NIS2 directive introduces new
"Cybersecurity risk-management measures" where it states:
"(j) the use of multi-factor authentication or continuous authentication solutions, secured voice,
video and text communications and secured emergency communication systems within the entity, where appropriate."
What is your "secured emergency communication system within the entity" ?
FIDO2 & LUKS
Noted down how LUKS can be supported by FIDO2 token.
OOB Comm
OOB-Comm is now implemented for reTerminal, Pinephone and RPi400.
Video of Comms
Small video of my Out-Of-Band comms running on Pinephone.
DFIR Comms
Been working with my firmware image for Pinephone. Aim is to have
out-of-band communication capability in denied networks or areas.
So no distribution, just plain booting Linux 'firmware' with QT/QML
user interface. Payloads currently supported: voice and messages.
SSH with FIDO2 key
Continuing experimenting with my FIDO2 key and just found out that
ssh keys can be generated with and in FIDO2 usb token.
Found thesetwo
post regarding this issue and they work good. Generating SSH key with my FIDO2 Nitrokey allows me
to take key with me to my laptop and issue command:
ssh-add -K
And my SSH key is usable for that session. No more key copying and storing on disk.
FIDO2 for LUKS
Setting up fido2 token to open luks encrypted mount on Fedora 37 was
surprisingly easy:
After this my thinkpad asks fido2 + pin code to unlock luks partition. Source is from this post.
WebUI
Been experimenting with Web UI with websocket connection to backend. All activity
on this screencast is run on background shell script and data is exchanged via
websocket connection to javascript in UI.
Off the grid
From Polar to Casio. From LTE to Iridium.
Secure file transfers
Been working with secure file transmission.
Submitted WiP paper last week
Managed to submit that paper. Bit too broad subject but let's see if any feedback surfaces.
Middle east sunset
Extract from personal photos, evening in middle east.
Chinese researchers claim to find way to break encryption using quantum computers
Financial Times
article about breaking RSA 2048 with quantum computer. Research paper is here.
Country wide network outage
We had yesterday country wide outage of mobile & fixed network. Things
get sorted out pretty quickly but this serves a good reminder - what if?
Most confusing part is that they don't yet know - what caused it.
Working with paper
Been working with paper about resilient platforms and out of band
communication. Stay tuned.