Mechanical Lock Threat Models

In a continuation my suite on threat modeling, this post will discuss lock threat models.  There are many high security locks that are intended to address the vulnerabilities of the standard pin-tumbler mechanism.  There is also a spectrum between bargain-basement hardware and expensive high-security locksets.  I understand that security doesn’t exist in a vacuum: though it would probably be a more secure world if everyone had a high security lock, it would also be a very expensive one.  Deciding on the right lock for your needs should be informed by a threat model.  Continue reading “Mechanical Lock Threat Models”

Gate Access Control: Doing It Wrong

I have several photos like the one below.  Friends who know me know that I like locks, and sometimes send these photos to me.  I occasionally run across a gaggle of locks like this, and perhaps you have, too.  There is a reason gates are sometimes locked like this.  This is a method of gate access control.  This gate protects a facility that must be accessed by multiple parties.  These parties may not want to share a key or combination with each other.  Parties may also arrive at infrequent periods to gain initial access.  The property manager can unlock his lock, introduce the new one into the chain, and grant repeated access.  There is a serious security issue with this arrangement, however. Continue reading “Gate Access Control: Doing It Wrong”

DIY Encrypted Email 4: In Practice

In Part I of this series we discussed the principles of rolling your own encrypted email.  Part II and Part III covered the installation and setup of the applications needed to make this happen.  Today we will begin talking about how to actually use all this “stuff”.  Installing the programs are the easiest parts of this process, but using it isn’t as daunting as it was just a few years ago.  Hopefully you have been using Thunderbird over the past week and have some comfort level with it. To begin using it to send and receive encrypted email, you will need someone to practice with.  This is a good reason and a good strategy to encourage others to use encryption!

Continue reading “DIY Encrypted Email 4: In Practice”

ITRH Interview & Bugout Backup

I haven’t written much about data backups here before, but they are incredibly important.  Everyday, run-of-the-mill data loss can range from frustrating to devastating. In the midst of a natural disaster the impact of personal data loss may be compounded as you are trying to deal with much more basic needs.  I am proud to be a guest on the In The Rabbit Hole Urban Survival Podcast this week (the episode will air today and can be found here).  Aaron and I talked about backing up the documents you may need to have on hand in an emergency, or what I call the “Bugout Backup”.  I also mentioned how to store and protect this information with encryption.  Our first topic was why having this information is important.

Continue reading “ITRH Interview & Bugout Backup”

DIY Encrypted Email 3: GPG and Enigmail

In the last part of this installment we discussed importing mail into the Thunderbird mail client.  Now that our email has been taken out of the browser, we can begin adding the cryptographic elements.  The first of these is GPG (Gnu Privacy Guard).  GPG is an open source implementation of PGP.  It will provide the actual encryption used for our emails. The next step is to install an add-on to Thunderbird called Enigmail.  Enigmail will provide the interface, allowing Thunderbird to use GPG’s encryption.  Installing and setting up GPG and Enigmail is the first order of business in this post.


Different operating systems require different versions of GPG.  If you are using Windows you will install GPG4Win.  If you are using OS X you will install GPG Suite.  If you are using Linux, you can probably skip this step because GPG comes standard with most distros.  If you do need to download it you can do so here.  After you have downloaded the application, begin the setup process.  You will be prompted to provide your administrator password and select a language.  After you have done so you should see screens depicted in the following screenshots.

On the third screen you will be asked which components of GPG you wish to install.  I generally choose to make my installation as light as possible.  I uncheck everything except “GnuPG” and the “Compendium”.  The other components provide powerful capabilities, but they are superflous for our purposes.

GPG and Enigmail


The next step is to install Enigmail.  Since it is only a extension to Thunderbird this is an easy installation.  First, open Thunderbird.  Next, click the hamburger icon, and then click “Add-ons”.

GPG and EnigmailClick the search bar in the Add-ons menu and type “Enigmail”.

GPG and EnigmailClick install button for Enigmail.  It will begin downloading.

GPG and EnigmailAfter Enigmail is installed, you will be prompted to restart Thunderbird.  After a restart you will be ready to being creating your key pair.

GPG and Enigmail


With GPG and Enigmail installed, you are ready to begin creating your key(s).  When Thunderbird restarts the Enigmail Setup Wizard will begin walking you through the process of key generation.  This is not an overly complicated process, and Enigmail will automate most of it.  With the “Start setup now” radio button checked, click “Next”.

GPG and EnigmailOn the next screen select “I prefer an extended configuration”.  On the next screen check “I want to create a new key pair for signing and encrypting my email”.  The next screen will prompt you to enter a password.  I recommend that you take some time to enter a good password.  This password can never be changed, so take the time now.  After clicking the “Next” the key generation process will begin.

GPG and Enigmail

After the keys have been generated you will be prompted to generate a Revocation Certificate.  A revocation certificate allows you to revoke your keys if they are compromised in the future (leading to compromise of communications encypted with them).  This ensures that if you lose control of your private key you can still maintain control of the communications.  We will discuss how to revoke a certificate in a future post on the topic.  Ensure you store the revocation certificate in a secure location.

GPG and Enigmail

Now that we have installed GPG and Enigmail and setup a keypair, we are ready to being exchanging encrypted emails.  We will cover this in the next segment, so stay with me!

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

DIY Encrypted Email 2: Thunderbird

This is the second in a multi-part series on setting up your own email encryption.  Today we will cover installing and setting up Mozilla Thunderbird.  Thunderbird is a desktop mail client that allows you to access your email from a platform other than the browser.  This is a necessary step because of the vulnerabilities inherent in internet browsers.  Thunderbird is popular (I am far from the first person to post a Thunderbird tutorial) and capable.  For our purposes it will be used to remove email (and crypto) from the browser into a more secure environment. Continue reading “DIY Encrypted Email 2: Thunderbird”

DIY Encrypted Email 1: The Basics

As promised in my post on email threat models, today I am going to begin a series on DIY encrypted email.  As I discussed in the email threat modeling post, this is the most secure email encryption available.  Before we get into the “how to” portion of this, it is important to first understand asymmetric encryption. Email encryption relies on a wholly different encryption model than that used to protect data-at-rest.  Encrypting email and web traffic relies on asymmetric encryption (also known as public key cryptography).  One of the classic problems with encryption for communications is “key exchange”. It would be simple to encrypt  a PDF and email it to someone.  However, it would be difficult to exchange the password for that file without sending it unencrypted.  Sending it plaintext leaves the password vulnerable to interception.  This compromises the integrity of the entire system.  But there is a better way. Continue reading “DIY Encrypted Email 1: The Basics”

Gmail Two Step Verification Pt. 4

Welcome to the 4th and final installment of this series on Gmail Two Step Verification. This part will cover “App passwords”.  App passwords are an extremely handy function of the Gmail Two Step system.  The allow you to create custom, one-time passwords for two-factor accounts, that can be used on certain apps.  This option is only available if you have two-factor authentication enabled.  It allows you to login on apps that do not accept two factor tokens (the unique, six-digit code).  An good example of this is the iPhone’s native mail application.  It can only accept a username and password.  To link your two-factor protected Gmail account you must create an App password.  Another good example that will come into play next week is the Thunderbird mail client.

App passwords also have an ancillary convenience benefit.  If you have a long password on your Gmail account (up to 99 characters are allowed), it is difficult to input on your mobile device.  App passwords are only 16 characters long and are composed only of letters and numbers.  These passwords are easily input on tiny electronic keyboards.  If you’re worried that this password will be used elsewhere – don’t.  They are only good for one login.  Once you’ve used it, it can’t be used elsewhere.  To get started, log into your Gmail account.  Click your avatar, the click the blue “My Account” button.  Navigate to Sign in and Security >> App Passwords.

Gmail Two Step Verification

Click the drop-downs and select the service (Mail, Calendar, Contacts, YouTube, or Other) you desire.  On the device drop down select the appropriate device (next week we will use “Custom” for Thunderbird).  Next, click “Generate”Gmail Two Step VerificationYour unique, one-time, 16-character password will appear.  At this point you should enter it into the password field of the application you are attempting to access.  You will NOT be able to access this password again, so if you close the window prematurely you will have to generate a new app password.

Gmail Two Step Verification

You can generate an unlimited number of app passwords.  I recommend that you create the bare minimum, and revoke old ones as soon as they are no longer needed.  When you revoke a passcode, the app that was logged into your account will be logged out.  To regain access with that app you must generate a new app password.  Gmail Two Step Verification

To revoke an app password, simply click “REVOKE”.  This password can no longer be used.  You should revoke any unused app passwords.  You should also revoke relevant app passwords immediately in the event you lose your device.Gmail Two Step VerificationRevoking Trusted Devices:  As I have mentioned earlier in this series, it is possible to designate some computers as “trusted”.  This means you will not be required to enter you second authentication factor when logging in from these machines.  I only recommend doing so on computers that are full disk encrypted OR that never leave your home.  There is a safety (NOT security) benefit to having one trusted device: if you lose your phone or security key you will still have access to your account.  You can then turn two step verification off until you recover your device.  To revoke trusted devices navigate to the Gmail Two Step Verification page.  Scroll to the bottom to “Devices you trust“.  Click “REVOKE ALL” and confirm.

Gmail Two Step Verification

I hope you have learned something and (maybe even) enjoyed this series.  This started as a single post until I realized the sheer immensity of Gmail Two Step Verification can be overwhelming (to reader and writer alike!).  As always, if there is something you’d like to see covered, don’t hesitate to let me know!

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Gmail Two Step Verification Pt. 3

In the third part of my series covering Gmail Two Step Verification I will talk about an advanced topic: the Security Key option.  The security key is a physical device that plugs into your computer’s USB port.  By far the most common and popular iteration of this concept is the Yubikey.  There are three current versions of this device: the Yubikey 4, the Yubikey Neo, and the Yubikey Nano†.  All of these devices have slightly different capabilities, but their core function is the same.  They serve as a strong second authentication factor.

To enable this option, you first need a U2F (Universal Second Factor)-capable device like a Yubikey.  Log into your Gmail account.  Click your avatar, then the blue “My Account” button.  Navigate to Sign-in and Security, and Two Step Verification.  Now scroll to and click “SET UP ADDITIONAL SECOND STEP“.

Gmail Two Step Verification

The next screen will give you some information about registering your Security Key.  Click “NEXT”.  Gmail Two Step Verification

You will be required to enter your password.  Enter it and click “Sign in”.  Ensure that your security key is NOT inserted at this point.Gmail Two Step Verification

On the next screen you will be prompted to register your security key.  This will require that you insert the security key.  When instructed, touch the top of it.  This will prompt it to transmit the unique code to Google.Gmail Two Step Verification

When the code is received and accepted you will see the screen below.  Be aware that this automatically makes the security key the default “second step”.  Gmail Two Step Verification

To login with the Security Key, enter your username and password.  You will be presented with the screen shown below.  It will prompt you to insert your security key.  You must then physically touch the ring on top of the key.  This will transmit the unique code and verify your identity.  Gmail Two Step VerificationThe security key option is one of the most secure ways to use Gmail Two Step Verification.  Your security key will also work on a number of other services.  Dropbox, LastPass, Password Safe, and WordPress all support the Yubikey as a second authentication factor.  It can also be used to unlock your full disk encrypted computer – just don’t lose it!

Yubico recently sent me samples of the Yubikey 4 and Nano models.  Look for a full review soon.

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Email Threat Models

In a continuation of my suite on threat modeling, this post will address email threat modeling specifically.  Selecting an email provider (or set of email providers) can be difficult if privacy and security are your chief concerns.  Gmail is abyssmal when it comes to privacy, but even paid providers struggle to match its security.  Selecting an email provider for sensitive communications should be done based on your threat model(s), and you may end up maintaining several accounts for different purposes.  It is my hope that these threat models will provide some clarity into what threat(s) each email provider defends you against.  I also hope this helps you choose a setup that you are comfortable with. Continue reading “Email Threat Models”