Adventures in Crypto Land: Installing MuscleApplet on a ‘Gemalto TOP IM FIPS CY2′ (Cyberflex Access 64k v2) Smart Card
This is an esoteric bit of knowledge which has unfortunately disappeared from the internet, as far as I can tell. (It was formerly hosted at http://www.dseven.org/twiki/bin/view/Stuff/SolarisSmartCard)
Here’s the gpshell script to install MuscleApplet on a ‘Gemalto TOP IM FIPS CY2′ (Cyberflex Access 64k v2) Smart Card:
mcardInstallFormat-CyberFlex64kV2c.txt
Subject is thirsty: dispense beverage
This is a picture of me, which isn’t photoshopped, believe it or not.
A truck parked next to my window and my coworker took a picture.
It looks a bit like I’m studying someone from a control room or a tiny floating space ship. :p
Games I’ve Played
Recently I’ve noticed that I’ve acquired a lot of games and just forgot to play them, leaving them to collect dust, so in an effort to keep track of the games I want to play, I’ve created a game experience list.
Read more…
Adventures In Crypto Land Part 1: Setting up my Aladdin eToken PRO 32k on Linux
Ever since I discovered public key cryptography can be used for authentication and e-mail privacy, I’ve been itching to use it, but one thing always held me back. I feared that the possibility existed for a hacker to secretly breech my personal computer, copy out the sensitive private key, and spy on my communications or emulate my authentication with impunity, while I remained blissfully ignorant. Passwords were no better, but I never thought setting myself up with private key authentication and privacy was going to be worth the hassle of carefully guarding my private key.
My prayers were answered when I discovered smart cards (And their USB equivalent, the ’security token’). These nifty little devices interface with your computer, but they keep your private key secret, and perform all the decryption and cryptographic signing themselves. At no point, even during a cryptographic operation will the private key become known to the computer. Perfect!
The problem is that the software needs to know how to cooperate with the token in order to make use of the well concealed private key, and I’ve been waiting a long time for Linux software utilizing this technology to mature to a usable point. After an experience with a brute force SSH attacker at work, I’ve decided that time had come. So, I set out to achieve the following goals:
The Daniel Benoy Weblog Lives Again
This site is back up now after a lengthly hiatus. I was motivated to bring it down months ago because was fed up for a with Wordpress (Specifically the spam and security vulnerabilities), and I decided to shut off my blog, formerly entitled ‘The Daniel Benoy Weblog’. I wanted to give the software some time to mature, and I wasn’t truly happy with the theme of the site, which was to just jot down anything that came to my mind whether it had any kind of public appeal or not.
Well, I’m back now with a fresh look and a fresh version of Wordpress, and I’ve learned a few things from my last time around. I’ve decided to limit my posts to things I’ve put more thought into, and taking my time between posts to get things right. Also, this site will serve as more than just a weblog. I’m going to use it as a point of contact to share information with my friends and family (For example, sharing photos, contact information, resumes). So I’ve renamed the site to “The Daniel Benoy Homepage” to better reflect its new purpose.
Welcome back, and thanks for visiting.
Your friend,
Daniel Benoy