Here’s my daily view for seven hours a day for the next little while, as I’m part of the inaugural cohort of UC Baseline, the 5-week cybersecurity training program from Tampa bay’s security guild, The Undercroft:
Last week was devoted entirely to the “Hardware 101” part of the program. Here’s a video summary of what happened that week, and Yours Truly’s in a fair bit of it:
This week is “Networking 101”, which is all about how the bits gets transferred across wires and air to our hardware.
One of the exercises is making our own Ethernet cables. I can do it — just, very, very slowly…
We spent a good chunk of time setting up virtual LANs on our individually-assigned Cisco Catalyst 3750 programmable 48-port switches (alas, we don’t get to keep them), hooking up our Raspberry Pi 4 boxes (which we do get to keep) to them, and wiring our VLANs together via trunks:
It’s a strange world, where IOS doesn’t Apple’s refer to “iPhone Operating System” — part of my usual stomping grounds as a developer — but in the world of network administration, it’s Cisco’s Internetwork Operating System:
This is way outside my normal experience with networking, which I do at the application level, where I deal with data structures like arrays, dictionaries, base64-encoded data, and maybe the occasional data stream. This is the world of packets, frames, switching, and routing. I would still probably ruin a server room if left in charge of it, but after this course, I’d ruin it less.
I do have a refreshed generalized concept of what happens at the lower levels of the network, and that’s the important thing for me and the sort of work that I do.
I’m often asked about how public-key cryptography (a.k.a. asymmetric cryptography) works. The concept of private keys and public keys isn’t an intuitive one. A couple of years back, I spent some time trying to come up with an analogy that was layperson-friendly and memorable.
Regular readers of this blog are probably aware that I’m in week two of a five-week cybersecurity course called UC Baseline offered by Tampa Bay’s security guild, The Undercroft. The topic of generating keys for SSH came up, and not all of us are familiar with public key cryptography. This article should help!
The special box
Imagine a box with a special lock, as pictured below:
The lock has three positions:
When the lock is turned to the “9:00” position, the box is locked, and its contents are inaccessible.
When the lock is turned to the “12:00” position, the box is unlocked, which means you can open it and view its contents.
When the lock is turned to the “3:00” position, the box is locked, and its contents are inaccessible.
The lock’s position can be changed by two kinds of keys. The first type of key belongs to the owner of the box, and is thus called the private key:
The private key fits the lock, but it has a special limitation: it can only turn the lock clockwise — from 9:00 to 12:00, or from 12:00 to 3:00. It doesn’t turn counter-clockwise.
There’s only one copy of the private key, and as the owner of the box, you hold onto it.
There’s a second kind of key. You may have already guessed that it’s called the public key:
Like the private key, the public key also fits the lock, and it also has a special limitation — but a different one: it can only turn the lock counter-clockwise — from 3:00 to 12:00, or from 12:00 to 9:00. It doesn’t turn clockwise.
Unlike the private key, you give copies of the public key freely to other people. This lets them communicate with you.
Using the box and keys, two different things are possible:
People can send you secret messages. This is done with encryption.
You can send messages to people with proof that it was you who sent the message. This is done with digital signatures.
Sending secret messages with encryption
The idea behind sending secret messages is straightforward: you take the message and encrypt it (that is, scramble it so that it’s incomprehensible to other people), and then send it. The receiver gets the message, decrypts it (that is, performs the inverse of the operation that scrambled the message), restoring it to its original form and making it readable.
Think of encrypting the message as putting it in the special box and locking it. Think of decrypting the message as unlocking the box.
If you wanted to send a message to me, you’d use one of my boxes. Since it’s one of my boxes, I would have the private key for it, and I would have given you one of my public keys.
To send me the message so that only I would be able to read it, you’d put the message into the box and then lock it with my public key. Remember, the unlocked position is at 12:00, and public keys only turn counter-clockwise. When you lock it, you change the lock to the 9:00 position:
Once the box is locked, you’d ship it to me.
In order to read your secret message, I’d unlock the box using my private key. Remember, the lock is currently at the 9:00 position (locked), the unlocked position is at 12:00, and private keys only turn clockwise. When I unlock it, I return the lock to the 12:00 position:
With the box unlocked, I can now read the message you sent me.
Proving that I was the one who sent the message using a digital signature
I can also use one of my boxes to sign my messages in such a way that you know that they’re definitely from me and not some troll pretending to be me.
If I wanted to send you a message that was guaranteed to be from me, I’d use one of my boxes.
To send you a message in a way that proved that only I could have sent it, I’d put the message into the box and lock it with my private key. Remember, the unlocked position is at 12:00, and private keys only turn clockwise. When I lock it, you change the lock to the 3:00 position:
Once the box is locked, I’d ship it to you.
In order to confirm that the message was sent by me, you’d unlock the box using the public key I gave you. Remember, the lock is currently at the 3:00 position (locked), the unlocked position is at 12:00, and public keys only turn counter-clockwise. When you unlock it, you return the lock to the 12:00 position:
You can rest assured that I sent the message, because in the digital signature scenario, only my private key could’ve locked the box that you unlocked with my public key.
It’s all math
You may have to remind people that the box isn’t actually a box, the things that we call the private key and public key are just really large numbers, and that encryption and digital signing are just some fancy math operations that are performed on your message (which is really just a bunch of numbers) using the private and public keys.
Analogies often have limits, and it wasn’t long before my computer science prof, Dr. Robin Dawes(pictured to the right), pointed out a flaw in Vryonis’ analogy. With his help, combined with a suggestion from Matthew Ernest, I came up with a tweak, resulting in the analogy shown above. Thanks to all of them for their invaluable help!
It’s Monday, July 27th, which means that I’ve completed the Hardware 101 portion of the 5-week UC Baseline cybersecurity training program offered by Tampa Bay’s security guild, The Undercroft! Here’s a quick rundown of what I’ve posted so far about my experiences…
Day 4 of the Hardware 101 component of the UC Baseline cybersecurity program was all about security for the enterprise, which naturally included topics such as servers. Not everyone in the class has had the opportunity to tour a server room or data center, and this was their chance to see these machines up close.
Unlike the previous days, we did not attempt to dismantle and then reassemble the servers — this was a “look, but don’t touch” sort of lesson.
We also had a guest lecturer who gave us a pretty thorough walkthrough of the sorts of things involved in an enterprise server/data center setup, some of which went way over my head. I don’t see a sysadmin/system architect role in my future, but it might not hurt for me to do some supplementary reading on this topic.
Day 5 was the final day of Hardware 101 and started with something that I’ve always been terrible at: Making networking cables.
We also spent some time looking over all sorts of intrusion devices, such as the incredibly cute “Pwnagotchi”, a Raspberry Pi Zero-based device that “listens” to wifi chatter to feed its machine learning program in order to figure out wifi passwords.
It uses an e-paper screen, which is quite legible and consumes little power.
It’s incredibly small:
Here’s a Pwnagotchi beside a U.S. quarter for size reference:
A great way to steal information to gain access to people’s accounts and systems is to set up a fake wifi hotspot at a place that offers free wifi, such as Starbucks. That’s what the Wifi Pineapple is for — people connect to it, thinking they’re connecting to Starbucks wifi. You route their signals through to the real Starbucks wifi, but you’re the go-between, and can “see” everything that your marks are sending on the internet: the data they’re passing back and forth, including stuff like user IDs and passwords:
It sends out a signal that causes devices currently connected to wifi to disconnect. You could use it in tandem with a Wifi Pineapple to force people to disconnect from the real wifi and then connect to the Pineapple instead, enabling you to read their internet communications.
If you really want to “sniff” all the wifi traffic in the room, you’ll want one of these — a high-gain antenna system hooked to a network interface controller (NIC) that reads signals in “promiscuous mode”, a capability that’s disabled in most NICs. In promiscuous mode, you can capture all wifi traffic instead of the bits of data that you’re authorized to receive. It’s a good network diagnostics tool — and it’s also useful for getting up to no good:
And finally, the Shark Jack. Plug it into someone’s network, either via the ethernet jack or USB, and it will execute scripts to get a map of the network or even deliver a payload somewhere onto the system:
It’s basically a real-world version of the device that Tony Stark slipped onto the command console of the SHIELD helicarrier in the first Avengers movie (it’s at the 0:44 mark):
I may have to invest in one of those bad boys. For research purposes, you understand.
We also had a guest lecturer who delivered a very thorough and informative presentation on getting started in cybersecurity. I’ll have to post notes on it later:
For the benefit of my classmates in the UC Baseline program (see this earlier post to find out what it’s about), I’m posting a regular series of notes here on Global Nerdy to supplement the class material. As our instructor Tremere said, what’s covered in the class merely scratches the surface, and that we should use it as a launching point for our own independent study.
There was a lot of introductory material to cover on day one of the Hardware 101 portion of the program, and there’s one bit of basic but important material that I think deserves a closer look, especially for my fellow classmates who’ve never had to deal with it before: How binary and hexadecimal numbers are related.
Here’s the same number, expressed in base 2, a.k.a. the binary system: 1010001111011100101101001.
That’s the problem with binary numbers: Because they use only two digits, 0 and 1, they grow in length extremely quickly, which makes them hard for humans to read. Can you tell the difference between 100000000000000000000000 and 1000000000000000000000000? Be careful, because those two numbers are significantly different — one is twice the size of the other!
(Think about it: In the decimal system, you make a number ten times as large by tacking a 0 onto the end. For the exact same reason, tacking a 0 onto the end of binary number doubles that number.)
Hexadecimal is an easier way to write binary numbers
Once again, the problem is that:
Binary numbers, because they use only two digits — 0 and 1 — get really long really quickly, and
Decimal numbers don’t convert easily to binary.
What we need is a numerical system that:
Can represent really big numbers with relatively few characters, and
Converts easily to binary.
Luckily for us, there’s a numerical system that fits this description: Hexadecimal. The root words for hexadecimal are hexa (Greek for “six”) and decimal (from Latin for “ten”), and it means base 16.
Using 4 binary digits, you can represent the numbers 0 through 15:
Hexadecimal is the answer to the question “What if we had a set of digits that represented the 16 numbers of 0 through 15?”
Let’s repeat the above table, this time with hexadecimal digits:
Hexadecimal gives us easier-to-read numbers where each digit represents a group of 4 binary digits. Because of this, it’s easy to convert back and forth between binary and hexadecimal.
Since we’re creatures of base 10, we have the single characters to represent the digits 0 through 9, but no single character to represent 10, 11, 12, 13, 14, and 15, which are digits in hexadecimal. To work around this problem, hexadecimal uses the first 6 letters from the Roman alphabet: A, B, C, D, E, and F.
How to indicate if you’re writing a number in decimal, binary, or hexadecimal form
Because we’re base 10 creatures, we simply write decimal numbers as-is:
To indicate that a number is in binary, we prefix it with the number zero followed by a lowercase b:
#Thiswill print"49833"inthe console
Or if you prefer, Python:
# This will print "49833" in the console
To indicate that a number is in hexadecimal, we prefix it with the number zero followed by a lowercase x:
#Thiswill print"49833"inthe console
# Both of these will print "49833" in the console
Common grouping of binary numbers and hexadecimal
4 bits: A half-byte, tetrade, or nybble
A single hexadecimal digit represents 4 bits, and my favorite term for a group of 4 bits is nybble. The 4 bits that make up a nybble can represent the numbers 0 through 15.
“Nybble” is one of those computer science-y jokes that’s based on the fact that a group of 8 bits is called a byte. I’ve seen the terms half-byte and tetrade also used.
8 bits: A byte
Two hexadecimal digits represent 8 bits, and a group of 8 bits is called a byte. The 8 bits that make up a byte can represent the numbers 0 through 255, or the numbers -128 through 127.
In the era of the first general-purpose microprocessors, the data bus was 8 bits wide, and so byte was the standard unit of data. Every character in the ASCII character set can be expressed in a single byte. Each of the 4 numbers in an IPv4 address is a byte.
16 bits: A word
Four hexadecimal digits represent 16 bits, and a group of 16 bits is most often called a word. The 16 bits that make up a word can represent the numbers 0 through 65,535 (a number sometimes referred to as “64K”), or the numbers -32,768 through 32,767.
If you were computing in the late ’80s or early ’90s — the era covered by Windows 1 through 3 or Macs in the classic chassis — you were using a 16-bit machine. That meant that it stored data a word at a time.
32 bits: A double word or DWORD
Eight hexadecimal digits represent 32 bits, and a group of 32 bits is often called a double word or DWORD; I’ve also heard the unimaginative term “32-bit word”. The 32 bits that make up a word can represent the numbers 0 through 4,294,967,295 (a number sometimes referred to as “4 gigs”), or the numbers −2,147,483,648 through 2,147,483,647.
32-bit operating systems and computers came about in the mid-1990s. Some are still in use today, although they’d now be considered older or “legacy” systems.
The IPv4 address system uses 32 bits, which means that it can represent a maximum of 4,294,967,29 internet addresses. That’s fewer addresses than there are people on earth, and as you might expect, we’re running out of these addresses. There are all manner of workarounds, but the real solution is for everyone to switch to IPv6, which uses 128 bits, which allows for over 3 × 1038 addresses — enough to assign 100 addresses to every atom on the surface of the earth.
64 bits: A quadruple word or QWORD
16 hexadecimal digits represent 64 bits, and a group of 64 bits is often called a quadruple word, quad word, or QWORD; I’ve also heard the unimaginative term “64-bit word”. The 64 bits that make up a word can represent the numbers 0 through 18,446,744,073,709,551,615 (about 18.4 quintillion), or the numbers -9,223,372,036,854,775,808 to 9,223,372,036,854,775,807 (minus 9.2 quintillion through 9.2 quintillion).
If you have a Mac and it dates from 2007 or later, it’s probably a 64-bit machine. macOS has supported 32- and 64-bit applications, but from macOS Catalina (which came out in 2019) onward, it’s 64-bit only. As for Windows-based machines, if your processor is an Intel Core 2/i3/i5/i7/i9 or AMD Athlon 64/Opteron/Sempron/Turion 64/Phenom/Athlon II/Phenom II/FX/Ryzen/Epyc, you have a 64-bit processor.
Need more explanation?
The Khan Academy has a pretty good explainer of the decimal, binary, and hexadecimal number systems:
Hello, Tampa Bay techies, entrepreneurs, and nerds! Welcome to the weekly list of online-only events for techies, entrepreneurs, and nerds based in an around the Tampa Bay area.
Keep an eye on this post; I update it when I hear about new events, it’s always changing. Stay safe, stay connected, and #MakeItTampaBay!
Saturday: The Suncoast Developers Conference
Suncoast Developers Guild aren’t just a coding school — they’re a pillar of the Tampa Bay tech scene, and this place is all the better for their being around. Here’s one reason: they hold events like the upcoming Suncoast Developers Conference, which will happen online on Discord this Saturday, August 1, 2020.
At this free event, you’ll see Tampa Bay’s developers showcase and share their knowledge with others. They’ll cover all sorts of topics in bite-size (10 – 15 minute) presentations.
The conference will also feature some of Suncoast Developers Guild’s recent code school grads and their capstone projects. Get to know them, and if you like what you see and need more people in your organization, hire them!
Do you have an upcoming event that you’d like to see on this list?
If you know of an upcoming event that you think should appear on this list, please let me know!
Join the mailing list!
If you’d like to get this list in your email inbox every week, enter your email address below. You’ll only be emailed once a week, and the email will contain this list, plus links to any interesting news, upcoming events, and tech articles.
Join the Tampa Bay Tech Events list and always be informed of what’s coming up in Tampa Bay!