Send LUG mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
http://kym.net/mailman/listinfo/lug
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of LUG digest..."
Today's Topics:
1. Man jailed over computer password refusal (Simbwa Phillip)
2. RE: Man jailed over computer password refusal (Okalany Daniel)
3. Linux User Group Makerere Chapter (byekwaso wilson)
----------------------------------------------------------------------
Message: 1
Date: Wed, 6 Oct 2010 20:20:24 +0300
From: Simbwa Phillip <[email protected]>
Subject: [LUG] Man jailed over computer password refusal
To: [email protected]
Message-ID:
<[email protected]>
Content-Type: text/plain; charset="iso-8859-1"
+---------------------------------------------------------+
When you have to write down a password
+---------------------------------------------------------+
Well, if the password is just sealed in an envelope, some one could
breach
that with a cup of hot coffee!
Then if you introduce staples into the mix, after the steam (from my
hot
coffee) has done its magic, just tearing the envelope and viewing the
password ends your game. There after, one would slip back the paper
with
the password in an identical envelope and may be try to mimic the
original
stapling pattern (doesn't have to be accurate, after all you
probably didn't
pay as much attention when you were stapling) before sealing it.
But of course if you had your envelope stamped like some one
suggested, then
our snoop it caught off balance (could take longer to get a stamp
job done
for him).
Also about the DNA check on the paper may not be of much help if our
snoop
has gloves on! ( I imagine that this password is extremely important
that
they even procured a safe for it!!! I wouldn't be surprised if the
police
looked into the matter when a possible breach is suspected).
Then some creativity may be necessary if you ever want to literally
write
the password down on just a piece of paper. I would propose some extra
paranoia to flavor up our concealing cocktail.
1. Write down the password in Milk (yes..) on a white piece of
paper (only
visible after exposing the paper to some level of heat e.g from a
mercury
lamp).
2. Could write the password on a piece of paper which could be cut
into 3 or
4 pieces and each stored separately possibly in different locations by
different people.
3. For weak passwords like those from say an English dictionary, a
translation into a language of your choice before encoding it in
some way
(if you are at a loss of choices, base64 encode the translated
text). Of
course you have to remember what language you translated it to so
you can
re-translate that back to English using Google or Babel translation
engine
after decoding it.
4. Another approach could be writting your password in a pattern
(more like
obfuscation). Lets say, our cisco password is "aiphe1Xa"
You may want to write it down like so:
"daQri321pDF2?hkpZfgeL462341vN23yrTX\a" and my pattern will be 1 2 3 4 5 6 7
1 and that translates to; drop the first xter, copy the next and
after drop
the next two xters and store the xter that comes next. etc (catch ma
drift
?). All you have to do is to keep your chosen pattern with you (your
head is
the safest place).
5. Could combine all the above to kill the snooper's show
Paranoidly Yours,
::Phillip::
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://orion.kym.net/pipermail/lug/attachments/20101006/ad478a8d/attachment.html
------------------------------
Message: 2
Date: Thu, 7 Oct 2010 11:32:31 +0300
From: "Okalany Daniel" <[email protected]>
Subject: RE: [LUG] Man jailed over computer password refusal
To: "'Linux Users Group Uganda'" <[email protected]>
Message-ID: <[email protected]>
Content-Type: text/plain; charset="us-ascii"
Wow,
I had no idea people go through these lengths to keep written
passwords
safe!
Do you guys go through similar lengths to protect against other
vulnerabilities? (Buffer overflows, CSRF, XSS, Privilege escalation)?
Because the equivalent would be nothing short of analyzing source
code for
all installed programs for these others.
-----Original Message-----
From: Simbwa Phillip [mailto:[email protected]]
Sent: Wednesday, October 06, 2010 8:20 PM
To: [email protected]
Subject: [LUG] Man jailed over computer password refusal
+---------------------------------------------------------+
When you have to write down a password
+---------------------------------------------------------+
Well, if the password is just sealed in an envelope, some one could
breach
that with a cup of hot coffee!
Then if you introduce staples into the mix, after the steam (from
my hot
coffee) has done its magic, just tearing the envelope and viewing the
password ends your game. There after, one would slip back the
paper with
the password in an identical envelope and may be try to mimic the
original
stapling pattern (doesn't have to be accurate, after all you probably
didn't
pay as much attention when you were stapling) before sealing it.
But of course if you had your envelope stamped like some one
suggested,
then our snoop it caught off balance (could take longer to get a
stamp job
done for him).
Also about the DNA check on the paper may not be of much help if our
snoop has gloves on! ( I imagine that this password is extremely
important
that they even procured a safe for it!!! I wouldn't be surprised if
the
police
looked into the matter when a possible breach is suspected).
Then some creativity may be necessary if you ever want to literally
write
the
password down on just a piece of paper. I would propose some extra
paranoia to flavor up our concealing cocktail.
1. Write down the password in Milk (yes..) on a white piece of paper
(only
visible after exposing the paper to some level of heat e.g from a
mercury
lamp).
2. Could write the password on a piece of paper which could be cut
into 3
or 4
pieces and each stored separately possibly in different locations by
different
people.
3. For weak passwords like those from say an English dictionary, a
translation
into a language of your choice before encoding it in some way (if
you are
at a
loss of choices, base64 encode the translated text). Of course you
have to
remember what language you translated it to so you can re-translate
that
back to English using Google or Babel translation engine after
decoding
it.
4. Another approach could be writting your password in a pattern
(more
like
obfuscation). Lets say, our cisco password is "aiphe1Xa"
You may want to write it down like so:
"daQri321pDF2?hkpZfgeL462341vN23yrTX\a" and my pattern will be 1 2 3 4 5
6 7 1 and that translates to; drop the first xter, copy the next
and after
drop
the next two xters and store the xter that comes next. etc (catch
ma drift
?).
All you have to do is to keep your chosen pattern with you (your
head is
the
safest place).
5. Could combine all the above to kill the snooper's show
Paranoidly Yours,
::Phillip::
------------------------------
Message: 3
Date: Thu, 7 Oct 2010 11:45:22 +0300
From: byekwaso wilson <[email protected]>
Subject: [LUG] Linux User Group Makerere Chapter
To: Linux Users Group Uganda <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
Hi guys,
I'm thinking about starting an active Linux User Group community at
MUK....the thought is still in the kitchen(my head) at the moment
though. I have shared this thought with a few of my friends at CIT and
they are all welcoming it. I'm planning the group's main objective to
promote linux usage even to guys that just need a PC for playing
songs,editing course work and play movies, i am already trying to get
as many applications on my Ubuntu that my fellow campusers would be
interested in from Audio Mixing software like Mixx(alternative to
windows Virtual DJ) to Video Editing software that we can give away
during the launch. Im already running the 9.10 Simon gave us so im
building on that. By the way ever since the LUG Makerere chapter
launch you will be pleased to know that more and more guys at campus
are embracing linux and many of them especially at CIT are now running
the LUG iso Simon Launched. Please send me any ideas on how best we
can implement this or better still how best we can make this work.
--
Wilson
------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
End of LUG Digest, Vol 74, Issue 11
***********************************
