Thursday, 29 August 2013

SRM #368

Race #33 2013 - 6516m - 25:31 [PB] - Wednesday 28th of August

On their last trip they gave me a new PB (src).

My 127th Sognsvann Rundt Medsols was a good one. I managed to set a 2 round PB, with the time 25:31 (garmin connect). One month since my 3 round PB. My previous SRM x2 PB was from 2010. Having said that, it was my weakest PB. August is my number one PB month around the lake, and 4 out of 6 PBs are from this month.

Summer, a good period for PBing.

What else?

Less is more
I don't run that many kilometers a week, instead I do have much quality. My longest session each week is a 12-13 km Sunday trip in the forest. Satisfied with the progress, so I don't have any current plans to run much more.

week 27: 40.2 km (1. - 7. July)
week 28: 28.3 km
week 29: 36.2 km
week 30: 46.5 km
week 31: 46.9 km (29. July - 4. Aug)
week 32: 35.7 km
week 33: 42.4 km
week 34: 42.1 km

Almost a typical week, this time of year. I normally do SRM on Wednesdays.

Not jelly
A couple of nights ago I woke up in the middle of the night. There was something in my bed. A small lump of something. In the complete darkness I squeezed it with my fingers, trying to feel what might be. It felt like jelly. Too tired to do much processing, I did put the lump in the window frame. Doing more thinking I realised it was very strange that a lump of jelly would find it's way to my bed. I turned the lights on to examine the lump. It was gone. I searched, unable to find it. I went back to bed, not knowing what I had shared my duna with. I did fear it was something alive, as it was gone.
Next morning I found out, as I found a big larva. No idea on how that has happened. And no, it's not messy or dirty at my place. I do shower frequently and change linen once a week. Telling this story I guess I blew all possibilities of ever sharing bed with someone else but larvas. I'm truly all out of karma points.

Jenny
At Ica Ullevål there is one Chinese looking girl working. Her name is Jenny (I did not ask, she has a badge). She is the most efficient cashier I've ever witnessed in my entire life. While the other people there had served one person she had served five, and all those five had heaps more items than the one the other cashiers served. See seems to be working Thursdays noon, at least. I've seen her twice. It's fascinating, as she reminds me more of an insanely efficient robot than a person. You should go there to see her working. It's worth the entire trip.

Downhill
A few days ago at Havnabakken, while reading The Stand, I heard a girl screaming. I looked up, and saw a little girl, riding her bike, at full speed (we're talking FAST) down the steep grass hill. 50 meters behind her a woman, most likely her mother, was running as fast as she could, screaming as well. The little girl had obviously lost control at the top of the several hundreds meters long hill. Two strangers started running after the girl as well, trying to help. They all disappeared out of my view, and I never again saw them. I will never found out what happened to the girl. Crossing my fingers, hoping it went alright.

Why I didn't run after them? I didn't believe it would make any difference if I went, as already three grown ups came for the rescue. If you can't help it's better to stand back. But, no karma points gained.

Monday, 26 August 2013

Koboltgruvene opp 2013

Race #32 2013 - 4.4 km - 24:14 [debut] - Saturday 24th of August

A nice prize for those who were a lot faster than me.

A hill race, with resemblance of Grefsenkollen Opp and Skjennungstua Opp (by the way, the Koboltgruvene-guys know that "opp" is supposed to be written with a lowercase "o", according to Norwegian orthography). However the track had a few flat parts, where it should be possible to relax a bit, or increase the pace.

The track
Mainly gravel road, and then some asphalt. Check out the map here.

Elevation

My race
For me it was a tough day for running. I thought that all the stair session I've done over the last weeks would help me, but I felt no signs of that. It was bloody hard from the very beginning till the very end. Luckily the event itself was as great as the weather, so overall it was a very nice and memorable day at Koboltgruvene.

After the race all runners got home made currant syrup mixed with water. The best drink I've ever been given after a race, and alone worth all the pain up the 4.4 km track. Later I bought a hefty, thick and yummy waffle, which is one of the best waffles I've ever eaten (thanks for the tip, Mr Leira). As it was 35 kr, including brown cheese, it was not cheap, but darn, it was worth it!

Me, no Viking
This was also the day where I was supposed to participate in Viking Race. However due to some pain I could not, which was very annoying as I really was looking forward to this new type of race, and had done a fair bit of preparations. That aside, I am glad I did Koboltgruvene opp.

The grades
Atmosphere      : 5/5
+ irreproachable

Toilets         : n/a
/ didn't check, but do believe there were enough

Value for money : 5/5
+ 250 for late entry fee (200 early)
+ Tee
+ The best EVER post race drink (currant ftw!)

Organising      : 5/5
+ All good

Race Timing     : 5/5
+ Online the same evening.

Track           : 3/5
+ OK, and got more exciting along the way.
- Not the most exciting track.

OVERALL         : 4.6 / 5

The pictures

Links
| official pages | official resultspictures on flickr | garmin connect | kondis article |

Wednesday, 21 August 2013

The Prism Break Challenge - Part 2

MoCh - Challenge #9 September 2013 - The Prism Break Challenge

... or "how to make untraceable phone calls from a mobile phone"

A new phone and a new mobile subscription (src: img.chronicles.no).

Since I am soon going off the grid, to prevent Big Brother from seeing me, I have started doing some preparations. One of the things that I've have sorted out is getting myself a mobile subscription and a mobile phone that is completely unknown to Big Brother.

A new mobile phone
The first and easy thing to do was to get hold of a new and unused mobile phone. I dropped by Clas Ohlson and bought their cheapest model, a simple no-smartphone mobile. As well I paid by cash, to make sure there is no way to trace that exact mobile back to me.

Why a new mobile phone?
Every mobile has got a unique IMEI number, which is submitted to the mobile network when the phone is used. For a previously used mobile phone there will be a connection in between the IMEI and the user, hence the phone will be "dirty" and can be used to track you down.

A new mobile subscription
The second step is to get a new mobile subscription. This step is harder and some skills in social engineering is required to succeed. A few years back anyone in Norway could buy a prepaid mobile subscription without having it registered on you as a person. Those days are gone as Big Brother wanted to see more. So today if you want to buy a prepaid mobile card you need to identify yourself.

How to register a Chess prepaid card.

Most providers have two ways of registering as a new prepaid customer. You can either send them a text message, with your name and your Norwegian national identity number (the ID number will be verified against the national database of valid ID numbers). Or if you're not a Norwegian, hence without Norwegian ID, you can register at the shop where you buy the subscription.

Shop owners are required to verify the ID of people buying these subscriptions, but luckily there are shops around that will let you register without a proper valid ID if you pretend to be from overseas.

So, drop buy a kiosk, pretend to be from somewhere else (whatever country that is plausible, depending on your skills in languages and your looks). Make up a good story why you don't have the ID with you. Like you have been robbed, only have some cash, did get a mobile from a friend and have to call someone. Or present some piece of paper, with your fake name, address, date of birth that you claim is a valid form of ID in your home country, and get angry and start talking very loud if the shop owner tells you that it is not valid.

And once more, the subscription should be paid by cash, as you don't want to leave any electronic traces upon "checkout".

The Prepaid Subscription
An alternative way of how this could be done is presented here. Of course, there is no resemblance to any real people, occurrences in real life or what have you got.

INT. KIOSK DOWNTOWN OSLO, NORWAY - MORNING
A small kiosk, no people except for Mr Kioskowner standing behind the counter. Mr Me walks inside.

MR ME
(while walking towards the counter, smiling)
Hello, Sir. How are you today?

MR KIOSKOWNER
Hello. Not bad at all. Yourself?

MR ME
Oh, I am good as well. Thanks for asking. I do need a prepaid mobile card, do you sell this?

MR KIOSKOWNER
Yes, I do. What do you want?

MR ME
I don't know anything about these things. What options do I have?

MR KIOSKOWNER
Are you going to make a lot over overseas calls, or mainly calling within Norway? We have Lebara, Tele2, Chess, Telenor and a few more. Telenor are expensive by the way.

MR ME
I won't make any overseas calls, I think. Chess sounds like a good name, how much is it?

MR KIOSKOWNER
Chess is a good choice. It's 99 kr.

MR ME
(while handing over 100 kr in cash)
OK, I will take the Chess one then.

Mr Kioskowner hands over a small envelope containing the new prepaid mobile subscription.

MR ME
(while looking at the envelope, looking confused)
Can I just start using this, or is there something I have to do?

MR KIOSKOWNER
You need to register. You can send a text message to the number on the envelope there, or I can register it for you now.

MR ME
Sounds easier for me to let you register.

MR KIOSKOWNER
No problem, just come back here and we'll do it on my computer.

Mr Me walks around the counter, and Mr Kioskowner opens the Chess prepaid mobile registration page in his browser.

MR ME
OK, I can just fill out the few fields there myself. My name, postal number and my national Id number.

MR KIOSKOWNER
Yes, it is easy.

Mr Me starts filling out the fields, using his newly created identity. While he does this he sees that there is one checkbox for "foreigners". Saved by the bell a new customer enters the kiost, and Mr Kioskowner turns away to serve that person. Mr Me quickly clicks the "foreigners" checkbox. The field for Norwegian ID number disappears, and new input fields shows up on the webpage, like fields for date of birth, address, country, type of ID and ID number. Mr Me fills out the fields as quickly as possible. He picks a random country from the list, and types in 10100 as a random post number.

Mr Kioskowner finishes helping the other customer.


MR KIOSKOWNER
(turning back towards Mr Me, and looking at the PC screen)

So, is it OK?

MR ME
(slightly stresses, while continuing to fill out the fields, not looking up)
Yes, everything is OK. Soon done.

Very quickly Mr Me picks "passport" as ID, and types in "0193723" as "ID number". Followed by a quick click of the "Submit" button. Mr Kioskowner that keeps staring on the screen takes up his glasses from his breast pocket, and puts them on. At the same time the page is done loading, and a "successful registration" message shows up.

MR ME
(relieved)
There, all done! Thank you so much.

MR KIOSKOWNER
No problem. My pleasure.

Mr Me leaves the kiosk.

Recharging
To keep the subscription "clean" the only way to recharge is to buy refill cards in shops, paying with cash.

Recharging.

Please note
The location of the phone will be tracked, so if you for example turn it on at home for the very first time Big Brother might see in what area where it first was activated. If you are truly paranoid you should not use the phone from your home location. Big Brother is also analyzing usage patterns. So if your usage is different to the average (like how many people you contact, the length of calls, number of text messages, what you write and so on) some computer system in a basement somewhere might flag your number as suspicious. Then Big Brother will take an extra look at what is going on. Also note that if you use the phone to call the same people that you normally contact the subscription will be linked back to you. Think of it, who else is calling your parents, girlfriend / boyfriend and other friends? Each person has got a very unique calling pattern.

Links
The Prism Break Challenge - Part 1


Bitmessage crackdown?

A message from Big Brother?

I started using Bitmessage yesterday, and it didn't take long before I witnessed a possible Big Brother interference of the network. Of course, this is only speculations, but in light of what has been revealed over the last weeks you have to be naive not even thinking of the possibility that Big Brother would ta actions to know whom are using Bitmessage.

Everyone on Bitmessage has received a message on the following format:

Bitmessage has several potential security issues including a broken proof of work function and potential private key leaks.

Full details:
http://secupost.net/2606120940/bitmessage-security

A message written to trick users into clicking on the link.

And every address on Bitmessage did receive a unique URL, like:
http://secupost.net/3240982275/bitmessage-security
http://secupost.net/760979548/bitmessage-security
http://secupost.net/4224282573/bitmessage-security
http://secupost.net/4278472862/bitmessage-security
http://secupost.net/1189531455/bitmessage-security

Following the URL you would only get a "500 Internal Server Error page":


The source code of the page.

The domain secupost.net was registerred yesterday:


The site secupost.net might have been setup by Big Brother to do a mapping in between BM addresses and IP addresses, and to get an overview of whom are using the encrypted messaging network Bitmessage. To avoid traps like these it is a very good rule to never open links received from people you don't know, and to always use TOR for the anonymity, with JavaScript disabled by default (and of course not have Flash or Java running / installed either).

Related posts
Atheros:
All pubkeys for all addresses are published except those for chans (assuming all of the humans join the chan correctly using the menu option rather than using "Regenerate Deterministic Addresses"). It is very plausible that it is someone attempting IP address correlation which would involve sending out a lot of messages which would explain the current spike in the number of messages in the network.
https://bitmessage.org/forum/index.php/topic,2964.0.html

50404:
The website is not working, was it ever up?
I assume this is some sort of trap to find out more (IP, browser, etc) from the corresponding bitmessage ID?
http://www.reddit.com/r/bitmessage/comments/1krss6/bitmessage_is_broken_i_am_receiving_messages_on/

geofflosophy:
I have now received it at all 8 of my addresses, only one of which I've ever given anyone. Maybe it's the NSA trying to link public keys to addresses when you open the link... Good thing I use a VPN.
https://bitcointalk.org/index.php?topic=278757.0

varys:
This also leads me to wonder if the error 500 pages are really related to a resource issue as I previously speculated. It could be that the server was intentionally misconfigured and the plan all along was to log the incoming IP addresses next to the URLs of the incoming connection attempts, which can then in turn be correlated to BM addresses.
https://bitmessage.org/forum/index.php/topic,2963.0.html

UPDATE [13.08.23]
Mr "Robert White" was behind the "attack" (message from secupost.net and Bitmessage):
-- -- --
This message is also available at http://secupost.net

Alright, the messages sent out a few days ago are starting to expire now. It's time for everyone to learn what the purpose of secupost.net is.

As many of you guessed, this is indeed a Bitmessage address to IP address mapper. Yes, the only thing that webserver would send was a 500 message.

It did alright too, gathering nearly 500 bitmessage users information after sending 15000 messages. Double what I expected.

I've included both a log of each address detected and the first thing to hit it including IP, reverse DNS and useragent as well as raw logs for every valid request. If you need to confirm this signature so you can verify messages from me when bitmessage is down, please see the bitmessage general chan for a copy from my bitmessage address.

So, future lessons:
- - - Yes, all bitmessage addresses are public and can be read from your messages.dat file using a small script.
- - - Don't click links. Even if it looks like a security-related site and uses some technical terms. I am not a nice person, I will publish any information I can gather about you and I don't care if you get lit on fire by terrorists because of it.
- - - Bitmessage does _not_ scale. It took me around 3.5 hours to send ~15k messages but it took the bitmessage network over 18 hours to fully propogate them.

Some of you were smart enough to use tor or VPN providers, but many of these are direct home or server IPs. The information below is more than enough for any government to come after you or any script kiddie to DDoS you. Be more careful next time.

Some of you tried to use scripts to claim addresses which weren't yours and skew the data, of course, you didn't even change your user-agent. 

Even without accouting for that your attacks were ineffective because the IDs were generated in a non-linear fashion using a cropped HMAC-SHA256. To find your id:

def gen_mac(addr):
mac = hmac.new("fuck you", addr, hashlib.sha256).digest()
return unpack('>I', mac[0:4])[0]

This simple deterministic method means that you would have had to try... (2^32/15000)/2 = 143165 times on average just to get a single collision. Thanks for playing, but no luck this time.

This service has been operated completely anonymously thanks to Tor and Bitcoin. I hope you enjoy the result.

Robert White (BM-2D8yr4fzoMzwndqPwLMVyzUcdfK9LWZXjY)


And here is one response from a Bitmessage user:
-- -- --
Thought #1, thanks asshole (Robert White (BM-2D8yr4fzoMzwndqPwLMVyzUcdfK9LWZXjY))
Thought #2, you aren't as smart as you think you are.  Some of us took precautions that you haven't even considered.  At least I did, and my spoofed records appeared in his list.
Thought #3, the conclusions are not supported by the facts.  ("does _not_ scale")
Thought #4, my infant son can't get a job.  He does not scale.  He needs to be terminated.
Thought #5, be part of the solution, not part of the problem.
Thought #6, did I mention Robert White is an asshole?


And here is the code on GitHub:
-- -- --
Bitmessage Proof Of Work optimizations including OpenCL and C based PoW code.

Added security 7 : Bitmessage

Bitmessage is not Big Brother's best friend. That much is clear.

My Bitmessage inbox is currently nice and clean. This might change in September.

During my Prism Break Challenge in September I will not use email at all. The reason for this is that with normal email Big Brother can see all my communication. It is possible to encrypt email though. However, it is not as easy as it should be, and despite using encrypted email Big Brother will see whom I am communicating with.

An alternative to sending normal emails is sending messages using a tool called Bitmessage (wiki page):
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide "non-content" data, like the sender and receiver of messages, from passive eavesdroppers like those running warrantless wiretapping programs.

Bitmessage is very easy to setup and use. It only takes a couple of minutes. Download the program, run it and create a new identity. Then distribute the generated address to your contacts.

My Bitmessage address is:

BM-GtndKuH11FuUdabMvVURSyoPVTez6bdV

So if you want to communicate with me in September, please use Bitmessage, and Big Brother will be completely blind (unless he gets full access to mine or yours computer).

My first Bitmessage identity has been created.

And below is what my normal email signature now looks like.

My email signature.

Links
| First Look: Bitmessage – Email for the ParanoidBitmessage: Choice Of A Rightly Paranoid Generation |

Monday, 19 August 2013

The Prism Break Challenge - part 1

MoCh - Challenge #9 September 2013 - The Prism Break Challenge

src: img.chronicles.no

The Challenge
It has been a long time since my last challenge, so it is about time to once more step out of the comfort zone. My new challenge is called "The Prism Break Challenge" (written as Prism and not PRISM on purpose). The proper challenge doesn't start before September, but I've started doing preparations, that I will write more about soon.

The goal of this challenge is to be more or less invisible to Big Brother (NSA and intelligence services, aka. government agencies, around the globe). To do this I need to stay off "the grid", or to create fake identities that can not be traced back to me as an individual. I will make some exceptions, as staying completely off the grid is impossible for me due to my work. The challenge will be extremely hard, as it is impossible to live a normal life today without leaving any digital traces.

My goal is to:
- Be unable to track down.
- Make all my communication completely secure / secret.
- Leave few electronic traces.

I will not be able to:
- Prevent people from contacting me in a way that is readable to Big Brother (for example, I can't prevent anyone sending me an email or a text).

Exception:
- While at work, doing work related stuff (7am-3pm Monday till Friday Big Brother will see me).
Note: Work will not be a free zone for doing private stuff, hence I will not do anything private, that is traceable, even while at work.
- I will post updates related this challenge, from an untraceable destination.

I dare more people to join me doing this challenge, in protest to the massive surveillance we're all under. Big Brother is watching, but in September he shall see less.

What this means?
- A month of cash only payments (no form of electronic payment - Bitcoin would work but nowhere to use that in Norway).
- No usage of my own mobile phone (my phone will be left home at all times, turned on, but not used).
- Not using any email address traceable to me (emails can never be 100% encrypted).
- No electronic calendar, document solution, image uploading or what have you got.
- No public transport using card registered on me.
- Not using my own Internet connection at home.
- Not doing any races as myself.
- Not tracking my runs using any GPS tool.
- Not having any photos taken of me (I will try avoiding this as best I can).
- Not driving my car (there are cameras everywhere).
- Not accessing my gym using my ID card.

I'm sure I will think of other things I can't  do as well.



Previous Challenges
Below is a list of the challenges I've done so far.
Challenge #0 : December 2011 : Rejected by Seven
Challenge #1 : April 2012 : The 10 Words Challenge
Challenge #2 : May 2012 : The Less Social, More Sleep Challenge
Challenge #3 : June 2012 : The Leave Phone Home Challenge
Challenge #4 : July 2012 : The Read Every Day Challenge
Challenge #5 : August 2012 : The Photo Poetry Challenge
Challenge #6 : September 2012 : The Go To Class Challenge
Challenge #7 : October 2012 : The Call Grandma Every Day Challenge
Challenge #8 : November 2012 : The Do Nothing Challenge

... or view all my monthly challenges here.

Sunday, 18 August 2013

How to export your RescueTime data


How you can export all your data stored in RescueTime. Note that this is only possible for premium members.

1: Generate an API key:


2: modify the link on the following format:
Change key to the key found in step 1, and alter the start and end dates. Check out the API doc for more details.

Export data entries, sorted by rank:
https://www.rescuetime.com/anapi/data?key=[yourKeyHere]&restrict_begin=2011-01-01&restrict_end=2013-12-01

Export data entries, grouped by year:
https://www.rescuetime.com/anapi/data?key=[yourKeyHere]&restrict_begin=2011-01-01&restrict_end=2013-12-01&perspective=interval&resolution_time=year

Export data entries, grouped by month:
https://www.rescuetime.com/anapi/data?key=[yourKeyHere]&restrict_begin=2011-01-01&restrict_end=2012-01-01&perspective=interval&resolution_time=month

Export data entries, grouped by day:
https://www.rescuetime.com/anapi/data?key=[yourKeyHere]&restrict_begin=2011-01-01&restrict_end=2012-01-01&perspective=interval&resolution_time=day

Example of exported data (CSV format):
Rank,Time Spent (seconds),Number of People,Activity,Category,Productivity
1,3343450,1,Gmail,Email,0
2,1119430,1,Hosted Google Docs,Writing,2
3,1108232,1,draft.blogger.com,Blogging,0
4,909023,1,komodo,Editing & IDEs,2
5,883763,1,Google+,General Social Networking,-2
6,679894,1,Windows Explorer,General Utilities,1
7,495396,1,facebook.com,General Social Networking,-2
8,377095,1,Google Chrome for Android,Browsers,0
9,367925,1,svn.dax.net,General Business,2
10,359020,1,chronicles.no,Blogging,0

3: Error handling
If you get the error
{"error":"# unsupported request"}
try smaller time intervals / a shorter reporting period.

If you get the error
{"error":null}
it might be your API key that is invalid.

Friday, 9 August 2013

1984 vs 2013

The banner of the Party in the 1984 film adaptation of the book (src: wikipedia).

The leaks  from Edward Snowden over the last weeks has painted a picture of the world that is not very different from what George Orwell did in his Nineteen Eighty-Four novel. A society where Big Brother is watching you. Big Brother in our case is our own government, that takes all steps necessary to gather as much data on as many people as possible. Our Big Brother is arguing that this is necessary to keep us safe from the evil forces lurking in the dark, the terrorists who are fighting against the so called free and democratic world we are living in.

"The greatest form of dictatorship is the dictatorship where people think they are free." David Icke. (src: morphogenetically).

It has been special living in Norway during the period when the NSA leaks has taken place. We norwegians love to have our nation described as democratic with freedom of speech as a key cornerstone. However our government and politicians has been very clear on where they stand in the Snowden case by treating it with absolute silence. Norwegian politicians accepts that Norwegians and everyone else are being spied on, even though the victims have not broken a single law in their entire life.

Dagbladet's John Arne Markussen had a great post yesterday, where he states that there is no democracy nor a state governed by law if people can not communicate freely, safely and confidentially. He is very right in this. The so called democracy is an illusion, in Norway as in the United States.

Not a single bit of information that has been revealed over the last weeks has surprised me at all. The only thing that has surprised me is what risks Snowden has taken, and what he has sacrificed, to reveal all this. However, there is one difference for me now compared with earlier. And that is those who judged me as very paranoid has stopped doing that. And myself, on the other hand, has stopped looking at them as equally naive.



Link
| g+ : feige og udemokratiske norge |

Added Security 6 : Secure mail services

src: lavabit.com

Over the last 24 hours two email services, that has advertised their services as secure, has shut down. Lavabit was the first one to close, then came Silent Cirlcle's Silent Mail.

"Silent Mail has thus always been something of a quandary for us. Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has. There are far too many leaks of information and metadata intrinsically in the email protocols themselves. Email as we know it with SMTP, POP3, and IMAP cannot be secure." src: silentcircle.

Security expert Steve Gibson has a good explanation on why Lavabit did close. The reason being, as Silent Circle writes as well, that the email protocol is not safe. There is always some leakage of information. Yes, you can encrypt emails, which will make it pretty hard for the NSA guys to read the content of your emails, however NSA can still see whom you are contacting. If you do not implement security the right TNO (Trust No One) way, as Lavabit had failed to do, the NSA can visit a company and ask for the data to be handed over, along with decrypting keys. With PGP though you should be the only one having the key to decrypt your data.

The best way of staying secure from Big Brother's is still to encrypt your emails. You can do that using a client as I did describe in my previous Added Security post, or you can use the browser plugin Mailvelope. I might write a separate post on the latter one.

You have a service called CounterMail as well. Just by having checked that briefly it seems to do the exact same thing as if you encrypt all your emails yourself. With CounterMail though you need to have Java running in your browser, as it uses Java for encryption and decryption. And having Java running in the browser is madness, as it is the number one reason why people are hacked (as mentioned here). Hence I would not recommend CounterMail.

Encrypting emails is unfortunately slightly too technical for the average computer user. Security has to be easy for everyone starting using it. What I believe we will see in the near future is more new services for communication, not using the standard email protocol we are using today. Services where messages might never leave the server they are stored on, or where all information sent is an unreadable blob of data, unable for Big Brother to eavesdrop on. There is a huge marked for this, as people in general do not like to share everything with someone they do not trust.



Links
| g+ : shutdown of lavabit | g+ : shutdown of silent mail |



Tuesday, 6 August 2013

Sellanrå Opp 2013

Race #29 2013 - 2.8 km - 21:33 - Tuesday 6th of August

On the road, with Mr LG and Mr RG.

Weather wise it did not look too bright before tonight's race. However closer to race start, at 1800, the rain decreased. I visited Maridalen, and Sellanrå Opp - one out of five races in "Maridalens Motbakkecup", together with Mr RG and Mr LG.

Mr RG.

Mr LG.

Personally this race was slightly chaotic for my liking. Too crowded, even though I bet there were a lot that did not race due to the weather. I got off in an OK pace, but it was hard running. It started off quite steep, and it was slippery on the wet rocks and roots. The inov8 Bare-Grip 200 did not change that fact. It was hard overtaking people on the narrow path, and I more or less ended up in the same position as I started in. I felt tired, and the extra energy from last week was all finished. I did run as fast as I could though, I always do. I could not keep my big brother's backs, they were stronger. Not that it did surprise me much.

inov8 Bare-Grip 200.

Even though I have been taught to do proper double lace knots my right shoe lace loosened. inov8's round laces are poorly designed, as they are close to friction free. I lost two positions tieing. Then, a few minutes later, overtaking another runner, I did hit a tree and torn one of my favorite boardshort, an almost unused Rip Curl Mirage. For the rest of the race that occupied 80% of my brain activity, I was annoyed. I know, it might sound stupid, but I love my boardshorts. The last 20% was spent on thinking about how hard it is to do hill races.


That aside, I did reach the top. Along with a lot of happy people. So did the sun, that showed it's warm face through the clouds. The hole in the shorts was forgotten, and it was time for some post race mingling. Something that seldom is a disappointment.

On my way down there came a wasp out of nowhere and decided to sting me in my right ear. It did hurt a bit. Not sure what I did to annoy the wasp. I am obviously all out of karma points.

Double darn, I need to find a good tailor. This shorts has to be saved.

However, despite of the slippery ground, the crowded track, the loose shoelace, the torn boardshorts and the wasp sting: it was all worth it.

Most of the 113 competitors (photo by Jørgen Lindalen).

The race to the top
A world we don't understand.
A beauty easy to forget.
Turning away from where we live.
Turning back to where we belong.

There is pain.
There is joy.
There is discomfort.
There is victory.

The rains falls.
The water flows.
Evanescence of the mist.
Breakthrough of the sun.

On the break of autumn.
The speechless nature watches you.
The wind embraces you.
Where you race to the top.

Links
| garmin connect | results and article |

Mr LG

Mr LG, aka. The Wolf.
A fearless fighter.
Always on the hunt.
Challenging the challenges.

You might look at him as a competitor.
He won't look at you as one.


Mr V

Mr V, the norwegian record holder
who grew faster with age.

Works on both the pump,
and the speed.

Seems innocent at first.
Behind the mask a strong will,
a hate of losing and
a sarcastic set of statements hides.

src: morphogenetically

Monday, 5 August 2013

Mr B

Mr B, with a hip of titanium
and biceps of iron.

A gambling conversationalist.
Works hard on lifting iron and covering
kilometre after kilometre on the iron horse
or in the running shoes.

src: chronicles

Sunday, 4 August 2013

Mr Y

Mr Y, a master of sound and sounds.

A very creative mind.
Has travelled the world,
more than once.

However,
his home is the land of the rising sun.


Mr RG

Mr RG, the man that has completed
the same amount of km in running shoes
as he has written sentences.

And beware, Mr RG do writes a lot.

A master of words,
and long distances.
Known in the Far East as the old sensai,
and in the West as the living legend.

src: chronicles

Saturday, 3 August 2013

Mr Pain

Mr Pain, also known as Mr Jean, Mr Master-Of-Pain and Mr Guadeloupe.

Skilled chef that is
faster than most,
stronger than most,
and stricter than most.

No matter how high you raise your knees,
no matter how fast you run
you will seldom impress Mr Pain.

src: chronicles

Friday, 2 August 2013

Mr Me

Mr Me is just me,
and no one else than me,
in case you did wonder.

Older than some,
younger than others.

src: morphogenetically

Thursday, 1 August 2013

SRM #364

Race #28 2013 - 9774m - 39:27 [PB] - Wednesday 31st of July

Photo by Christopher Aalholm, manipulated by me.

It was Wednesday. It was SRM. It was a good day for running.

The final meters (Photo by Christopher Aalholm).

I had planned to do another two round race, and was unsure how my legs were after Tuesday's GSC, and five tough days in a row. Saturday I did 200 meters, and got 28.7 seconds. First sub 30 after my tibia injury. Sunday I did "Gilbergs Forest Track", and finished in 1h 25m which was a PB by 5 minutes. Monday I did my best ever 300m hill interval session. Tuesday we had the GSC, where I ran well. And on the Wednesday I did set a new PB on three rounds around the lake.

Ms CK: "So you really think you can beat me?" Mr Me: "But how many rounds? One? Two? Three? I need to know." (Photo by Christopher Aalholm)

Having said that, my old SRM x3 record was far from my strongest PB at Sognsvann, as I had not done a three round race in over two years. Last time, in July 2011, I ran in 39:56, which was my old record. From my experience SRM x3 is comparison to a flat 10km road race. Some small hills makes up for the shorter distance.

Mr TB aka Tim, Mr Me and Mr HL aka Heming Leira. (Photo by Christopher Aalholm)

The weather was perfect, with cool air filled with oxygen. I was lucky to run alongside handsome Tim, which kept a very even pace, gradually increasing the pace throughout the race. Unfortunately he got engine problems on the final round (tummy issues), and had to let me go. My plan was only doing a two round race, however Ms CK was back in town and delivered a lightning fast SRM x2 in 25:55. Hence my only way to avoid being beaten became to run longer than her.

Mr Pain would have gotten angry on me here. Knee being too low. (Photo by Christopher Aalholm)

Till next time, Sognsvann. (Photo by Christopher Aalholm)

Next up now is to set a new PB for the SRM x2.

Links
| official pages | results | garmin connect | pictures by aalholm | post by ringom (photos by aalholm) |

Added Security 5 : Encrypting emails


PRISM Break : Encrypt your emails
More PRISM Break information coming up (name inspired by this service). This one is a "how to" on encrypting your emails, which will make it a lot harder for those NSA guys to read what you are writing. The system used as an example is VXG Mail and Windows 7. Note that VXG Mail works the same way as Gmail, since VXG is running on Google Apps. Hence this "how to" can be used for Gmail as well.


Step 1
First download and install Gpg4win. The Windows version of GnuPG, or GPG.
Chose at least "GnuPG" and "Kleopatra", but you might consider other components as well.
And please note that there is no need for "Claws-Mail", as Thunderbird with the Enigmail plugin is far superior.


During installation you will end up seeing the message "Defined trustable root certificates. S/MIME configuration".


Check the "Root certificate defined or skip configuration" and click "Next >" to finish the installation.

Step 2
Next up is to open Kleopatra (installed in step 1), and create your new certificates (assuming you have none from before).


Choose the "Create a personal OpenPGP key pair" option. Click "Next", fill out your name and email address and go into advanced settings to make your encryption as difficult to crack as possible.


Tune the "Key Material" to become as many bits as possible. At the time of writing DSA 2048 bits + Elgamal 3072 bits.

Your certificate details might look something like this:

Name:              Frode Klevstul
Email Address:     youremailgoeshere@somedomain.com
Comment:           Take this, NSA
Key Type:          DSA
Key Strength:      2,048 bits
Certificate Usage: Encrypt, Sign
Subkey Type:       ELG-E
Subkey Strength:   3,072 bits
Subkey Usage:      Encrypt

Step 3
Now you have a public and a private key. The public one you should distribute to the world, like what is done here. There are different ways to do this. Read this article on stackexchange for more details. Or you can just add your public key to your own webpage, like I have done here.

You should take a backup of your secret key. You might also need it if you have several machines where you want to setup secure emailing from. In that case you need to use Kleopatra's "Export Secret Keys" function (right click the certificate you want to export). Note that this file / your private key should NEVER be published for anyone to see. This is for your eyes (and machines) only.

How to keep the private key safe
If anyone gets hold of your private key, they can decrypt your emails. Hence that has to be saved a very safe place. And several places, as if you lose it you are unable to decrypt your messages again. I keep my private key stored while itself also is encrypted. To encrypt my private key I use EncryptOnClick.

Step 4
Next up it to install Thunderbird and the plugin Enigmail. Note that you will find the plugin if you open the plugin page, from inside Thunderbird, and search for it. Then it is one click to install it. When you already have Gpg4win installed encryption is ready to be used.


To send an encrypted and signed massage from Thunderbird is very simple. Just click the pencil and key symbol at the lower right corner. Or chose to sign and encrypt it from the OpenPGP menu.

Note: you need to encrypt the email with the receiver's public key. So you can not send an encrypted email to someone that has not got a public key.


In the IMAP sent folder, in the VXG Mail account, this message is to be found (the encrypted version of the email sent):


Only the receiver of this email can read the content, after it has been decrypted using the receiver's private key. Which only the receiver has got.

Appendix: Claws Mail Bug
I did try installing and using Claws Mail (I installed as part of Gpg4win, see step 1). Which I did configure to use VXG Mail, or what have you got (by the way, a great thing about VXG Mail and Gmail is that you can do IMAP over SSL).

Setting up Claws Mail was pretty easy, but there seems to be a major bug which makes the entire encryption process useless. Claws Mail strangely saves two versions of the email in the IMAP sent folder, one encrypted and one clear text version. No idea why, as it is lame. There might be a setting in Claws Mail to avoid this, but I did not find none.


As you can see above there are stored two versions of each email sent, in the IMAP sent folder. The receiver only gets the encrypted one though, so it all seems very strange. But when a clear text version is saved it is useless. Hence Claws Mail can not be used for safely sending encrypted emails, as far as I can see.

If it was working
If if had worked as planned, below is how to use it.

Compose an email and under "Options" do pick "PGP Mime" as "Privacy System" and chose to sign and encrypt the email.



Note: in case you do not see "PGP MIME" under "Privacy System" you might have to load the plugins "PGP/Core" and "PGP/MIME", under "Configuration > Plugins".


Write your email, and click the "Send" button to start encrypting and sending of your mail. Please note that the subject will not be encrypted, but the main content / body will.


For a normal email client, not supporting PGP, the email will look like this:


Using Claws Mail, it will look like this:


Summary
- So to send an encrypted email to someone, you need their public key. Here is mine one.
- To receive an encrypted email you need your own key pair (private + public keys).
- For a more in depth tutorial please check out this link.

Resources
Gpg4win tutorial by Tim Starling.
Howto Setup OpenPGP Keys.
Sending and receiving encrypted e-mails (on Windows).