syncom

Steps for setting up k3s on Ubuntu 20.04.2 on Raspberry Pi 4 Cluster

We use three Raspberry Pi 4's (RPI4's) for the setup. One of them is used as the control plane, and the other two are used as workers.

1. On all three RPI4's, snstall Ubuntu server 20.04.

   • Follow these instructions
   • Assign static IPs to these RPI4s (via router's DHCP settings), call them rpi4-k8s-ctrl, rpi4-k8s-wkr00, and rpi4-k8s-wkr01, respectively, and add them to /etc/hosts for all three RPI4s as well as the PC used for the setup

2. On all three RPI4's, enable cgroup (reference)

syncom

Simulate Truncated MD5 Digest Collisions for a Data Set

On a single core

#!/usr/bin/env python3

'''Simulate the number of truncated hash (MD5) collisions for a data set.

data set size: num_records

syncom

How to Distribute Password Halves for Separation of Duty

Problem:

We have 5 passwords: a, b, c, d, e. It needs exactly two distinct passwords to open a safe. Each of the passwords is split into two halve - a prefix and a suffix. Let them be

    a1, a2; b1, b2; c1, c2; d1, d2; e1, e2

syncom

Mutt (or NeoMutt) with Gmail and GPG, Mutiple Accounts

This note describes how to set up the Mutt or NeoMutt email client to work for Gmail and GnuPG, for two Gmail accounts. The method can be trivially extended to more than two accounts. The configuration should work for both macOS and Linux.

Software versions

syncom

LSS-NA 2019 Day 3 Tutorial: How to Write a Linux Security Module

This is the note I have taken during the tutorial session "How to Write a Linux Security Module" by Casey Schaufler, at the Linux Security Summit North America 2019.

• Why do you want to write a Linux security module?
• When is Linux security module the right choice?
• Add access control restrictions

syncom

The why and how of libseccomp

This is my Linux Security Summit North America (LSS-NA) 2019 note taken in Day 1 tutorial session "The Why and How of libseccomp" by Tom Hromatka, Oracle & Paul Moore, Cisco.

• Why libseccomp
  • Focus on containing bugs and limiting the risks - what mitigation is for
• system hardening, access controls, and syscall filtering (libseccomp)

syncom

How to build ipsec-tools (racoon) on Ubuntu 18.04 with ASan

This note describes how to build ipsec-tools (racoon) obtained from the Android repository (https://android.googlesource.com/platform/external/ipsec-tools/) on a Ubuntu laptop machine (Dell XPS 13). The system used for this work is Ubuntu 18.04.2 LTS: uname -a gives

syncom

The Goal-Threat-Mitigation (GTM) Method for Documenting Security Risks

The Goal-Threat-Mitigation (GTM) method is a framework for documenting security risk analysis (SRA). It is meant to be simple, scientific, and yet scalable with respect to the size of the scenario to analyze. The artifact of GTM is a document/write-up that consists of the following sections.

1. System overview (or scenario description)

This is where we define the problem space, describe the use case

syncom

How to Create QEMU ARM Guest on x86_64 Linux Host

This document describes how I created a QEMU ARM (A32) guest on an x86_64 host (Ubuntu on Dell XPS developer edition). The process relies heavily on the arm_now tool. The commands are as follows.

Install dependencies on host Ubuntu machine

mkdir arm-qemu

syncom

This short memo gives instructions on how to build the Microsoft Research's Simple Encrypted Arithmetic Library (SEAL) using LLVM/Clang, and also with the Clang Static Analyzer for software quality/security assurance.

The SEAL Library

The SEAL Library can be downloaded at its website http://sealcrypto.org (it redirects to a Microsoft page). The version of SEAL we use for this demonstration is SEAL_v2.3.0-4_Linux.tar.gz (available at https://www.microsoft.com/en-us/download/details.aspx?id=56202).