Sunday, November 24, 2013

Secure your online files with asymmetric encryption

One of the greatest benefits of asymmetric encryption is that it allows you to keep encryption and decryption keys separate from each other. In other words, the key, which was used to encrypt the data cannot be used to decrypt it.

Why is that useful? Imagine you are running online backup. Pretty much every online backup facility allow you to generate your own encryption key, but this key is symmetric. Which means, that attacker could take your computer and extract that key. Another scenario: lets imagine one is archiving recordings from a security camera, and does not want government to be able to view those recordings without his consent (yes, this is about NSA). If symmetric key, such as password is used, it is possible to confiscate the device, and all files will be as good an unencrypted.

However, when files are encrypted using asymmetric encryption, this problem is mitigated by supplying public key to device and keeping private key safe. Public key will be used to encrypt data, but it will not be possible to decrypt data with it. This way government, malware, or hackers could pwn your computer, but they will not have the private data.

I recently was struggling to find a tool, which allows me to do just that. Part of the problem is that with widely popular RSA algorithm, only a very small amount of data could be encrypted. Also, encrypting data with RSA is very slow. It is therefore necessary to chain RSA to a symmetric algorithm, such as AES to get the best of both worlds. This is how your browser protects the session.

As I mentioned before, I couldn't find the tool to perform such task online. I therefore decided to write one myself. It is a console application, code of which could be found here: . It is a console application, and it has four modes of operation:

  1. Generate key
  2. Extract public key which you could then use on untrusted machines
  3. Encrypt using public or private key. Obviously, it makes sense to use public key at this point. The tool will nicely pack all necessary data into a single file
  4. Decrypt. Naturally, this will only work if you have private key.
If you find this tool useful, I would be curious to know how you use it. Please post your use case here. I could also use some support, if you got some bitcoins you wish to tip me with, I will gladly accept at 175iyCxfHoD76GaL2Ms3MN8Qhrwe2R6U2r.

Tuesday, September 10, 2013

I am REALLY sick of junk mail

I feel for USPS for losing money, I really do. Mainly, because it's my money that they are losing. But their methods for getting them back are mildly speaking unacceptable.

Every week I'm getting pile of crap, which I have to dispose, which USPS is being paid for. Not just that, but the others are on the wagon. "To current resident". "To our friends". Who the hell is your friends? I'm anything but a friend to annoying spammer.

The biggest problem here, aside from annoyance is that someone makes $$$ by wasting other people's time. That really is a form of theft. Even though it's not illegal, they do waste time of many-many people, and none of them is compensated a dime. But someone does pocket a check for that activity, otherwise it would not be going on.

To add insult to injury they started bulk-mailing me newspaper-print magazines, which cannot even be conveniently carried to a trash box, because they shed the leaflets, like it's fall here. Or, maybe it is fall, I don't give a damn, they are not birches anyway.

So, I print a sticker and put it into a mailbox, which asks postman (politely) to stop dropping junk into my mailbox. The next day - another magazine.

Here's what I'm going to do next: I printed a bunch of labels, which I'm going to carry with me in my car at all times now. Every piece of junk will get one and go straight back to the outgoing mailbox:

Sender: This household charges for disposal of the unsolicited 
mail. Stop mailing us junk. By continuing to send unsolicited 
mails you agree to be billed up to $50 per page.

Do I expect anyone to pay $50/page? No. I expect postman to get annoyed and stop delivering junk to me. But maybe some of the "advertisers" get the message as well.

If you feel the same way as I do, go ahead, download the PDF, or the ODT, print the stickers and go ahead send the message to your local spammers. They are for Avery 48862 templates, the cheapest one I could get in walmart.

Saturday, February 2, 2013

Fix HDMI Overscan without Catalyst

If you hook up your screen using HDMI cable, you will often get annoying borders and distorted graphics due to so-called "overscan". This technology is used with screens that were produced somewhere around stone age and use CRT technology. CRT tube will cut off sides from the picture, effectively removing all or some of taskbar and start menu. Hence, to compensate for that, they artificially squeeze picture to make sure all of it fits. Usually, overscan will eat up to 15% of the screen.

Screens produced after stone age usually have LCD panels with exactly as many pixels as they can display, so the overscan technology is no longer needed. But for compatibility, manufacturers still support it and even make it default.

Micrtosoft supplies drivers for my ATI graphics card. I really do not want any other software. Only thing I must have which they don't let me configure is disable annoying overscan. I found this article, which didn't help me, but gave me an idea what to do:

  1. Go to regedit, navigate to HKLM\SYSTEM\CurrentControlSet\Control\Video.
  2. Locate a GUID with 0000, 0001, 0002 entries that has a bunch of values underneath
  3. Set following values:
    TVEnableOverscan: DWORD = 0
    DigitalHDTVDefaultUnderscan: DWORD = 0

Screenshot of my regedit
I didn't have DigitalHDTVDefaultUnderscan in that registry key, so I had to create it. Once I crated it and rebooted, screen which was connected to HDMI started working properly.

Tuesday, January 15, 2013

Fix Proximity Sensor on Samsung S III

I recently swapped a screen on my S3 using heat-and-unglue method, and I have been mostly satisfied with results, except for one thing: when I call someone, screen was going dark and never turning back on, so not only I could not press any buttons on the phone, but there was not even a way to hang up.

Needless to say, I was unhappy.

I figured out what happens using xda-developers. Apparently, the phones have so-called "proximity sensor", which they use to determine if you are holding the phone next to your ear. When you cook it during lens swap, or when the screen is generally dirty, you get it to misfire.

Proximity Sensor

You can test what proximity sensor thinks about the distance by enabling hidden menu (enter number *#22745927 in dialer), then *#0*#, then click on "Sensors". Look the number in "Proximity Sensor" section, and see how it changes when you bring your hand close to the sensor. When ADC is less than 14, proximity is zero, after that it is one.

My sensor was always showing ADC of 16 or more. That is the problem, which I could not fix even by replacing sensor. I was able to get ADC down to 12, but this barely worked, because a hand even near a phone, while in the call caused screen to turn off, which is annoying to say least. I compared it with my wife's SIII, and it was 1 to 2, depending on lighting, so the problem was clearly in the sensor. But I had a new one!!!

After several days of looking for solution, I got an idea. There are two openings. It is probably because light is emitted from one opening, and (when your ear is close to the phone) gets reflected into a second one. What could go wrong? Screen could be slightly dislocated, and then the light will hit the dark spot between openings and get reflected into receiver, even when no ear is close to the sensor. How could this be resolved? Apparently very easily: put some black rubber paste or dough in between emitter and receiver, and the light will be blocked.

This solution worked for me so amazingly well, that I decided to publish some pictures, demonstrating the process.

Unscrew the last one and carefully pry out the sensor

Put some BLACK paste or dough. NOT TOO MUCH!!! Make sure you don't  smear any on the windows

Your mileage may vary, but after I reassembled the phone, ADC stays around 2 at all times. It is amazing. I was expecting a small effect, but the problem was gone completely.

PS: Oh, and for what it's worth, here's the compound I used to separate light from receiver. As I said, you can be good with probably just about anything, this just happened to lay around.