Monthly Archives: February 2013

Hashing Algorithm: Is your GPG configuration secure?

If your email messages are being signed using SHA-1 you may not be getting the security you think you are.  Attacks on the hashing algorithm have caused much pain to those that use it.  Luckily SHA-2 is available and hopefully we’ll start seeing SHA-3 out in the world soon.

You’ve probably already seen SHA-2 in the wild designated as SHA-224, SHA-256, SHA-384, and SHA-512.  Because of the weaknesses found in SHA-1 it’s important to not use that algorithm any longer.  That means when you generate hashes you shouldn’t use sha1sum but rather one of the SHA-2 tools: sha224sum, sha256sum, sha384sum, or sha512sum.  Depending on the length of time you need to protect the data the strength of the hash will be important.  A larger key will be more secure for a longer period of time than a shorter one.

GNU Privacy Guard (GPG) has a default of using SHA-1, however, unless you manually select another algorithm in your gpg.conf file (usually found in ~/.gnupg).  To use something other than the default you should add the following lines:

personal-cipher-preferences AES256 TWOFISH AES192 AES
personal-digest-preferences SHA512 SHA384 SHA256
personal-compress-preferences ZLIB BZIP2 ZIP

These lines establish not only the preferences for which algorithms to use (for cipher, digest (hashing), and compression) but also in what order to use them.  You can determine what algorithms are available to you by asking GPG in the command line:

$ gpg --version
...
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

GPG will show specifically what is supported based on what’s built into the code when the package was built.

Using the proper algorithm is important for maintaining a secure communications environment so do your research and use something  in which you feel comfortable.

Open Source Libraries

An article on Opensource.com caught my attention today.  The article focused on developing and using open source solutions in libraries.  Libraries are one of the places where openness and sharing go hand-in-hand.  Why more open source software solutions aren’t found there I don’t really understand.

Take my library for instance.  There are ten computers there for the public to use.  These computers are running old versions of Microsoft Windows and old versions of Internet Explorer.  The software is so old and antiquated that I’ve actually had problems using some web applications on these computers.  The library also uses the SirsiDynix software for its ILS solution.  This software offers one of the worst search I’ve ever experienced.  Even if I know the title of the resource I’m looking for it doesn’t generally help in locating the resource in the database.  The system also lacks a history feature so you can obtain a list of items you’ve checked out.  It would also be nice if their system integrated with the state’s electronic library so that a single search would show books (and media) available locally as well as electronic versions available from the state.

I want to take a closer look at Koha and see if their ILS solution is any better.  If it is I may approach my library management people with this solution.  I will propose they use Linux (Fedora?) for their public computers as it will yield a more secure and better web-browsing environment at less cost.  Libraries support sharing and learning and should take advantage of the sharing and learning that comes with open source software.

CHIRP – Open source programming of your amateur radio

Cross post with Radio W4OTN blog

A screenshot of CHIRP

CHIRP

In the past I’ve been frustrated by a lack of Linux-supported software for programming my amateur radios.  Sure, the Kenwood software that they gave you to use would kinda work under Wine but it’s Wine and who wants to operate under that?  Last year I discovered a project that aimed to solve my problem.  CHIRP is an open source alternative to other pieces of software that allow you to program your radios.  Supporting many of the current radio models, this software allows you to create your channel list and then use that on every radio you own.

Last year when I tried the software it wouldn’t program frequencies in the 70-cm band correctly.  That bug has been fixed and many features added as well.  There are even static lists of frequencies one might want to include on their radio including the FRS channels, 60m channels, NOAA weather radio channels, and others.  The software even interfaces with online frequency repositories making it easy to program repeaters into your radio when you are traveling to a new area.

The software is available for Linux, Mac, and Windows and is currently available in the Fedora software repositories (sudo yum install chirp).

CHIRP – Open source programming of your amateur radio

Cross post with Sparks’ Linux blog.

A screenshot of CHIRP

CHIRP

In the past I’ve been frustrated by a lack of Linux-supported software for programming my amateur radios. Sure, the Kenwood software that they gave you to use would kinda work under Wine but it’s Wine and who wants to operate under that? Last year I discovered a project that aimed to solve my problem. CHIRP is an open source alternative to other pieces of software that allow you to program your radios. Supporting many of the current radio models, this software allows you to create your channel list and then use that on every radio you own.

Last year when I tried the software it wouldn’t program frequencies in the 70-cm band correctly. That bug has been fixed and many features added as well. There are even static lists of frequencies one might want to include on their radio including the FRS channels, 60m channels, NOAA weather radio channels, and others. The software even interfaces with online frequency repositories making it easy to program repeaters into your radio when you are traveling to a new area.

The software is available for Linux, Mac, and Windows and is currently available in the Fedora software repositories (sudo yum install chirp).

An open source eReader?

After poking around the Indie Bound (independent book sellers) website looking for a book I noticed a button for e-books.  Curious as to how that works with small bookstores I selected the link and started reading up on their eReader, the Kobo eReader.

I did a quick read on the Kobo and discovered it uses the open standard ePub file format for its books.  Sure, there are other eReaders on the market that do that but how many also publish their source code repository?  At least some of their code is licensed under the Apache 2.0 license!  That’s fantastic, in my opinion, and makes me forget about the Kindles and other eReaders out there that beg for my money.

I’ll be doing more research on this product as my local bookstore, The Annapolis Bookstore, sells the devices and the eBooks.  As I do more research I’ll report back on what I find.