crypto from the trenches - #31c3

Sat Dec 27 14:26:25 PST 2014

"I don't have a revocation key or a subkey" - admission of guilt?

this is sane practice compared to lesser alternatives of:
 - using revocations keys or subkeys improperly, leading to
vulnerability or loss of access (denial of service)
 - not using crypto at all, out of frustration.
 - using non-end-to-end encryption, out of frustration.

and in fact, if you have good operational controls and understanding,
with defense in depth, this is a reasonable solution.

---

one minute ago i mention my contempt for email in general, and my
special contempt for encryption over email. (see list archives and
threads by others :)

VLC works best on SD streams:
 rtmp://rtmp.stream.c3voc.de:1935/stream/s1_native_sd ,
            rtmp://rtmp.stream.c3voc.de:1935/stream/s2_native_sd ,
            rtmp://rtmp.stream.c3voc.de:1935/stream/s4_native_sd ,
            rtmp://rtmp.stream.c3voc.de:1935/stream/s3_native_sd

 web view is:
  http://streaming.media.ccc.de/saal1
  http://streaming.media.ccc.de/saal2
  http://streaming.media.ccc.de/saal6
  http://streaming.media.ccc.de/saalg

 i watched watching http://ecchacks.cr.yp.to/ on
 rtmp://rtmp.stream.c3voc.de:1935/stream/s1_native_sd and it was
flawless. this stream also flawless so far, on continuous feed over 3G
on Android VLC.

---

in addition to their report of hour for GPG over Email,

i see 15-20 min for Tor Browser and Of-the-Record plugin to Onion XMPP
on average.

also 20min for Qubes minspec setup:

### Custom CoreBoot Qubes FDE boot:

### Boot command, at grub> prompt, type:

  configfile (ahci0,msdos1)/grub2/grub.cfg

### At disk passphrase prompt, type:

aMiosowahcieFo2aLiewaibidoor4lie wae7ugaiFua5Yeushah3ahV6goowooyo

### When the graphical desktop starts, the user account password is:

  sunlight

### You will also need this password to unlock the screensaver if idle too long.

DONE.
 You will now be in the Qubes R2 Desktop Environment!

---

# Launching Document Editor
 1. Open the Qubes Quick Launch Menu at lower left.
 2. Select "Domain: editor" for the apps available in this VM.
 3. Then click "editor: LibreOff..." to launch Document Editor (Libre Office)

# Launching File Browser
 1. Open the Qubes Quick Launch Menu at lower left.
 2. Select "Domain: editor" for the apps available in this VM.
 3. Then click "editor: Files" to launch File Browser.
 NOTE: The File Browser is also how you can see mounted USB devices
       and also where to copy files back and forth, or just explore.

# USB Storage
 1. Plug in the USB device. Ignore the message notifications at lower right.
 2. Locate "Qubes VM Manager" Window. If you close by accident, re-launch.
 3. In "Qubes VM Manager" Window Menu, select to highlight "editor" VM
as row / item.
 4. Right-click on editor for VM menu, select -> "Attach/detach block devices"
 5. In the "Attach/detach" submenu, you should see your device listed.
      for example, "Attach: dom0: sdb 1863 GiB ST20000LM003_HN..."
 6. Click this option to attach storage.
 7. Launch "editor: Files" command, then select attached device at left sidebar.
      for example, "2.0 TB Volume"
 DONE!

# To Shutdown, you should always shutdown "gracefully" to avoid file
system issues.
 1. Open the Qubes Quick Launch Menu at lower left.
 2. Select "Leave" menu options, then "Shut down"
 3. Confirm the shut down prompt, or wait 30 seconds.

# Launching the "Qubes VM Manager"
 1. Usually started by default, it can be re-started if closed.
 2. Locate the System Quick Launch Menu at lower left. It is a blue Qubes icon.
 3. Open Launcher menu, then "System Tools" option.
 4. From "System Tools" menu, select -> "Qubes VM Manager"