecting it?
  2. Because it is good practise to encrypt it. Because, even if you don’t write any secret letters, you would still not be happy to have other people read them (hopefully).
  3. Then be the first and pester your computer scientist friends. Take them to a crypto party. It’s gonna be fun.
  4. …Goodbye. *shake head, go away, loose faith in humanity*

It is not about the contents needing hiding. It is not about keeping something from the NSA (although that’s an awesome side effect). It is about making encrypting communication a social norm, at least within the computer science community.

At 30c3, I received three business cards. Two of them were from people working for the Tor Project (Roger Dingeldine and Jacob Appelbaum). Both of them had their PGP Fingerprints printed on their business card. This is what I want to see. Get away from “here’s my eMail address” towards “here’s a way you can send me an encrypted message and be sure you reach me and no one else”.

The third business card was from a nice woman of maybe 50 years with barely any background in computer science. She wanted to help an open source project, so she got a ticket to 30c3 and went to different assemblies and workshops (which, in itself, is pretty awesome, I might add). I recently sent her an eMail, signing it with my PGP key, as I always do for those mails. I received an encrypted response, stating that she had just started using GnuPG and Enigmail and asking if I would help her set up a laptop with Linux and full disk encryption.

If 50-something year old executive consultants can figure this our, why can’t the security community?

The “Humble Store” Method: Results

Activism, Life, Project, , , , ,

So, the Steam Christmas Sale is basically over, let’s see what the results of the Humble Store Method are.

First, some notes. I decided to also apply this method to games purchased on other sites (GoG, the Humble Store (ironically), Humble Bundle and Humble Weekly Sale, as well as any other store where I may buy games). I also decided to follow the method throughout the year, as opposed to only during sales. It shouldn’t make a big difference, as I get almost all of my games during sales, but this makes it easier to follow.

After looking at my purchase history, I am also not sure if 10% are actually enough. I’ll have to think about increasing it to 20% or even 50%, as 10% appearently do not scare me enough.

My purchases were:

  • Bioshock Infinite (7.49 €)
  • 2x Chivalry: Medieval Warfare (5.74 € each)
  • 2x Shogun 2: Total War (7.49 € each)
  • CS:GO (3.49 €)
  • Risk of Rain (5.03 €)
  • Humble Weekly Sale: Puppy Games (6.66 $ => 4.49 €)
  • Stronghold Crusader HD (4.99 $ => 3.77 €)

This leaves us with a grand total of 50.73 €. Damn.

Looking back, I probably should not have purchased Shogun 2 and the Puppy Games Weekly sale. I haven’t played Bioshock infinite yet, Chivalry is great (already sunk 10+ hours into that one), CS:GO is okay (I need more people to play this with), Risk of Rain is RSI-inducingly fun, and, judging from my experience with the original version, Stronghold Crusader HD is probably fun, although I have not played the HD version yet.

So, following the 10% rule, that leaves us with 5.07 €. That’s not very much. So, I’ll just raise the percentage to 25% for this sale, leaving me with 12.68 €. I’ll have to think about the percentage for the next time, but I think 25% is a good first step. I’d set it higher, but I just donated a bunch of money to different organizations at the 30c3 conference and so am a bit short of money at the moment (which is totally not the fault of a lack of restraint on the steam sale, as you can clearly see above. Totally. *ahem*).

So, the only thing left to decide is who will get the money. At the moment, I see a few options:

  1. The CCC, as they did a great congress this year and did not get any donation from me so far (also because they did not accept it when I tried to give it on day 4 of the congress)
  2. Netzpolitik.org, for generally being awesome and informative.
  3. The Tor Project, for generally being awesome and always in need of money
  4. …?

So, if you have any proposals on who should get the money, write it into the comments. I’ll decide over the weekend and update this post with the results.

Update: I decided that the money will go to netzpolitik.org this time around. I’ve been planning to donate to them for a long time (probably more than a year by now) and somehow never got around to it. And since 12.68 € is a terrible number, I’ll just round up a bit. The only thing left to decide is if it will be 13.37 € or just a plain-old 15 €.

Next time, I’ll pick a different organization, but I’ll decide on that once it becomes relevant.

Surviving the Steam Holiday Sale and… doing good? Aka: The “humble store” method

Activism, Life, Project, , , , ,

From past experience, I know that I always spend way too much money on the big sales of the Steam Game Distribution platform. I always buy a lot of games that I never play, or only play for half an hour before never starting them again, and I always end up repeating the same mistake on the next sale, because DAMN CS:GO FOR ONLY 3.49 €!

So, since I am obviously unable to learn my lesson, let’s try to at least do some good while buying games I will never play.

The “humble store” method

For those of you who do not know what the humble store is: It is a store for (mostly indie-)games by the guys behind the humble indie bundle. And, the most important part for the purpose of this article, 10% of the price of any game is donated directly to charities like the American Red Cross, the EFF, Child’s Play Charity, World Land Trust, and Charity: Water. They have already raised over $280k using that store, and combined with all the humble bundles they have sold to date, have raised over $29 million for charity.

So, starting with this sale, I pledge to keep track of how much I spend on those sales, and, after the sale has finished, tally it all up and donate (at least) 10% of the money to a charitable organization of my choice. This can be the EFF, but it could also be the wikipedia, Worldbuilders (the charity of my favourite author), Netzpolitik.org (a german blog I read a lot which could use a bit more money) or any other charitable organization.

Now, 10 % isn’t very much. BUT:

  1. I think any charity, having to choose between a small donation and no donation at all, would choose the small donation.
  2. Nothing prohibits me from donating more than I strictly have to.
  3. If 100 people would do the same, it could still easily make a difference of a few hundred euros.

My challenge to you:

Think about where you are spending way too much money. Maybe you are playing a free-to-play game and are constantly buying more virtual currency for it? Maybe you are drinking too much starbucks coffee? Maybe you are reading too many books No, that’s impossible. Whereever you find yourself spending way too much money, think about this: Could the “humble store” method work for this? Would you be willing to turn your vice into something that helps the world a little bit each time you give in to it?

I’m interested in your feedback on this idea. I will try it out for this sale and report back afterwards.