aboutsummaryrefslogtreecommitdiff
path: root/build/blog/2014-11-28-going-diceware.html
diff options
context:
space:
mode:
authorneodarz <neodarz@neodarz.net>2017-04-28 00:30:19 +0200
committerneodarz <neodarz@neodarz.net>2017-04-28 00:30:19 +0200
commit9a88e9ff0385f66e7c565a394908503dc6e916ad (patch)
tree05ea8b356163f06c5fc99c2caf67fa8d3a28d67d /build/blog/2014-11-28-going-diceware.html
parentf1965c50670f611ef54f9471490d45a554f7d866 (diff)
downloadmy_new_personal_website-9a88e9ff0385f66e7c565a394908503dc6e916ad.tar.xz
my_new_personal_website-9a88e9ff0385f66e7c565a394908503dc6e916ad.zip
Site updated at 2017-04-28T00:29:42+02:00
source branch was at: f1965c50670f611ef54f9471490d45a554f7d866 Correct a link
Diffstat (limited to 'build/blog/2014-11-28-going-diceware.html')
-rw-r--r--build/blog/2014-11-28-going-diceware.html42
1 files changed, 42 insertions, 0 deletions
diff --git a/build/blog/2014-11-28-going-diceware.html b/build/blog/2014-11-28-going-diceware.html
new file mode 100644
index 00000000..271b46e0
--- /dev/null
+++ b/build/blog/2014-11-28-going-diceware.html
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="utf-8"/>
+<meta content="pandoc" name="generator"/>
+<meta content="Zhiming Wang" name="author"/>
+<meta content="2014-11-28T19:05:59-0800" name="date"/>
+<title>Going Diceware</title>
+<link href="/img/apple-touch-icon-152.png" rel="apple-touch-icon-precomposed"/>
+<meta content="#FFFFFF" name="msapplication-TileColor"/>
+<meta content="/img/favicon-144.png" name="msapplication-TileImage"/>
+<meta content="width=device-width, initial-scale=1" name="viewport"/>
+<link href="/css/normalize.min.css" media="all" rel="stylesheet" type="text/css"/>
+<link href="/css/theme.css" media="all" rel="stylesheet" type="text/css"/>
+</head>
+<body>
+<div id="archival-notice">This blog has been archived.<br/>Visit my home page at <a href="https://zhimingwang.org">zhimingwang.org</a>.</div>
+<nav class="nav">
+<a class="nav-icon" href="/" title="Home"><!--blog icon--></a>
+<a class="nav-title" href="/"><!--blog title--></a>
+<a class="nav-author" href="https://github.com/zmwangx" target="_blank"><!--blog author--></a>
+</nav>
+<article class="content">
+<header class="article-header">
+<h1 class="article-title">Going Diceware</h1>
+<div class="article-metadata">
+<time class="article-timestamp" datetime="2014-11-28T19:05:59-0800">November 28, 2014</time>
+</div>
+</header>
+<p>Today I'm officially going <a href="http://world.std.com/~reinhold/diceware.html">Diceware</a>. I published my simple C implementation of diceware on <a href="https://github.com/zmwangx/diceware">GitHub</a>.</p>
+<p>I've been using 1Password for a couple years now, and I've always been a bit worried about my master password. It's a ~30 byte monster with uppercase, lowercase letters, numbers, and special symbols. By any measure it is very safe. The problem is there are (extremely) personal things in there. I assembled several unrelated things that I (secretly) hold dearest to my heart, obfuscated them with rules not found in best64, and mixed with semi-gibberish. My daily login password is a combo similar in nature, with less obfuscation to facilitate typing. People who dig really deep into my identity might be able to compromise it (or not); I'm afraid that I'm more predictable than I thought I was. I know, the worry is pretty much unwarranted, as I’m not likely the target of a focused attack — I’m neither rich nor equipped with sensitive information or power, and for wide-range exploits, 99.9% of people are lower-hanging fruits. Even for a targeted attack, <a href="http://xkcd.com/538/">xkcd 538: Security</a> broke a crypto nerd’s imagination with a $5 wrench. However, a geek is a geek, you can’t block a geek’s imagination.</p>
+<p>Therefore, after worrying for so long, today I’m going Diceware. Eight diceware words give you at least 100 bits of true entropy. Unfortunately I don’t have a die, and don’t bother to get one. (Amazon Prime: get it Monday? No. Target, six miles away? No.) So I read my random bits from <code>/dev/urandom</code>. The C implementation is <a href="https://github.com/zmwangx/diceware">here</a>. By publishing this I’m announcing to the world that I’m using diceware. But I’m not afraid, since I’m now protected by true entropy that’s not compromised by publishing the scheme.</p>
+</article>
+<hr class="content-separator"/>
+<footer class="footer">
+<span class="rfooter">
+<a class="rss-icon" href="/rss.xml" target="_blank" title="RSS feed"><!--RSS feed icon--></a><a class="atom-icon" href="/atom.xml" target="_blank" title="Atom feed"><!--Atom feed icon--></a><a class="cc-icon" href="https://creativecommons.org/licenses/by/4.0/" target="_blank" title="Released under the Creative Commons Attribution 4.0 International license."><!--CC icon--></a>
+<a href="https://github.com/zmwangx" target="_blank">Zhiming Wang</a>
+</span>
+</footer>
+</body>
+</html>