So I stopped being lazy and have encryption implemented across all of my devices. Now, I have a 4096-bit RSA OpenPGP key, The Chrome extension Mailvelope is handling Gmail encryption, Thunderbird and Enigmail are configured on the Linux box, and IPGMail is setup for the same on my iPhone.
For the record I’m not worried about Edward Snowden and the NSA. Governments are going to do what they need to do. And sadly, I don’t really generate much, if any, content really worthy of encryption. Most of us don’t and frankly that’s why we’re collectively lazy. I’m just trying to learn more, better manage my personal security and make it easier and safer for people in less-free places (as many Blogs of War readers are) to contact me.
This is actually a pretty good primer (no pun intended) on PGP for the moderately technical. There are a lot of ways to implement encryption but the Hak5 crew smartly recommends Mailvelope which I use on Chrome. Mailvelope makes implementing encryption about as painless as possible and is ideal for those new to process. If you’ve been thinking about encrypting your communications this is a great place to start.
Anyway, now you have no excuse for putting this off. Set aside a few minutes to watch the video, install the Mailvelope extension and create your key. You will then be able to grab my public key on the contact page and send me an encrypted email.
I ran Linux exclusively for several years up until 2010 or so when I bought a Windows 7 box. The Windows box is reasonably secure and generally less annoying than previous versions of Windows so I kept the OS around. Plus, I’ve sort of needed access to Windows for a few things.
Anyway, I’ve missed Linux. It still has it’s annoyances but they’re few and far between and it’s a great platform for easy and free access to a ton of security, networking, and programming tools. That’s why I finally set aside the time to install it tonight.
Installation was straightforward and painless – as most Linux installs are these days. Everything worked out of the box and I was able to install some of my favorite applications and configure it to my liking in just a few minutes. Not much has changed since I’ve left. That’s good.
You can download Linux Mint here.
I thought I’d missed the deadline for this course (it started a week ago) but was able to register today. I’m super excited about this one. Dr Lorenzo Cavallaro (@lcavallaro) with the University of London is teaching.
About the Course
Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented.
Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, “Should we care?”.
Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
I should be able to catch up over the weekend. Here is week one’s reading:
“BotMiner: Clustering Analysis of Network Trafﬁc for Protocol- and Structure-Independent Botnet Detection”
Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee
USENIX Security Symposium, 2008
“Mining the Network Behavior of Bots”
Lorenzo Cavallaro, Christopher Kruegel, and Giovanni Vigna
Technical Report 2009-12, Department of Computer Science, University of California, Santa Barbara (UCSB), Jul 2009
“Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces”
Roberto Perdisci, Wenke Lee, and Nick Feamster
USENIX NSDI 2010
“From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware”
Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee, David Dagon
USENIX Security Symposium, 2012
I do quite a lot of this but I am entirely self-taught. Once again a little formal instruction can’t hurt. Right? This Coursera signature track class is being taught by Lada Adamic (@ladamic) of the University of Michigan. The class has it’s own Twitter account too – @SNAcourse. The details:
About the Course
Everything is connected: people, information, events and places, all the more so with the advent of online social media. A practical way of making sense of the tangle of connections is to analyze them as networks. In this course you will learn about the structure and evolution of networks, drawing on knowledge from disciplines as diverse as sociology, mathematics, computer science, economics, and physics. Online interactive demonstrations and hands-on analysis of real-world data sets will focus on a range of tasks: from identifying important nodes in the network, to detecting communities, to tracing information diffusion and opinion formation.
Week 1: What are networks and what use is it to study them?
Concepts: nodes, edges, adjacency matrix, one and two-mode networks, node degree
Activity: Upload a social network (e.g. your Facebook social network into Gephi and visualize it ).
Week 2: Random network models: Erdos-Renyi and Barabasi-Albert
Concepts: connected components, giant component, average shortest path, diameter, breadth-first search, preferential attachment
Activities: Create random networks, calculate component distribution, average shortest path, evaluate impact of structure on ability of information to diffuse
Week 3: Network centrality
Concepts: betweenness, closeness, eigenvector centrality (+ PageRank), network centralization
Activities: calculate and interpret node centrality for real-world networks (your Facebook graph, the Enron corporate email network, Twitter networks, etc.)
Week 4: Community
Concepts: clustering, community structure, modularity, overlapping communities
Activities: detect and interpret disjoint and overlapping communities in a variety of networks (scientific collaborations, political blogs, cooking ingredients, etc.)
Week 5: Small world network models, optimization, strategic network formation and search
Concepts: small worlds, geographic networks, decentralized search
Activity: Evaluate whether several real-world networks exhibit small world properties, simulate decentralized search on different topologies, evaluate effect of small-world topology on information diffusion.
Week 6: Contagion, opinion formation, coordination and cooperation
Concepts: simple contagion, threshold models, opinion formation
Activity: Evaluate via simulation the impact of network structure on the above processes
Week 7: Cool and unusual applications of SNA
Hidalgo et al. : Predicting economic development using product space networks (which countries produce which products)
Ahn et al., and Teng et al.: Learning about cooking from ingredient and flavor networks
Lusseau et al.: Social networks of dolphins
Activity: hands-on exploration of these networks using concepts learned earlier in the course
Week 8: SNA and online social networks
Concepts: how services such as Facebook, LinkedIn, Twitter, CouchSurfing, etc. are using SNA to understand their users and improve their functionality
Activity: read recent research by and based on these services and learn how SNA concepts were applied
I’ll update once it starts in October.
I just registered for Metadata: Organizing and Discovering Information. It’s an eight week online course offered by The University of North Carolina at Chapel Hill through Coursera. I’m pretty comfortable with Metadata concepts and I’ve consumed quite a bit of it in my projects but a slightly more formal education might be helpful.
About the Course
If you use nearly any digital technology, you make use of metadata. Use an ATM today? You interacted with metadata about your account. Searched for songs in iTunes or Spotify? You used metadata about those songs. We use and even create metadata constantly, but we rarely realize it. Metadata — or data about data — describes real and digital objects, so that those objects may be organized now and found later.
Metadata is a tool that enables the information age functions performed by humans as well as those performed by computers. Metadata is important to many fields, particularly Computer Science; but this course is not purely a Computer Science course. This course approaches Metadata from the perspective of Information Science, which is a broad interdisciplinary field that studies how people create and manage information.
Unit 1: Organizing Information
Unit 2: Dublin Core
Unit 3: How to Build a Metadata Schema
Unit 4: Alphabet Soup: Metadata Schemas That You (Will) Know and Love
Unit 5: Metadata for the Web
Unit 6: Metadata for Networks
Unit 7: How to Create Metadata
Unit 8: How to Evaluate Metadata
The class starts in September. I’ll post updates as it progresses.
So much attention is paid to the climbs (yes I know that’s the idea) but it took Alan years of hard work to pull this campaign together. It didn’t help that he had to pitch it to once company after another in the midst of a severe economic downturn. It looked pretty bleak at times, almost all of the time actually, but Alan tackled the challenge like a true mountaineer – unwaveringly putting one foot in front of the other until he reached his goal. Ida would have been very proud.
I just wrapped up a complete month in the gym. I’m very happy with that but I’m even happier that my foot is healing well. I’m at 100% in the gym and pain isn’t an issue. I don’t know how well I’d do on a ten or twenty mile hike but I plan to add some of those into the training mix in January or February.
The routine right now is pretty basic – 45 minutes on the treadmill and about 18 ten rep sets of weights per night. I’m doing that 5 nights per week with Friday and Saturday being rest days. The epic stair climbs probably won’t be back in the mix for another 2 months or so. I want to make sure my foot is completely healed before putting that much stress on it.
The diet is also going extremely well. It’s also pretty basic – chicken, fish, turkey, and veggies make up the bulk of my diet. I don’t bother with low fat or fat free alternatives with the exception of fat free Greek yogurt which I eat almost daily. I’m probably averaging 1500 calories a day, often a little less, rarely a little more. On Saturday I can cheat a little at dinner but for the most part I haven’t. I’m down about 25 pounds and I’ve added some muscle so this is working well.