Broken YubiKey (@Danw33)

I Destroyed The Indestructible (Borked YubiKey)

Hardware Authentication and Security tokens, like the YubiKey, are a great advance in IT Security; they’re accessibility for individuals and low price point makes it easy to secure your IT services, online accounts, and more using a hardware secure-element that is nearly immune to private key leak or theft.

I’ve been using a YubiKey NEO for nearly a month now and I use it daily, on both my MacBook and my mobile (via NFC). It’s smart-card (PIV/CCID) element has three keys on it, a signing key, encryption key, and authentication key which I use for code, email, and git commit signing, as well as secure-shell (SSH) authentication, and more.

The FIDO U2F component also integrates tightly with my digital world, acting as a second (or in some cases third) factor of authentication for all of my online accounts which support it (right now that’s GitHub, Google, and DropBox to name a few). In combination with the OTP modes available, the YubiKey is very powerful bit of kit!

Crush-Proof, Not Dan-Proof

Before I go on, don’t let me put you offYubiKey’s are awesome! I’m sure alternatives are too, but the YubiKey, and Yubico as whole seriously rocks – read on to find out why).

So there I am, finishing some changes to a large (and unfortunately proprietary) project. I always sign my git commits and outgoing mail, so I plug-in my YubiKey NEO, start the GPG-Agent service, and give my code a quick once-over before committing it.

Sweet! Code looks good, I’ll just grab a drink and then this commit is good to go!

This quickly becomes the story of how I destroyed my YubiKey Neo. I broke the unbreakable.
Nothing is Dan-Proof, something which has been proven time and again.

As I placed my MacBook on the seat of the sofa and began to get up, it slid off the edge, falling only a short distance onto its side. As my luck would have it, that side is the side which I just connected my YubiKey.

Mistakes were made!

Continue reading

Receiving a PGP-Encrypted Mail in El Capitan

OpenPGP: GPGMail on El Capitan (OS X 10.11)

Not all that long ago I wrote a post on how to setup PGP on Mac OS X, and a similar post on PGP Setup for Windows. Since then there have been a number of updates, but one deal-breaker (at least for me) has been Apple’s latest OS X Beta, El Capitan (10.11) which broke GPGMail entirely.

Getting GPGMail working with El Capitan

The latest Alpha release of GPGMail (from the GPGTools suite) is now available with support for the latest Beta version of Apple’s OS X 10.11 El Capitan! Want it? Go get it! Just remember – It’s a nightly release: There are known issues and problems should be expected!

To get setup with the latest Alpha of GPGMail, head over to GPGTools Nightlies and grab the special alpha “GPG Mail for El Captian” release from the bottom of the list:

The GPGTools Nightlies Webpage

The GPGTools Nightlies Webpage

 

Once you’ve downloaded the DMG file, mount it with finder and run the installation. You might want to close Mac Mail before doing so!
The installation will complete, and the familiar GPGTools buttons are back, along with the OpenPGP green button on the top-right of new messages!

GPGMail: Composing a mail on El Capitan

GPGMail: Composing a mail on El Capitan

 

Looking good! The received version has all the usual verification marks, showing that the message (which was Encrypted and Signed using My PGP Key), as you can see below:

GPGMail: Receiving a PGP-Encrypted Mail in El Capitan

GPGMail: Receiving a PGP-Encrypted Mail in El Capitan

 

So now I have OpenPGP functionality restored to my Mac once again thanks to the awesome team at GPGTools, and for an alpha build, it really isn’t all that bad! Hopefully a beta release will be available soon, in the mean time this release will certainly do the trick for me, as signing, encrypting, decrypting, and verifying messages all seems to work without a hiccup.

PS. You can find me on Keybase as Danw33!

Day 1: Working Away
Image

Day 1: 5 B&W Images in 5 Days

Recently my friend and colleague Paul Eaton nominated me to participate in a small photography challenge that has been passing through social media for some time. The challenge is simple; post 5 black and white photographs over 5 days.

See the nomination post

Challenge Accepted!

So without further a do I seek inspiration from Paul’s photo, and decide another angle of the project will be the first of the set.

Day 1: Working Away

Day 1: MacBook on Desk

View on Flickr

Image License: CC BY-NC 2.0