Profile

Cover photo
Aaron Toponce
Works at XMission
Attended Weber State University
Lives in Suracuse, UT
2,455 followers|1,095,357 views
AboutPostsPhotosYouTube+1's

Stream

Aaron Toponce

Shared publicly  - 
 
Wow. I haven't laughed this hard in a long time.

https://gifsound.com/?gifv=tp2yJSW&v=6MYAGyZlBY0
1
Add a comment...

Aaron Toponce

Shared publicly  - 
 
Looking at cellular automaton as a possibility for PRNGs. Criteria:

1. The rule must not be biased.
2. The rule must be a Class 3 rule from elementary 1D cellular automata.
3. The initial generation must be "random".

Upon initial inspection, if the initial generation has a pattern, the pattern will exist in each generation. However, it's unclear if a pattern can be determined in any given column. Stephen Wolfram claims that the center column of Rule 30 is as random as true random events found in nature. That needs to be tested, and it remains to be seen if the other rules can also be random.

Rules shown: 30, 45, 75, 90, 105, & 150. Mirrors, complements, and complemented mirrors are not shown.
1
Add a comment...

Aaron Toponce

Shared publicly  - 
 
I was watching https://qrng.anu.edu.au/RainCol.php and thought, I bet I can implement this in the shell.

$ while sleep .01; do printf "\e[48;5;$(($(od -d -N 2 -A n /dev/urandom)%$(tput colors)))m \e[0m"; done

Looks best in shells that support 256 colors.

#unix   #bsd   #gnu   #linux   #randomart
6
1
Aaron Toponce's profile photoFred Richards's profile photo
2 comments
 
Actually, the screen shot is showing /dev/ttyACM0, which happens to be a TRNG that I have plugged into a USB port.

I take a screenshot of my workstation when I lock it, and set a blurred version of the screenshot as my locking background image. Both the original screenshot, and the blurred image, are calculated with SHA-256, and appended to a SHA256SUMS file. That file is then sent to /dev/random to reseed the kernel CSPRNG.

So, in other words, every time I lock my workstation, the kernel CSPRNG is reseeded. I'm thinking that I can add, maybe 20-30 colored bars to my status bar with a script, that is always updating. Then, every time I take a screenshot, I can guarantee that there is some entropy in the image.

</nerd>
Add a comment...

Aaron Toponce

Shared publicly  - 
 
I submitted a bug to the Chromium project (#552749) that window.crypto.getRandomValues() was not using a cryptographically secure PRNG (Web Crypto API). It was using arc4random (RC4), which has been demonstrated to be weak, with biases.

The bug was fixed just a few hours back, and arc4random was stripped from the source code. Now Chromium/Chrome will use the operating system's CSPRNG directly (SHA-1 for GNU/Linux & Android, Yarrow for Mac OS X & iOS, and AES-CTR for Windows).

https://chromium.googlesource.com/chromium/src.git/+/9224aa4826d29930a8194a58dfd7170411bfc672
Remove blink's use of RC4 for random value generation. This re-implements Blink's random number generator (wtf::cryptographicallyRandomValues) in terms of calling crypto::RandomBytes() directly, rather than using an ARC4 keystream that periodically stirs in system randomness.
4
Add a comment...

Aaron Toponce

Shared publicly  - 
Girl makes Diceware passwords, rolled with real dice, written by hand, sent by mail.
9
Lutz Donnerhacke's profile photoAaron Toponce's profile photo
2 comments
 
+Lutz Donnerhacke I'm not the targeted customer. I know how to generate passwords with sufficient entropy. I'm supporting an 11 in her adventure.
Add a comment...

Aaron Toponce

Shared publicly  - 
 
If my calculations are correct, when this baby hits 88 miles per hour... you're gonna see some serious shit.
5
Add a comment...
Have him in circles
2,455 people
Cheryl Whitlock's profile photo
daniel dodoo's profile photo
Dennis Appelon Nielsen's profile photo
Antonio De Luci's profile photo
kwaza Racheal's profile photo
Luca Palatossi's profile photo
Michael Mahlangu's profile photo
Nathan Handler's profile photo
Ana Mariamachado's profile photo

Aaron Toponce

Shared publicly  - 
 
Christmas village complete with auto-reversing UTA model train. https://youtu.be/s5iFRgovYTY
6
Add a comment...

Aaron Toponce

Shared publicly  - 
 
I just released my #GnuPG private key publicly on my blog. Am I crazy, or are we being just a bit too paranoid in the whole PGP community?

https://pthree.org/2015/11/19/your-gnupg-private-key/
This post is inspired by a discussion in irc://irc.freenode.net/#gnupg about Keybase and a blog post by Filippo Valsorda. I was curious just exactly how my private key is encrypted. Turns out, gpg(1) can tell you directly: $ gpg --output /tmp/secret-key.asc --export-secret-keys ...
8
5
Rui Seabra's profile photoChristian M. Grube's profile photoGeorg Greve's profile photoDaniel Maslowski's profile photo
5 comments
 
But I thought that protecting your private key is the most important job you have to use GnuPG correctly. More important than using it, right? I was planning on using it regularly just as soon as I finished my deadly maze in the sub-basement where my offline signing laptop will be stored, or as soon as i figured out using sub-keys without breaking signatures and standing my keyring on its head.

So instead I can just have a really strong random passphrase and always wear my aluminum foil hat to keep it safe from the mind readers? Super!
Add a comment...

Aaron Toponce

Shared publicly  - 
I have been a long proponent of OpenPGP keys for a way to communicate securely. I have used my personal key for signing emails since ~ 2005. I have used my key at dozens and dozens of keysigning parties. I have used my key to store account passwords and credentials with vim(1), Python, ...
4
Add a comment...

Aaron Toponce

Shared publicly  - 
 
I wanted to see how Perl's "Data::Password::Entropy" compared to Dropbox's "zxcvbn" entropy estimator. So, I created 50 passwords pulled from a set of exactly 32-characters using /dev/urandom. Each password is 16-characters long. This means each password has exactly 80-bits of entropy. How do the two libraries compare? See the pastebin.

http://ae7.st/p/4xf
A quick, simple, multi-purpose pastebin.
2
Aaron Toponce's profile photo
 
More stats: http://ae7.st/p/9q8
Add a comment...

Aaron Toponce

Shared publicly  - 
 
The amount of EPIC in this parody cannot be over estimated.

https://www.youtube.com/watch?v=SYRlTISvjww

#linux   #sysadmin  
3
Add a comment...

Aaron Toponce

Shared publicly  - 
 
You know the iOS lockscreen bypass that has plagued Apple since iOS 5? Yeah, turns out it might actually be a deliberate backdoor.

https://www.eff.org/deeplinks/2015/10/apples-eula-gives-it-license-invade-your-privacy-government-claims
When you buy a book, the government can’t demand the publisher or bookstore turn over the notes you’ve written in the margins. But in a case in the United States District Court for the Eastern District of New York, the government is currently arguing that the way Apple licenses its software to users means that people don’t actually own their copy of code that powers their iPhones, and thus the company can be ordered to bypass the lock screen in o...
2
1
BJ Cardon's profile photoBen Preston's profile photo
 
The sad thing is that the auto industry does just what Apple claims as nonsense and has for years.
Add a comment...
People
Have him in circles
2,455 people
Cheryl Whitlock's profile photo
daniel dodoo's profile photo
Dennis Appelon Nielsen's profile photo
Antonio De Luci's profile photo
kwaza Racheal's profile photo
Luca Palatossi's profile photo
Michael Mahlangu's profile photo
Nathan Handler's profile photo
Ana Mariamachado's profile photo
Work
Occupation
Senior Linux Systems Administrator
Employment
  • XMission
    Systems Architect, 2012 - present
  • Beyond Oblivion
    Systems Engineer, 2011 - 2011
  • SAIC
    Systems Administrator, 2009 - 2011
  • Guru Labs
    Instructor, 2007 - 2008
  • introPLAY
    Web Application Architect, 2007 - 2007
  • Venture Data
    Data Miner, 2005 - 2007
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Suracuse, UT
Previously
Ogden, UT - Layton, UT - Toronto, Ontario, Canada
Story
Tagline
Storage architect, cloud engineer, system administrator.
Introduction
I'm a Debian GNU/Linux user for all my computers as my main operating system of choice. I'm an advocate of Free Software and find proprietary software and software patents evil.

I am a Applied Mathematics major and Computer Science minor, with an emphasis towards software engineering. I study Cryptography as a hobby. In my spare time, when I'm not on computers, I'm with my family hiking, playing games or watching movies.

Professionally, I'm a Linux and Unix Systems Administrator for a local ISP. I maintain hundreds of servers, both physical and virtual, help maintain and engineer the network, several VLANS, and much, much more.

Last, but certainly not least, I am an Amateur Radio enthusiast. My callsign is a vanity call, AE7ST. It's super short on CW (reasonably short, at any event), has a good ring to it, and is one of the few 2x2 calls available. Check me out at http://ae7.st.
Education
  • Weber State University
    Mathematics, 2011
  • Weber State University
    Computer Science, 2011
Basic Information
Gender
Male
Apps with Google+ Sign-in
  • TransPlan
  • TwoDots
  • Glypher
  • Interlocked
Aaron Toponce's +1's are the things they like, agree with, or want to recommend.
Swimming Coach
market.android.com

We now have a facebook page! Please like us on facebook and rate our app on Google Play!Application for swimmers and coaches who want to rec

Arch Linux
plus.google.com

A simple, lightweight GNU/Linux distribution

Angry Birds Rio
market.android.com

The most exciting of avian adventures continues! What happens when everybody's favourite fierce fowl get caged and shipped to Rio? They get

Waze social GPS traffic &amp; gas
market.android.com

A cool social GPS driving and navigation app that connects you to other drivers.Waze is a fun, community-based traffic &amp; navigation app, 30

Angry Birds
market.android.com

Use the unique powers of the Angry Birds to destroy the greedy pigs' fortresses! The survival of the Angry Birds is at stake. Dish out reven

Barcode Scanner
market.android.com

Scan barcodes on products then look up prices and reviews. You can also scan Data Matrix and QR Codes containing URLs, contact info, etc. A

Angry Birds Seasons
market.android.com

Angry Birds Seasons: Wreck the Halls! Angry Birds Seasons: Wreck the Halls! It's the most wonderful time of the year, but the pigs are up t

Coffice
market.android.com

Coffice enables reading of ISO Oasis OpenDocument (ODF) files.Based on the Calligra Suite that is used in MeeGo and shipped as default with

Go Uninstaller
market.android.com

Go Uninstaller is a convenient tool to view GO series apps installed. You can quickly uninstall GO series apps and their add-ons you do not

10 cool things you can do with Wolfram Alpha and Siri
www.tuaw.com

Steve Sande and I have been collaborating on \"Talking to Siri,\" an ebook that just recently hit the Kindle store. It's a how-to that will

Status of GNOME 3.0 in Debian
www.0d.be

Status of GNOME 3.0 in Debian. Up-to-date in testing; Up-to-date in unstable; Up-to-date in experimental; Not up-to-date, lagging by a minor

Yaaic
market.android.com

Yaaic (Yet Another Android IRC Client) is an Internet Relay Chat (IRC) client.Some of the features: * multi-server/channel support * SASL su

Angry Birds Space
market.android.com

The #1 mobile game of all time blasts off into space! ALL NEW ANGRY BIRDS GAME FROM ROVIO -- the #1 mobile game of all time blasts off into

Daylight Saving Time Explained
www.youtube.com

A brief history and explanation of the annual madness that is daylight saving time from http://blog.cgpgrey.com/daylight-saving-time-explain

Irssi
plus.google.com

The Client of the Future

Like vs Plus
likevsplus.com

Let the battle begin! facebook like vs google plus one