|
|||||||||||
 | Project News: | ||||||||||
|
Currently... Once more the need for encrypted communications rears its head. Google and CIA Fund Political Precrime Technology Holy freaking cow there is a lot of stuff in this article! Yes they are looking at you and using wannabe gestapo to do it. Old news: It figures.... Not forgotten... CDT Wants US Gov't to Detail Computer Monitoring Program There is nothing new in Blackbird world. Some things are getting encrypted but by who or why is not known (that's the point). There is nothing planned. The sky is gray and the it's cold. The world chugs along in its melancholic stupidity as entropy reigns. Nevermore video tutorial in production. So far it's longer than expected. Originally assumed to be about 5 minutes in length, it's currently at 9 minutes and may go to 12. There is only video demonstration and text, no voice over, so it was though music would be played in this demo. But at that length, it's going to be a coin toss between the long version of Lady Godiva from Iron Butterfly or Rhyme of the Ancient Mariner from Iron Maiden. Thanks to being able to access existing Java classes from a JavaFX applet, initial tests with the Blackbird Core are proven a success. It's possible to deploy Blackbird in JavaFX without having to change applet. There is no decision yet regarding whether or not further development into JavaFX will be explored. After exactly 2 months of development, Nevermore is released today. This new One Time PAD encryption utility is not expected to cause the world to stop, but it should make use of this tough encryption system a little easier. Completion of Nevermore means there will be a short break from writing new programs while the next project is already in consideration. It's likely that the next project is going to be for running on the Android OS, however some additional consideration is being made for a program that takes naturally occuring randomness and generating PAD encryption keys from that. However someone is in desperate need of some sleep (and a boatload of rum). Nevermore nearing completion. Still final testing and building of the documentation. Trouble on MacX systems are expected however this will not be found in the core itself. So far it's not looking good for the Mac X platform as far as Nevermore is concerned, thanks to the usual reasons of the JRE lagging behind in development. This is why the String class and measured and compared in IF assertions as they are (this is for programmers, the rest of you non-geeks can go on worrying about other things). Android? Possibilities exist to put the Blackbird Core on Android. So far only an emulator is on hand (these things are expensive) however thanks to the Netbeans plugin for Android development, this endeavor is being looked into. Since text messaging appears to be all the rage with these new-fangled handheld devices (as we are stuck back in 1996 for the most part), why not be able to easily encrypt that? Stay tuned. So far all that remains is the tutorial and some more tests. However if there are any bugs in Nevermore or something it needs, at this point it's going to take some usage and some feedback, otherwise only bugs that are found will be worked on. For super-users there could be provided a chance to invoke the original PAD Encryption Control Panel. This is not currently the case (though it's in there). Also, because of the use of the Blackbird core, Nevermore could be capable of using Twofish, CodeMeter, WibuKey/Securikey, etc. These are not implemented as Nevermore intended for using PAD Key encryption. It's possible that the other Encryption Entities could get their own program? Only if there is a demand for it. However it's open source so if you can program, have at it! Possibilities for Android - at least a Twofish deployment would be nice, right? - can tie things up a bit but present situations call for a PSK31 implementation that might be added to Crow, and since there is no such thing as a random number, even the Mersenne Twister might have limits. Therefore the prospect of using White Noise (that is not white kids trying to rap) to generate random number sequences for PAD encryption might be in order. Something to simply take white noise and use it to make byte arrays of values - please (so simple). Nevermore in development. A new program to simplify use of PAD encryption is in development. Called Nevermore, it is a Java Application making use of "Drag and Drop" to speed things up a bit. Basic in design, it makes use of Java Beans that break down some of the GUI into smaller parts. The complete Blackbird Core, for having PAD Encryption within, will be deployed for it. The other encryption systems will be "on hand" but not interfaced currently. Nevermore, like Crow, is intended to be for simpler purposes. The Raven P2P program is not yet in full development mode. However this is intended, because some of the Nevermore elements are based on the initial designs for Raven. The technical work for one will carry into the other. The subject of asymmetric encryption in the Blackbird Core is dwindling lately. Because there are already some good asymmetric systems out there, such as PGP, adapting that to Blackbird might be reinventing the wheel. Blackbird was intended to be for secure communications between people who already know each other and have exchanged passwords manually. The soul of the project is PAD encryption, but the addition of the other entities was due to the nature of the project that makes encryption systems contained in classes or packages easy to add. Meanwhile, the CodeMeter system does have ECIES asymmetric encryption that could be implemented, but mastery of the API for that usage is still lacking. Some working code is available and intended for usage. The delay cometh from the use of the Blackbird core by the Crow program, which is helping to reveal shortcomings of Blackbird. The applet was intended to be used in browsers in those cases where a computer might not be a personal machine, so the pasting in and from of the panels was the best solution. However Crow continues to move things to the other direction, and the core is getting added features to accomodate that. The goal is to be able to always "drop" the Blackbird Core into Crow so that both endeavors remain identical. Therefore a user of Crow at home will be able to take to the road and still be able to use Blackbird. Something dark on the horizon... The regime gets a new ruler, but nothing changes much. This project stands under the banner of Liberty, and will press on. Crow is still being improved and the early stages of development for an encrypted "Instant Message" system are beginning. Ask and you shall receive: it would appear that the "face to face" password exchange approach for Blackbird Encryption is not totally practical. Face to Face means you go and meet the person you want to communicate with and give them the password by writing it on his thumb or something. Or with One Time PAD, exchanging the files on an actual thumb drive (the one you stick in the computer). Yet it would appear that people who have never met FTF want to send encrypted messages. Go figure. But passing keys around for Symmetric Encryption on open channels is never a good idea. In spite of there being numerous solutions available for this, Blackbird will incorporate this if a good open source provision is possible. Could it be that PGP has this already and nobody found it or are they so tied up in email programs that encrypting a simple message flatly is not possible? CodeMeter does have asymmetric encrption available however something more organic to the project is needed. Crow is the word. For this week. The application gets some major improvements to the handling of ID Password/Initialization vector storage, with encryption (no option), and the extra menu events for handling of these tasks. Some other minor improvements to the code and documentation. Rumor has it that Blackbird is to be adapted to Packet Radio but there is little more information on that available at this time. There is also a plan, once Crow is stable, to start a IRC or IM styled chat system using the Blackbird Core. No name for this yet (XMA). This is merely a shadow of a thought for now. Crow is completed and this raised the issue about downloadable distributions versus source code download, a new page was needed and all pages needed the link added. All of this is made available on October 8. What is so interesting about Crow is that it uses a drop-in of the Blackbird.jar file at its core, and is merely an application that wraps Blackbird for use outside of a browser. Very efficient. Whenever Blackbird is updated with new encryption algorithms, it can be "dropped in" to the Crow Distribution and only one line of code needs to be added to Crow to complete this process. Naturally the entire range of encryption entities are made available in Crow because it's drawn from Blackbird, but the source code for Crow is available for those who might need to tailor the program. A new utility to circumvent issues where the applet cannot be run (at either end) in in development. "Crow" will be a Java desktop application that will use the Core Blackbird Encryption Entities to encrypt and decrypt text. It will be capable of decrypting a new "flat" output of encryption entry that the applet is already being tested for. This will expand this encryption system beyond the applet, making the capability of encryption expand beyond the applet and browser approach. Also in consideration following the completion of Crow, will be a new online Chat program, also using encryption. Blackbird Deployment Mode 1 is a success - but more work needing to be done. The forums will use Blackbird in Mode 1 as this demonstrates a very fast means of deployment - the installation of one folder and one HTML file and it's ready to rock. The tutorials will need to be updated as well and I try to make this as simple as possible. Most vexing. Though Blackbird Mode 1 works, and the DOM elemements in the IFRAME can be modified by the anonymous Javascript call, forum tests failed because...... wait for it...... yes the forums, newer ones, don't allow HTML. Blackbird makes an HTML entry of the encrypted out. Forums use a subset of HTML, UBB Code, that gets converted to HTML when the pages load. Initial Tests of what is going to be "Mode 1 Blackbird" are successful. This is a deployment mode that uses IFRAMEs, and allows web administrators to use the applet without having to jimmy up the existing web pages. More definitive tests are scheduled to make sure this works, and that the Mode 0 deployment did not break. So far only the CodeMeter implementation has the mods so the other Encryption Entities need to be updated. So.... NOW they care about privacy in email. Today it was revealed that Governor Sarah Palin of Alaska, USA was a victim of hackers who apparently hacked her Yahoo account. As Glann Greenwald points out, it seems that finally there is some email snooping that the same people who cheered the Bush administration on for illegally reading emails of thousands of Americans care about. It's fun watching them wail and gnash their teeth over this. Make no mistake, this is not in favor of Obama, who has not made any notice of "change" in the right direction for respecting 4th Amendment rights either. It should be noted that Blackbird, if used on a webpage for web access email, could work well in helping keep data secure while it persists on the network. However Blackbird is originally designed for forums and blog posts, development is underway for multiple modes of operation that allow the applet to be more flexible in application, and thus easily adaptable. There are some plans for secure HTTPS email services using Blackbird with persistent server-side data remaining encrypted. Keep an eye on this web page. Blackbird bug fixed in WibuKey, now getting new deployment mode features. It was found on some, though not all systems, that the applet would crash if there was an attempt to test the WibuKey runtime on instantiating the encryption entity. This was doe to poor catching of the no DLL exception. Pressing onward. The website is still under construction as far as the forums are concerned, and meanwhile the CodeMeter implementation in Blackbird is getting some improvements. Currently CodeMeter encryption is only using a license entry in the device, but there is on hand an initialization vector that can be used for the Cypher Block Chaining algorithm locked deep within the device. The intention is to make further customization possible within the same license entry by allowing individual users to have their own initialization vectors. This could only be an added layer of security. This additional feature to the CodeMeter implementation looks much like the Twofish identifier-password entry and it's close. Twofish takes the password and builds and initialization vector from it for use in the CBC functions added to it, while CodeMeter build the key from the License Entry in the device but still uses an initialization vector for CBC. Further consideration of CodeMeter capability also involves asymmetric encryption which is more a part of the CmIdentity authentication system than that of encryption. This is a little known area of the CodeMeter system, and the interest here only goes so far as using the public key - private key pair generated by an eliptic curve algorithm. The potential for use here is that Blackbird users who use CodeMeter will be able to give their public key to others who can encrypt data with that key, and Blackbird will invoke the CodeMeter API to decrypt the information with the internal private key of the device. But so far the mastery of the API is lacking. | |||||||||||