Skip to content

Instantly share code, notes, and snippets.

Avatar

Lance R. Vick lrvick

View GitHub Profile
View gist:13c7121cc3077d836eb536111bc40cb8
func generatePassword(length int) string {
const CharSetIAMPassword = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012346789!@#$%^&*()_+-=[]{}|'"
charSetLength := len(CharSetIAMPassword)
rand.Seed(time.Now().UTC().UnixNano())
result := make([]byte, length)
for i := 0; i < length; i++ {
result[i] = CharSetIAMPassword[rand.Intn(charSetLength)]
}
return string(result)
}
@lrvick
lrvick / pinrot.sh
Created Jul 27, 2021
Rotate PGP pins on yulbikeys automatically and randomly ant encrypt to multiple recipients.
View pinrot.sh
#!/bin/bash
set -e
export LC_ALL=
export LANGUAGE=en
function gpg_env(){
GNUPGHOME=$(mktemp -d -p /dev/shm/); export GNUPGHOME
echo "pinentry-mode loopback" >> "$GNUPGHOME/gpg.conf"
@lrvick
lrvick / secure_crypto_asset_custody.md
Last active Aug 6, 2021
Secure Crypto Asset Custody Requirements
View secure_crypto_asset_custody.md

Secure Crypto-Asset Custody

Summary

This document seeks to outline a broad set of requirements for crypto-asset custodians based on lessons learned from historical failures to understand and remove attack surface.

It will also assume that not everyone has equal resources or equal risk and as such four incrementally harder security levels to that effect, depending on

@lrvick
lrvick / tasks.yml
Created May 18, 2021
Mac Ansible management example
View tasks.yml
---
- name: Check if Previously Run
stat:
path: /var/log/ansible.log
register: ansible_logfile
- name: Enable FileVault2
filevault: enabled=true
become_user: root
@lrvick
lrvick / format.sh
Created Apr 7, 2021
Format/partition raw disks without root.
View format.sh
dd if=/dev/zero of="disk.raw" bs=512 count=102400
mformat -i disk.raw@@1024K -h 32 -t 32 -n 64 -c 1
mmd -i disk.raw@@1024K ::EFI
mmd -i disk.raw@@1024K ::EFI/BOOT
mcopy -i disk.raw@@1024K /out/boot.efi ::EFI/BOOT/BOOTX64.EFI
dd if=/dev/zero of="root.raw" bs=512 count=307199
mkfs.ext4 -N 0 main.raw
cat root.raw >> disk.raw
truncate -s "+850M" disk.raw
parted disk.raw \
View usb-boot.patch
diff --git a/initrd/bin/gui-init b/initrd/bin/gui-init
index 1369ed1..f576a8e 100755
--- a/initrd/bin/gui-init
+++ b/initrd/bin/gui-init
@@ -13,21 +13,26 @@ first_pass=true
mount_boot()
{
-
+
@lrvick
lrvick / propaganda.md
Last active May 7, 2021
#! propaganda - External media or resources that have influenced or validated our culture in terms of security, privacy, or digital sovereignty.
View propaganda.md

Movies & Documentaries

  • The Social Dilemma (2020)
  • American Selfie (2020)
  • Snowden (2016)
  • Hackers
  • The Matrix
  • Sneakers

Games

  • Deus Ex
@lrvick
lrvick / github-troll.md
Last active Apr 18, 2021
Trolling Github's DMCA repo with their own security flaws.
View github-troll.md
View diff.txt
--- iso1
+++ iso2
├── isoinfo -l -i {} -R
│ @@ -1,11 +1,11 @@
│ Directory listing of /
│ dr-xr-xr-x 3 0 0 2048 Oct 16 2020 [ 29 02] .
│ -dr-xr-xr-x 2 0 0 2048 Oct 16 2020 [ 29 02] ..
│ +dr-xr-xr-x 3 0 0 2048 Oct 16 2020 [ 29 02] ..
│ dr-xr-xr-x 3 0 0 2048 Oct 16 2020 [ 30 02] boot
View gist:83782b75801c6de6d48bac856c7888ae
--- rc11-a/airgap_x86_64.iso
+++ rc11-b/airgap_x86_64.iso
├── isoinfo -l -i {} -R
│ @@ -1,11 +1,11 @@
│ Directory listing of /
│ dr-xr-xr-x 3 0 0 2048 Oct 14 2020 [ 29 02] .
│ -dr-xr-xr-x 3 0 0 2048 Oct 14 2020 [ 29 02] ..
│ +dr-xr-xr-x 2 0 0 2048 Oct 14 2020 [ 29 02] ..
│ dr-xr-xr-x 3 0 0 2048 Oct 14 2020 [ 30 02] boot